Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Security upgrade socket.io from 4.4.1 to 4.7.0 #2825

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

bot-linagora
Copy link

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to fix 2 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • twake/backend/node/package.json
  • twake/backend/node/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Denial of Service (DoS)
SNYK-JS-WS-7266574
  768  
high severity Uncaught Exception
SNYK-JS-SOCKETIO-7278048
  721  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Denial of Service (DoS)
🦉 Uncaught Exception

Copy link

Lines Statements Branches Functions
Coverage: 59%
59.3% (5301/8939) 50.47% (2249/4456) 59.03% (1304/2209)
Coverage Report (10%)
File% Stmts% Branch% Funcs% LinesUncovered Line #s
All files10.287.498.9510.46 
core/config0000 
   index.ts0000 
core/crypto83.8272.7366.6783.82 
   index.ts7571.4333.337537–49
   legacy.ts84.6262.55084.6214, 41
   v1.ts8577.781008526, 48, 62
   v2.ts86.9677.7810086.9626, 48, 65
core/platform/framework46.8831.585046.88 
   configuration.ts87.542.8610087.527
   event-bus.ts21.4302521.4319–43
   factory.ts16.670016.6720–28
   index.ts0000 
   logger.ts1005010010010–21
core/platform/framework/api10.322.7811.1110.57 
   application-configuration.ts0000 
   class.ts0000 
   component.ts000010–65
   constants.ts100100100100 
   container.ts000017–71
   context.ts0000 
   crud-service.ts39.132527.7842.8690–94, 102–167
   index.ts0000 
   lifecycle.ts0000 
   service-configuration.ts0000 
   service-definition.ts0000 
   service-interface.ts0000 
   service-options.ts0000 
   service-provider.ts0000 
   service-state.ts0000 
   service.ts1.75001.7524–131
core/platform/framework/decorators28.57033.3328.57 
   consumes.ts10001001003
   index.ts0000 
   prefix.ts00005–6
   service-name.ts00005–7
core/platform/framework/decorators/realtime83.0265.798584.31 
   created.ts10083.3310010031
   deleted.ts10083.3310010025
   index.ts83.3361.11759066
   saved.ts300503018–38
   updated.ts100100100100 
core/platform/framework/utils0000 
   component-utils.ts000015–107
   loader.ts00009–43
core/platform/services/database/services/orm62.538.4666.6764.52 
   utils.ts62.538.4666.6764.5218–31, 62–63, 89, 103
core/platform/services/database/services/orm/connectors/cassandra42.3733.338040.54 
   query-builder.ts88.3770.3784.6289.1927, 67–71, 127
   typeTransforms.ts1611.835016.2240–43, 48, 51, 57, 63–104, 112–173
core/platform/services/database/services/orm/decorators10080100100 
   column.ts100100100100 
   entity.ts1005010010023
   index.ts0000 
core/platform/services/knowledge-graph0000 
   api-client.ts000015–178
   index.ts000022–165
   types.ts0000 
core/platform/services/message-queue83.3371.8888.8987.5 
   api.ts83.3371.8888.8987.5165, 190, 201, 249–253
core/platform/services/realtime66.675066.6766.67 
   bus.ts7510066.677514
   types.ts505066.675021
services5005 
   global-resolver.ts5005134–225
services/applications010000 
   realtime.ts0100004–12
services/applications/entities12.5100012.5 
   application.search.ts0100006
   application.ts1010001014–101
   company-application.ts2010002012–27
services/applications/services0000 
   applications.ts000029–141
   company-applications.ts000031–182
   hooks.ts000021–92
   internal-event-to-hooks.ts00009–52
services/channels100100100100 
   types.ts0000 
   utils.ts100100100100 
services/channels/entities1.45001.45 
   channel-activity.ts000013–57
   channel-counters.ts100100100100 
   channel-member-read-cursors.ts01000012–26
   channel-member.ts000019–137
   channel-pending-emails.ts01000013–45
   channel.search.ts0100006
   channel.ts000017–105
   default-channel.ts01000012–33
   direct-channel.ts000018–46
   index.ts0000 
   member.ts0100004
   tab.ts000011–48
services/channels/services0000 
   tab.ts000024–135
services/channels/services/channel0.34000.35 
   realtime.ts00007–49
   service.ts0.36000.3766–983
   types.ts000033–65
services/channels/services/channel/default2.33002.35 
   listener.ts3.57003.5713–110
   service.ts1.72001.7536–256
services/channels/services/channel/pending-emails3.57003.7 
   service.ts3.57003.733–178
services/channels/services/member1.28001.31 
   realtime.ts00007–40
   service.ts1.32001.3690–910
services/channels/services/pubsub9.33009.33 
   index.ts01000011–22
   new-channel-activity.ts7.69007.6919–85
   new-direct-channel-message.ts4.17004.1714–87
   new-pending-emails-in-workspace-join-channels.ts20002019–51
   new-user-in-workspace-join-default-channels.ts16.670016.6718–52
   new-workspace.ts11.110011.1111–51
services/console5.26005.26 
   client-factory.ts16.670016.679–16
   service.ts000023–76
services/console/clients0000 
   internal.ts000034–105
   remote.ts000036–509
services/console/processing1001.02 
   merge.ts1001.0257–416
services/documents8.73009.48 
   const.ts100100100100 
   utils.ts8.33009.0540–84, 98–117, 126–128, 142–152, 162–167, 177–182, 198–231, 247–263, 281–301, 322–331, 350–445, 463–519, 541–574, 585–602, 613–627, 640–656, 671–684, 711–739, 759–805
services/documents/entities9.09009.09 
   drive-file.search.ts00005
   drive-file.ts7.1410007.1416–70
   drive-twake-tab.ts16.67100016.6711–27
   file-version.ts8.3310008.3311–54
services/documents/services0000 
   index.ts000055–838
services/documents/services/engine0000 
   extract-keywords.ts000013–77
   index.ts0100009–16
   save-keywords.ts000013–62
services/files28.570033.33 
   utils.ts28.570033.335–9, 20
services/files/entities0000 
   file.ts000010–51
services/files/services0000 
   index.ts000023–312
   preview.ts000018–65
services/files/web28.57100028.57 
   routes.ts28.57100028.578–50, 54, 58
services/files/web/controllers0000 
   files.ts000017–104
   index.ts0000 
services/messages/entities11.880011.88 
   message-channel-marked-refs.ts1010001011–50
   message-channel-refs-reversed.ts14.29100014.2911–38
   message-channel-refs.ts14.29100014.2911–38
   message-file-refs.ts8.3310008.3311–58
   message-files.search.ts2000206–28
   message-files.ts2510002513–22
   message-user-inbox-refs-reversed.ts16.67100016.6711–34
   message-user-inbox-refs.ts12.5100012.511–42
   message-user-marked_refs.ts1010001011–50
   messages.search.ts00008–38
   messages.ts1010001017–132
   threads.ts12.5100012.511–50
   user-message-bookmarks.ts14.29100014.2911–36
services/messages/services0.76000.79 
   messages-files.ts000018–168
   messages-operations.ts000025–299
   messages.ts0.32000.3375–1056, 1064
   threads.ts000030–302
   user-bookmarks.ts000027–100
   utils.ts12.120013.3321–23, 34–58, 69–72, 85–92
   views.ts000044–454
services/messages/services/engine0000 
   index.ts000035–110
services/messages/services/engine/processors/channel-marked0000 
   index.ts000015–41
services/messages/services/engine/processors/channel-view0000 
   index.ts000019–140
services/messages/services/engine/processors/files0000 
   index.ts000019–140
services/messages/services/engine/processors/links0000 
   index.ts000017–83
services/messages/services/engine/processors/message-to-hooks0000 
   index.ts000013–101
services/messages/services/engine/processors/message-to-notifications0000 
   index.ts000016–173
services/messages/services/engine/processors/system-activity-message0000 
   index.ts000011–49
services/messages/services/engine/processors/user-inbox0000 
   index.ts000022–89
services/messages/services/engine/processors/user-marked010000 
   index.ts0100009
services/messages/web50100050 
   realtime.ts501000504, 8, 12
services/messages/web/controllers0.5000.51 
   index.ts16.67002013–17
   messages.ts000054–522
   threads.ts000042–90
   user-bookmarks.ts000038–122
   views.ts000037–309
services/messages/web/controllers/views1.96002 
   recent-files.ts000019–28
   search-files.ts2.08002.1344–63, 77–210
services/notifications/entities31.031004.7631.03 
   channel-member-notification-preferences.ts37.5100037.515–33, 49
   channel-thread-users.ts33.331002033.3315–38
   index.ts0000 
   user-notification-badges.ts27.27100027.2720–63, 77
   user-notification-digest.ts2510002518–42
services/notifications/notifiers88.8910010088.89 
   index.ts0000 
   mobile-push.ts88.8910010088.8929
services/notifications/services0.9201.640.98 
   bages.ts000036–300
   channel-preferences.ts2.86003.0324–155
   channel-thread-users.ts000022–66
   digest.ts000019–161
   mobile-push.ts000013–57
   preferences.ts000026–141
   realtime.ts5010050504
services/notifications/services/engine010000 
   index.ts01000018–34
services/notifications/services/engine/processors40.132.950.9439.5 
   channel-member-created.ts000016–73
   channel-member-deleted.ts000015–95
   channel-member-updated.ts000014–49
   mark-channel-as-read.ts000011–64
   mark-channel-as-unread.ts000011–62
   mobile-push-notifications.ts000016–46
   new-channel-message.ts96.1575.7694.449632, 94
   push-to-users.ts68.8954.1771.4368.8939, 76–77, 131, 192–193, 206–209, 213–216
   reaction-notification.ts000020–128
services/online100100100100 
   constants.ts100100100100 
services/online/entities20100020 
   user-online.ts2010002012–31
services/online/pubsub0000 
   index.ts000010–25
   processor.ts000014–50
services/online/service0000 
   index.ts000019–172
services/previews60755065.22 
   utils.ts60755065.2210–13, 26, 31, 46, 65
services/previews/services/files/engine1.92002 
   clear.ts000012–46
   index.ts01000011–13
   service.ts2.7002.7819–116
services/previews/services/files/processing37.1734.6264.7137.5 
   image.ts000014–53
   office.ts10001012–27
   pdf.ts000011–42
   service.ts000021–69
   video.ts97.629010097.62127
services/previews/services/links/engine0000 
   index.ts0100007–9
   service.ts000013–78
services/previews/services/links/processing91.6766.6710091.67 
   image.ts1005010010014
   link.ts91.366.6710091.346, 56
   service.ts85.717010085.7133, 44
services/statistics100100100100 
   types.ts100100100100 
services/statistics/entities50100050 
   statistics.ts5010005029
services/statistics/pubsub11.110011.11 
   messages.ts11.110011.119–30
services/statistics/service0000 
   index.ts000016–67
services/tags/entities28.57100028.57 
   index.ts0000 
   tags.ts28.57100028.5718–41, 49
services/tags/services010000 
   tags.ts01000021–55
services/user010000 
   realtime.ts0100009–44
services/user/entities22.220022.22 
   company.ts5010005061
   company_user.ts2510002526–62
   device.ts5010005031
   external_company.ts5010005026
   external_user.ts5010005024
   user.search.ts00006–18
   user.ts9.09009.0931–146
services/user/services0000 
   companies.ts000049–351
services/user/services/external_links0000 
   index.ts000018–64
services/user/services/users0000 
   service.ts000051–392
services/user/web0000 
   types.ts0000 
services/workspaces010000 
   realtime.ts0100006–29
services/workspaces/entities37.50040 
   workspace.ts5010005049
   workspace_counters.ts100100100100 
   workspace_invite_domain.ts5010005029
   workspace_invite_tokens.ts5010005035
   workspace_pending_users.ts5010005036
   workspace_user.ts14.290016.6725–48
services/workspaces/services0000 
   workspace.ts000082–862
utils10.1103.9210.29 
   coalesce.ts00003–6
   company.ts00005–46
   counters.ts100011.1114–22
   files.ts17.50019.4414–16, 25–26, 38–55, 65, 75–80, 91–103
   handleError.ts00006–10
   messages.ts000010–110
   mime.ts100100100100 
   password-encoder.ts00007–80
   pick.ts100100100100 
   types.ts100100100100 
   users.ts000015–94
   uuid-reducer.ts250033.332–4, 11–13
   workspace.ts00007–46

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants