egg-boilerplate-d-ts icon indicating copy to clipboard operation
egg-boilerplate-d-ts copied to clipboard

Published 20 hours ago verified publisher icon whxaxes

[Snyk] Security upgrade egg from 2.37.0 to 3.23.0

Open whxaxes opened this issue 9 months ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 631/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 6.2		 Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: egg The new version differs by 161 commits.
  • d68ab6a Release 3.23.0
  • 9bf5f22 feat: use utility@2 (#5312)
  • ad1591b Release 3.22.0
  • a6ebe0f feat: app.httpClient alias to app.httpclient (#5304)
  • 23866ad test: add some missing unit tests for 'convertObject' (#5303)
  • abd1490 Release 3.21.0
  • 794d7f3 feat: tiny improvements for "convertValue" (#5302)
  • 84b162f docs: Fixed asynchronous error in NewsService list method by adding 'async' and 'await' (#5301)
  • 9957b9c Release 3.20.0
  • 61cd51d feat: urllib-next alias to npm:urllib (#5299)
  • 20702ad chore(site): add link of artus.js (#5298)
  • c5e53b8 doc: add revert doc (#5296)
  • 15fb67b docs: add missing paramter to meet the explaination (#5293)
  • 1a3c3eb Release 3.19.0
  • 77b5249 docs: modify the docs to make them better (#5292)
  • d771fdf chore: use actions/checkout@v4 (#5291)
  • d73046b feat: 优化中文文档表达 (#5290)
  • af2e543 Release 3.18.0
  • 1fd79a2 feat: auto set custom logger with onelogger (#5287)
  • 4471807 docs: Create SECURITY.md (#5252)
  • 1e29b79 Release 3.17.7
  • 4c24dac fix: omit koa application ctxStorage and currentContext define (#5285)
  • fcf3b73 Release 3.17.6
  • 17ee60b fix: typo on index.d.ts (#5284)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

whxaxes avatar May 09 '24 03:05 whxaxes