Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade: , peerjs, qrcode #134

Closed
wants to merge 1 commit into from
Closed

[Snyk] Upgrade: , peerjs, qrcode #134

wants to merge 1 commit into from

Conversation

akhil-rana
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

@types/node
from 16.18.96 to 16.18.105 | 9 versions ahead of your current version | a month ago
on 2024-08-09
peerjs
from 1.4.7 to 1.5.4 | 9 versions ahead of your current version | 4 months ago
on 2024-05-14
qrcode
from 1.5.3 to 1.5.4 | 1 version ahead of your current version | a month ago
on 2024-08-05

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Denial of Service (DoS)
SNYK-JS-WS-7266574		 482 Proof of Concept
high severity Denial of Service (DoS)
SNYK-JS-WS-7266574		 482 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-TERSER-2806366		 482 No Known Exploit
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-TERSER-2806366		 482 No Known Exploit
medium severity Denial of Service (DoS)
SNYK-JS-NWSAPI-2841516		 482 No Known Exploit
critical severity Improper Verification of Cryptographic Signature
SNYK-JS-ELLIPTIC-7577916		 482 Proof of Concept
critical severity Improper Verification of Cryptographic Signature
SNYK-JS-ELLIPTIC-7577917		 482 Proof of Concept
critical severity Improper Verification of Cryptographic Signature
SNYK-JS-ELLIPTIC-7577918		 482 Proof of Concept
high severity Prototype Pollution
SNYK-JS-JSONSCHEMA-1920922		 482 No Known Exploit
medium severity Reverse Tabnabbing
SNYK-JS-ISTANBULREPORTS-2328088		 482 No Known Exploit
medium severity Prototype Pollution
SNYK-JS-JSON5-3182856		 482 Proof of Concept
Release notes
Package name: @types/node
  • 16.18.105 - 2024-08-09
  • 16.18.104 - 2024-07-23
  • 16.18.103 - 2024-07-18
  • 16.18.102 - 2024-07-16
  • 16.18.101 - 2024-06-20
  • 16.18.100 - 2024-06-19
  • 16.18.99 - 2024-06-17
  • 16.18.98 - 2024-06-03
  • 16.18.97 - 2024-05-06
  • 16.18.96 - 2024-04-09
from @types/node GitHub release notes
Package name: peerjs
  • 1.5.4 - 2024-05-14

    1.5.4 (2024-05-14)

    Bug Fixes

  • 1.5.3 - 2024-05-11

    1.5.3 (2024-05-11)

    Bug Fixes

  • 1.5.3-rc.1 - 2024-04-27

    1.5.3-rc.1 (2024-04-27)

    Bug Fixes

    • close event was not triggered reliably (#860) (ec1d5ae), closes #636
    • datachannel: sending order is now preserved correctly (18d491a), closes #746
    • navigator is not defined (305a180)
    • navigator is not defined. (6f85dd3)
    • remove need for unsafe-eval (f1857fe)
  • 1.5.2 - 2023-12-05

    1.5.2 (2023-12-05)

    Bug Fixes

  • 1.5.2-rc.1 - 2023-12-03

    1.5.2-rc.1 (2023-12-03)

    Bug Fixes

    • close event was not triggered reliably (#860) (ec1d5ae), closes #636
    • datachannel: sending order is now preserved correctly (18d491a), closes #746
    • support Blobs nested in objects (7956dd6), closes #1163
  • 1.5.1 - 2023-09-23

    1.5.1 (2023-09-23)

    Bug Fixes

    • convert Blobs to ArrayBuffers during .send() (95bb0f7), closes #1137
    • convert Blobs to ArrayBuffers during .send() (#1142) (094f849)
  • 1.5.0 - 2023-09-03

    1.5.0 (2023-09-03)

    Bug Fixes

    • datachannel: sending order is now preserved correctly (#1038) (0fb6179), closes #746
    • deps: update dependency @ swc/helpers to ^0.4.0 (a7de8b7)
    • deps: update dependency cbor-x to v1.5.4 (c1f04ec)
    • deps: update dependency eventemitter3 to v5 (caf01c6)
    • deps: update dependency peerjs-js-binarypack to v1.0.2 (7452e75)
    • deps: update dependency webrtc-adapter to v8 (431f00b)
    • deps: update dependency webrtc-adapter to v8.2.2 (62402fc)
    • deps: update dependency webrtc-adapter to v8.2.3 (963455e)
    • MediaConnection: close event is fired on remote Peer (0836356), closes #636 #1089 #1032 #832 #780 #653
    • npm audit: Updates all dependencies that cause npm audit to issue a warning (6ef5707)

    Features

    • .type property on Errors emitted from connections (#1126) (debe7a6)
    • PeerError from connections (ad3a0cb)
    • DataConnection: handle close messages and flush option (6ca38d3), closes #982
    • MediaChannel: Add experimental willCloseOnRemote event to MediaConnection. (ed84829)
    • MsgPack/Cbor serialization (fcffbf2)
    • MsgPack/Cbor serialization (#1120) (4367256), closes #611
  • 1.5.0-rc.1 - 2023-08-14

    1.5.0-rc.1 (2023-08-14)

    Bug Fixes

    • datachannel: sending order is now preserved correctly (#1038) (0fb6179), closes #746
    • deps: update dependency peerjs-js-binarypack to v1.0.2 (7452e75)
    • deps: update dependency webrtc-adapter to v8.2.2 (62402fc)
    • deps: update dependency webrtc-adapter to v8.2.3 (963455e)
    • MediaConnection: close event is fired on remote Peer (0836356), closes #636 #1089 #1032 #832 #780 #653

    Features

    • DataConnection: handle close messages and flush option (6ca38d3), closes #982
    • MediaChannel: Add experimental willCloseOnRemote event to MediaConnection. (ed84829)
    • MsgPack/Cbor serialization (fcffbf2)
  • 1.4.8-rc.1 - 2023-02-25

    1.4.8-rc.1 (2023-02-25)

    Bug Fixes

    • close event was not triggered reliably (#860) (ec1d5ae), closes #636
    • datachannel: sending order is now preserved correctly (18d491a), closes #746
    • deps: update dependency @ swc/helpers to ^0.4.0 (a7de8b7)
    • deps: update dependency eventemitter3 to v5 (caf01c6)
    • deps: update dependency webrtc-adapter to v8 (431f00b)
    • npm audit: Updates all dependencies that cause npm audit to issue a warning (6ef5707)
  • 1.4.7 - 2022-08-09

    1.4.7 (2022-08-09)

    Bug Fixes

    • browser-bundle: Leaked private functions in the global scope (857d425), closes #989
from peerjs GitHub release notes
Package name: qrcode from qrcode GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • Snyk has automatically assigned this pull request, set who gets assigned.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade multiple dependencies with Snyk
c200739 
Snyk has created this PR to upgrade:
  - @types/node from 16.18.96 to 16.18.105.
    See this package in npm: https://www.npmjs.com/package/@types/node
  - peerjs from 1.4.7 to 1.5.4.
    See this package in npm: https://www.npmjs.com/package/peerjs
  - qrcode from 1.5.3 to 1.5.4.
    See this package in npm: https://www.npmjs.com/package/qrcode

See this project in Snyk:
https://app.snyk.io/org/akhil-rana/project/c2535f5a-2902-4b59-a336-3e75871af2b4?utm_source=github&utm_medium=referral&page=upgrade-pr
@akhil-rana akhil-rana self-assigned this Sep 7, 2024
@cloudflare-workers-and-pages Cloudflare Workers and Pages
Copy link

cloudflare-workers-and-pages bot commented Sep 7, 2024
edited
Loading

Deploying peerivate with  Cloudflare Pages  Cloudflare Pages

Latest commit: c200739
Status:🚫  Build failed.

View logs

@akhil-rana akhil-rana closed this Sep 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@akhil-rana akhil-rana

Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@akhil-rana @snyk-bot