mus icon indicating copy to clipboard operation
mus copied to clipboard

Published 20 hours ago verified publisher icon whxaxes

[Snyk] Security upgrade egg-bin from 4.20.0 to 6.6.0

Open whxaxes opened this issue 1 year ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 631/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 6.2		 Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: egg-bin The new version differs by 104 commits.
  • 5216c6a Release 6.6.0
  • 018801a feat: should run ets on pkg.egg.declarations = true (#248)
  • 1845b15 Release 6.5.2
  • 6a2521a fix: ignore ExperimentalWarning on esm module (#241)
  • ec9ebc4 Release 6.5.1
  • f13df56 fix: use ts-node inside the egg-bin deps (#240)
  • 03e9f02 Release 6.5.0
  • 6ae1044 feat: support run test/cov on esm package (#239)
  • 6bb3dbb Release 6.4.2
  • 1e25880 fix: convert unhandled rejection to uncaught exception (#235)
  • a6d0b31 chore: update contributors
  • c5bcd97 Release 6.4.1
  • 38f1c6c fix: detect file changes on Windows (#234)
  • aa5f466 test: use node-modules/github-actions and add node 20
  • a037d3d chore: change `artus-cli` link (#231)
  • 4b1697b Release 6.4.0
  • 8818a3d feat: output cobertura report by default (#228)
  • ddf732f feat: append cobertura to support diff line coverage (#227)
  • 1ac1d4c Release 6.3.0
  • 9d6f835 feat: tsc target to ES2022 (#225)
  • 78c380f Release 6.2.0
  • 79ac210 feat: set target to ES2021 (#224)
  • f87810d Release 6.1.2
  • 8f1b709 fix: should support windows and Node.js 14 (#223)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

whxaxes avatar Jan 07 '24 17:01 whxaxes