spyglass-cli icon indicating copy to clipboard operation
spyglass-cli copied to clipboard

Published 20 hours ago verified publisher icon spyglasshq

[Snyk] Security upgrade snowflake-sdk from 1.9.2 to 1.9.3

Open spyglass-software opened this issue 7 months ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 631/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 6.2		 Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: snowflake-sdk The new version differs by 18 commits.
  • 9affcd0 MINOR Version bump from 1.9.2 to 1.9.3 (#753)
  • ff85fd8 SNOW-1003123: Revert "Set no-unused-vars rule to error" (#751)
  • 857663e Revert "Bumped MINOR driver version from 1.9.2 to 1.9.3 (#750)" (#752)
  • 09fbdc6 Bumped MINOR driver version from 1.9.2 to 1.9.3 (#750)
  • 34a4911 SNOW-974649: Multiple SAML Integrations Support for NodeJS (#743)
  • 34e3006 SNOW-993553: Add host parameter (#749)
  • 75a93fa Revert commit of reuse storage clients (#747)
  • dc4536d SNOW-1001672 bump `axios` to 1.6.5 (#744)
  • c1a512c SNOW-993512: [snowflake-connector-nodejs] Remove the tmp package from the driver
  • 29c12d1 SNOW-925990 add logging for mapping resultset columns (#715)
  • 7207966 SNOW-984450: Set ESLint rules to error (#733)
  • b092fb8 Reuse storage clients + destroy when no longer needed (fixes #734) (#735)
  • 65f8670 SNOW-963399 Add unique test identifier in testPutGet.js (#739)
  • 49d0e7b SNOW-982481 Drop obsolete time sync for macos builds (#732)
  • de11cb3 SNOW-984450: Set ESLint rules to error (#731)
  • 2451c5e SNOW-984450: Set error on autofixable ESLint rules (#728)
  • 4dc3701 SNOW-988855: Remove outdated default comment (#729)
  • c2ffc19 SNOW-974606 handle SESSION_TOKEN_EXPIRED error when destroying connection (#726)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

spyglass-software avatar Jan 18 '24 18:01 spyglass-software