wallet-guard-extension icon indicating copy to clipboard operation
wallet-guard-extension copied to clipboard

Published 20 hours ago verified publisher icon wallet-guard

[Snyk] Security upgrade posthog-js from 1.53.4 to 1.57.2

Open snyk-bot opened this issue 1 year ago • 0 comments

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

:sparkles: Snyk has automatically assigned this pull request, set who gets assigned.

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 556/1000
Why? Recently disclosed, Has a fix available, CVSS 5.4		 Cross-site Scripting (XSS)
SNYK-JS-POSTHOGJS-5595549		 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: posthog-js The new version differs by 21 commits.
  • 9f75a06 chore: Bump version to 1.57.2
  • 67e07eb fix: Remove API and JS urls (#630)
  • 2bd489f chore: Bump version to 1.57.1
  • bb057aa fix(decide): Make sure all stored properties are sent on first decide request (#633)
  • 5e9439d fix(identify): actually send $set_once on identify calls (#629)
  • da76ead chore: bump version to 1.57.0 (#628)
  • 21a66f5 feat: Added OS version to the OS details (#624)
  • 9774731 fix: Don't delete existing flags on decide errors (#621)
  • 6257540 chore: Bump version to 1.56.0
  • 81d2f45 feat: Allow custom masking of network events (#620)
  • 64f463c chore: Bump version to 1.55.2
  • 2c524a1 feat: Added idle timer to recordings (#626)
  • d7e75e3 docs: Add Nuxt 3 demo (#623)
  • a0cecfe chore: Bump version to 1.55.1
  • 85bcb69 fix: Script loading before DOM is ready (#618)
  • 3ab767d Expose options to mask text in session recording (#595)
  • 5d680ea chore: Bump version to 1.55.0
  • c8944ad feat(beta-management): Add opt-in and out functions (#616)
  • 8911bd7 chore: Bump version to 1.54.0
  • eb147fc release new version (#617)
  • c28d1a1 feat(flags): Allow adding person and group property overrides for flags (#613)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

👩‍💻 Set who automatically gets assigned

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

snyk-bot avatar Jun 13 '23 02:06 snyk-bot