newman-reporter-html icon indicating copy to clipboard operation
newman-reporter-html copied to clipboard

Published 20 hours ago verified publisher icon postmanlabs

[Snyk] Fix for 1 vulnerabilities

Open snyk-bot opened this issue 2 years ago • 0 comments

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5		 Prototype Pollution
SNYK-JS-ASYNC-2441827		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: newman The new version differs by 250 commits.
  • 1536c6b Merge branch 'release/5.3.1'
  • bfe1db6 Release v5.3.1
  • a2af1de Merge pull request #2881 from mrbusche/patch-1
  • 88afc3b Update packity dependency
  • ed49ee3 Update dependencies
  • 8bb50da Merge pull request #2892 from shreys7/feature/fix-postman-api-docs-link
  • 7c5af7d Fix docs link used for generating a postman api key
  • d7fec86 Update node to 16-alpine
  • 9844ffa Merge branch 'release/5.3.0'
  • 18e0b53 Merge branch 'release/5.3.0' into develop
  • 2538d5a Release v5.3.0
  • c7bc715 Update dependencies
  • 5a7b888 Merge pull request #2813 from postmanlabs/feature/cli-reporter-verbose-body
  • 834423f Merge branch 'develop' into feature/cli-reporter-verbose-body
  • 3a898b9 Merge pull request #2812 from postmanlabs/dependabot/npm_and_yarn/path-parse-1.0.7
  • 0b7b5e5 Update dependencies
  • 3fc0a26 Decrease the threshold for lines in unit tests coverage by 1%
  • 46b3e32 Fix unit test for options
  • fcd18a9 Fixed PR Review comments - https://github.com/postmanlabs/newman/pull/2813
  • 852b360 Update test/unit/options.test.js
  • 73f7ce2 Updated changelog for verbose CLI reporter upgrades
  • d2cffd0 Added more miscellaneous low value unit tests to see if I can reach the 75% mark
  • 56e7252 Fixed lints and tests. Made the CLI util test more accurate than static.
  • 96d31d7 The CLI reporter request handler genuinely needed cleaning

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

snyk-bot avatar Apr 07 '22 16:04 snyk-bot