This repository has been archived by the owner on Dec 16, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 520
Update dependencies to fix some vulnerabilities #1212
Open
striezel
wants to merge
9
commits into
assaf:master
Choose a base branch
from
striezel-stash:update-dependencies
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Commits on May 31, 2021
-
This fixes several vulnerabilities in lodash. - several prototype pollution issues in lodash - see <https://www.npmjs.com/advisories/1065> - see <https://www.npmjs.com/advisories/1523> - command injection vulnerability (CVE-2021-23337), see <https://www.npmjs.com/advisories/1673>
Configuration menu - View commit details
-
Copy full SHA for 467d2e2 - Browse repository at this point
Copy the full SHA 467d2e2View commit details -
This fixes a prototype pollution vulnerability in mixin-deep. See <https://www.npmjs.com/advisories/1013> for more information.
Configuration menu - View commit details
-
Copy full SHA for d381086 - Browse repository at this point
Copy the full SHA d381086View commit details
Commits on Jun 1, 2021
-
update union-value package to 1.0.1 + set-value to 2.0.1
Fixes a prototype pollution vulnerability in set-value, see <https://www.npmjs.com/advisories/1012> for more information.
Configuration menu - View commit details
-
Copy full SHA for 5cb2700 - Browse repository at this point
Copy the full SHA 5cb2700View commit details -
Fixes a regular expression denial of service vulnerability, see <https://www.npmjs.com/advisories/1488> for more info.
Configuration menu - View commit details
-
Copy full SHA for b2b7776 - Browse repository at this point
Copy the full SHA b2b7776View commit details -
This fixes an arbitrary code execution vulnerability, see <https://www.npmjs.com/advisories/1118> for more info.
Configuration menu - View commit details
-
Copy full SHA for f456435 - Browse repository at this point
Copy the full SHA f456435View commit details -
update hosted-git-info to version 2.8.9 (CVE-2021-23362)
Fixes a regular expression denial of service vulnerability, see <https://www.npmjs.com/advisories/1677> for more info.
Configuration menu - View commit details
-
Copy full SHA for 4d091ff - Browse repository at this point
Copy the full SHA 4d091ffView commit details -
update url-parse to 1.5.1 (CVE-2021-27515)
Fixes a path traversal vulnerability in url-parse. See <https://www.npmjs.com/advisories/1678> for more information.
Configuration menu - View commit details
-
Copy full SHA for bd4ed4e - Browse repository at this point
Copy the full SHA bd4ed4eView commit details -
update y18n to 3.2.2 (CVE-2020-7774)
This update fixes a prototype pollution vulnerability in y18n. See <https://www.npmjs.com/advisories/1654> for more information.
Configuration menu - View commit details
-
Copy full SHA for 8d219a8 - Browse repository at this point
Copy the full SHA 8d219a8View commit details
Commits on Jul 3, 2021
-
This fixes a prototype pollution vulnerability in ini. See <https://www.npmjs.com/advisories/1589> for more information.
Configuration menu - View commit details
-
Copy full SHA for 3dada46 - Browse repository at this point
Copy the full SHA 3dada46View commit details
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.