Alexi5 icon indicating copy to clipboard operation
Alexi5 copied to clipboard

Published 20 hours ago verified publisher icon veegishx

[Snyk] Security upgrade discord.js from 12.2.0 to 14.0.0

Open veegishx opened this issue 1 year ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-NODEFETCH-2964180		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: discord.js The new version differs by 250 commits.
  • f0b7734 chore: bump dev version
  • b0a9131 chore(discord.js): release discord.js
  • 29be5b5 chore: deps
  • d677c31 chore: update dev versions
  • f6ef92a chore: release @ discordjs/builders, @ discordjs/collection, @ discordjs/proxy, @ discordjs/rest
  • 52a9e21 fix(GuildMemberManager): Allow setting own nickname (#8066)
  • b7e6238 test(builders): improve coverage (#8274)
  • cafde77 refactor(Util)!: rename `fetchRecommendedShards` (#8298)
  • b7d4e55 types(GuildFeature): allow feature strings to be passed (#8264)
  • 5aeed99 docs: align webhook method return types with implementation (#8253)
  • 452dec5 docs: Remove `@ private` constructor documentation (#8255)
  • 64f8140 refactor(Embed): Add all the types (#8254)
  • 33a7a5c types(CategoryChannelChildManager): fix Holds type (#8288)
  • edf83f0 chore: bump dev versions
  • 25bd771 chore(voice): release @ discordjs/[email protected]
  • f2ca0ca chore(rest): release @ discordjs/[email protected]
  • 6712de9 chore(collection): release @ discordjs/[email protected]
  • 28cd293 chore: update changelog
  • 3f5690a chore(builders): bump dev version
  • 015ab69 chore(builders): release @ discordjs/[email protected]
  • caecc57 chore: deps
  • 3bf30b1 fix(PermissionOverwriteManager): mutates user (#8283)
  • 103a358 refactor(rest): add content-type(s) to uploads (#8290)
  • bf65b37 types: remove `MemberMention` (#8292)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

veegishx avatar Jul 31 '22 20:07 veegishx