pg-generator icon indicating copy to clipboard operation
pg-generator copied to clipboard

Published 20 hours ago verified publisher icon ozum

[Snyk] Security upgrade js-beautify from 1.9.1 to 1.14.1

Open snyk-bot opened this issue 2 years ago • 0 comments

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 479/1000
Why? Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-JSBEAUTIFY-2311652		 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: js-beautify The new version differs by 250 commits.
  • 13b9a54 Release: 1.14.1
  • ca785aa Merge remote-tracking branch 'origin/staging/main' into staging/release
  • 49fa82c Bump version numbers for 1.14.1
  • ef32da4 Update Changelog
  • cb20409 Merge pull request #1993 from mhnaeem/feature/add-cmd-enter-for-mac
  • 2df9f3e Fixing styling issues caught by CI
  • 1f425d6 Merge remote-tracking branch 'origin/main' into feature/add-cmd-enter-for-mac
  • 83f1bec Merge pull request #1996 from mhnaeem/bug/specify-black-package-version
  • cf8617a bug: fix psf/black package version
  • ab205a4 feature: allow mac users to use command+enter for submit button
  • 6a919cc Merge pull request #1973 from kevinbackhouse/GHSL-2021-113-fix-ReDoS-second-attempt
  • 19c5862 GHSL-2021-113: Fix ReDoS bug (second attempt).
  • 37098ba Merge pull request #1970 from beautify-web/revert-1968-GHSL-2021-113-fix-ReDoS
  • 229b237 Revert "GHSL-2021-113: fix ReDoS bug"
  • 4b3fb85 Merge pull request #1968 from kevinbackhouse/GHSL-2021-113-fix-ReDoS
  • 2024564 Merge branch 'main' into GHSL-2021-113-fix-ReDoS
  • 034172d GHSL-2021-113: fix ReDoS bug
  • f182350 Merge pull request #1967 from bitwiseman/task/normalize
  • baee71c Fix diff
  • ca29889 Update dependencies
  • e5f6c48 Add line end normalization
  • 157a3e0 Merge pull request #1966 from beautify-web/bitwiseman-patch-1
  • d7774d9 Update main.yml
  • 06aa63f Update main.yml

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

snyk-bot avatar Mar 29 '22 16:03 snyk-bot