Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade soap from 0.13.0 to 0.29.0 #3

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade soap from 0.13.0 to 0.29.0 #3

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade soap from 0.13.0 to 0.29.0.

  • The recommended version is 19 versions ahead of your current version.
  • The recommended version was released 2 months ago, on 2019-07-26.

The recommended version fixes:

Severity Title Issue ID
Prototype Pollution SNYK-JS-LODASH-450202
Prototype Pollution SNYK-JS-LODASH-73638
Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-73639
Prototype Pollution npm:lodash:20180130
Release notes
  • 0.29.0 - 2019-07-26
    • [ENHANCEMENT] Added Options object for signer.computeSignature (#1066)
    • [FIX] Prototype pollution in lodash versions <=4.17.11. Hence, updating lodash version to ^4.17.15 in package.json and package-lock.json (#1085)
    • [FIX] Fix known vulnerabilities found by npm audit (#1083)
    • [FIX] Adjusts URL detection to be case insensitive (#1082)
    • [FIX] Fixed issue causing error message, "TypeError: Cannot read property 'output' of undefined" (#1081)
  • 0.28.0 - 2019-06-20
    • [ENHANCEMENT] Added support for parsing of doubles and floats. (#1065)
    • [ENHANCEMENT] Adds promise server authentication (#1069)
    • [ENHANCEMENT] Expose the WSDL class (#1071)
    • [ENHANCEMENT] Now supporting XSI namespace overrides (#1079)
    • [ENHANCEMENT] added possibility to add action to content-type header (#1073)
    • [ENHANCEMENT] client.addSoapHeader() dynamic SOAP header (#1062)
    • [ENHANCEMENT] emit response events allowing user override on response XML (#1070)
    • [FIX] Fix description for recursive wsdl with extended element (#1078)
    • [FIX] Fixes issue with unknown ReadableStream type (#1076)
    • [FIX] Update types to make options optional for createClientAsync (#1068)
    • [FIX] fix for soap 1.2 content-type header, missing action key (#1075)
    • [FIX] types: move forceSoap12Headers to IWsdlBaseOptions (#1063)
    • [MAINTENANCE] Updated read me to reflect changes in soap.listen (#1060)
  • 0.27.1 - 2019-04-19

    Release v0.27.1

  • 0.27.0 - 2019-04-18

    Release v0.27.0

  • 0.26.0 - 2019-02-11
    • [FIX] WSDL: make merging external schema works correctly (#1023)
    • [FIX] WSDL: pass error from parsing XML as-is, not only its message (#1022)
    • [ENHANCEMENT] server: add option enableChunkedEncoding (#1043)
    • [FIX] fix a problem about Multi-Byte character (#1042)
    • [FIX] fix double transformationentries in WSSecCert
    • [MAINTENANCE] Add bodyParser.json middleware test
    • [FIX] processRequestXml only if req.body is not empty object
    • [MAINTENANCE] Fixing v10 ssl tests and removing jshint since it sucks and doesn't support es6. (we need to migrate to eslint).
    • [FIX] Arrays deserve namespace override too
  • 0.25.0 - 2018-08-19
    • [FIX] Improved deserialization on inline simpleType declarations (#1015)
    • [ENHANCEMENT] Added option to allow the user to dis-/enable the timestamp in WSSecurtityCert (defaults to "enabled" to maintain current behaviour) (#1017)
    • [DOC] Updated the "*Async" result description (#1016)
    • [ENHANCEMENT] Added ability to resolve Schema-cross-reference namespaces in client.describe() (#1014)
    • [FIX] Fixed .npmignore patterns in order to publish only the necessary files (#1012)
    • [DOC] Removed formatting in code (#1011)
    • [ENHANCEMENT] Added initial NTLM support (#887)
    • [ENHANCEMENT] Added optional async authentication for the server (#1002)
    • [MAINTENANCE] End of support for node < 6.x in our Travis CI config!
    • [MAINTENANCE] Removed unnecessary selectn dependency (#975)
    • [ENHANCEMNET] Added support for attributes in root elements (#910)
    • [ENHANCEMENT] Added/updated TypeScript definitions (#991)
    • [ENHANCEMENT] Change signature of server.authorizeConnection() to include also the response param. (#1006)
    • [FIX] WSSE Template - fix behaviour for template compilation in __dirname "unsafe" environments (e.g. webpack with target node) (#1008)
  • 0.24.0 - 2018-04-06
    • [DOC] Error on custom deserializer example (#1000)
    • [DOC] Fix broken link
    • [DOC] adding bullets to separate each option
    • [DOC] changed ClientSSLSecurity to ClientSSLSecurityPFX in the readme file
    • [DOC] clarify section on client events in Readme.md (#989)
    • [ENHANCEMENT] Added one-way response configuration options
    • [ENHANCEMENT] Adding support for SOAP 1.2 Envelope Headers in the server side (#1003)
    • [ENHANCEMENT] Enable multiArgs during promisification
    • [ENHANCEMENT] add Client.wsdl for accessing client.wsdl during soap.createClient() (#990)
    • [ENHANCEMENT] add option to remove element-by-element namespacing of json arrays (#994)
    • [ENHANCEMENT] add rawRequest to callback arguments (#992)
    • [FIX] Fixed checking for empty obj.Body before further actions (#986)
    • [FIX] Lookup definitions in child element first (#958)
    • [FIX] only detect xsi:nil if its value is true (#983)
    • [MAINTENANCE] Updating the coverage to use the new version of Istanbul framework, the nyc.
    • [MAINTENANCE] Upgrade Lodash to 4.17.5 (#1001)
  • 0.23.0 - 2017-10-18
    • [FIX] Fixing tests broken by #979
    • [FEATURE] replace non identifier chars to underscore (#978)
    • [FEATURE] Pool keep alive connections if forever option is used (#979)
    • [MAINTENANCE] Use assert.ifError function in tests (#976)
    • [FEATURE] Add function support for server addSoapHeader (#977)
  • 0.22.0 - 2017-10-02
    • [ENHANCEMENT] Added forever option to ClientSSLSecurity in order to allow keep-alive connections. (#974)
    • [ENHANCEMENT] Added preserveWhitespace option to prevent the client from trimming resolved String values. (#972)
    • [MAINTENANCE] Removed compres dependency in favor of zlib. (#971)
    • [MAINTENANCE] (Security) Updated debug dependency to avoid possible vulnerability. (#973)
    • [FIX] Updated .travis.yml to test against latest node.js 4.8.x release to avoid Travis CI error.
    • [FIX] Fix performance bug at POJO to XML conversion. (#968)
    • [ENHANCEMENT] Added possibility to override the bluebird.js suffix (default: "async"). (#961)
    • [DOC] Updated the Security section by listing all available optional methods. (#966)
  • 0.21.0 - 2017-08-28

    Release v0.21.0

  • 0.20.0 - 2017-08-08
  • 0.19.2 - 2017-06-12
  • 0.19.1 - 2017-05-30
  • 0.19.0 - 2017-03-16
  • 0.18.0 - 2016-11-26
  • 0.17.0 - 2016-09-09
  • 0.16.0 - 2016-06-23
  • 0.15.0 - 2016-05-09
  • 0.14.0 - 2016-04-12
  • 0.13.0 - 2016-02-18

from soap GitHub Release Notes

馃 View latest project report

馃洜 Adjust upgrade PR settings

馃敃 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
1 participant
@snyk-bot