vue-crane
vue-crane copied to clipboard
Published
20 hours ago •
posrix
posrix
[Snyk] Security upgrade pm2 from 2.10.4 to 4.3.0
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- packages/server/package.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|
 |
Command Injection SNYK-JS-PM2-474345 |
Yes | Proof of Concept |
Commit messages
Package name: pm2
The new version differs by 250 commits.- 9ee8a0f [email protected]
- 956afe7 [email protected]
- 851c44c update changelog
- 03d0b28 Merge pull request #4662 from Timic3/fix/common-module-import
- d8a6d38 bump pm2-deploy
- 4d1aedf throttle cron test
- 8fae340 bump vizion
- b097dc2 pkg.json version bump
- 7a5da59 drop date-fns
- 195eb6e drop lodash lib
- 526756d 4.3.0
- 7323438 Add .cjs (common JS) as a viable extension
- d5d7f7b bump lodash
- 22b29a2 disable s390x testing for now
- 03f09ef filter_env to skip local env variables #4596
- 23c1e0d Merge branch 'master' into development
- 00c353c Merge pull request #4517 from bvsubhash/namespace-logs
- a016999 Merge pull request #4518 from bvsubhash/trigger-namespace-or-all
- bf582e1 Merge pull request #4561 from codpot/fix-disabling-logs
- 69984f0 chore fix schema.json
- bb67e0b Merge pull request #4589 from linux-on-ibm-z/s390x-travisCI
- 45db453 Merge pull request #4593 from adunkey/master
- e94cde8 Merge pull request #4615 from kevindoveton/development
- 73f8f4f Merge pull request #4629 from jlvcm/patch-2
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
📚 Read more about Snyk's upgrade and patch logic
