Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 9 vulnerabilities #26

Open
wants to merge 19 commits into
base: main
Choose a base branch
from
Open

[Snyk] Fix for 9 vulnerabilities #26

wants to merge 19 commits into from

Commits on May 2, 2023

  1. fix: deps/uv/docs/requirements.txt to reduce vulnerabilities 

    The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-BABEL-1278589
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1014645
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1533435
    @snyk-bot
    snyk-bot committed May 2, 2023
    Configuration menu
    Copy the full SHA
    5f861c5 View commit details
    Browse the repository at this point in the history

Commits on May 3, 2023

  1. fix: upgrade multiple dependencies with Snyk 

    Snyk has created this PR to upgrade:
  - @babel/types from 7.1.3 to 7.21.4.
    See this package in npm: https://www.npmjs.com/package/@babel/types
  - @babel/generator from 7.1.3 to 7.21.4.
    See this package in npm: https://www.npmjs.com/package/@babel/generator
  - @babel/parser from 7.1.3 to 7.21.4.
    See this package in npm: https://www.npmjs.com/package/@babel/parser
  - @babel/template from 7.1.2 to 7.20.7.
    See this package in npm: https://www.npmjs.com/package/@babel/template
  - @babel/traverse from 7.1.4 to 7.21.4.
    See this package in npm: https://www.npmjs.com/package/@babel/traverse

See this project in Snyk:
https://app.snyk.io/org/leonardoadame/project/17b9377e-05c7-466c-817b-64859e210aa8?utm_source=github&utm_medium=referral&page=upgrade-pr
    @snyk-bot
    snyk-bot committed May 3, 2023
    Configuration menu
    Copy the full SHA
    6ce3053 View commit details
    Browse the repository at this point in the history

  2. fix: upgrade globals from 10.1.0 to 10.4.0 

    Snyk has created this PR to upgrade globals from 10.1.0 to 10.4.0.

See this package in npm:
https://www.npmjs.com/package/globals

See this project in Snyk:
https://app.snyk.io/org/leonardoadame/project/17b9377e-05c7-466c-817b-64859e210aa8?utm_source=github&utm_medium=referral&page=upgrade-pr
    @snyk-bot
    snyk-bot committed May 3, 2023
    Configuration menu
    Copy the full SHA
    70497e0 View commit details
    Browse the repository at this point in the history

  3. fix: upgrade tempy from 0.5.0 to 0.7.1 

    Snyk has created this PR to upgrade tempy from 0.5.0 to 0.7.1.

See this package in npm:
https://www.npmjs.com/package/tempy

See this project in Snyk:
https://app.snyk.io/org/leonardoadame/project/17b9377e-05c7-466c-817b-64859e210aa8?utm_source=github&utm_medium=referral&page=upgrade-pr
    @snyk-bot
    snyk-bot committed May 3, 2023
    Configuration menu
    Copy the full SHA
    04c3980 View commit details
    Browse the repository at this point in the history

Commits on May 12, 2023

  1. Merge pull request #7 from leonardoadame/snyk-upgrade-2995fc05233b7a0… 

    …94a74ffadedd8032d

[Snyk] Upgrade tempy from 0.5.0 to 0.7.1
    @leonardoadame
    leonardoadame committed May 12, 2023
    Configuration menu
    Copy the full SHA
    6292d1a View commit details
    Browse the repository at this point in the history

  2. Merge pull request #6 from leonardoadame/snyk-upgrade-4d5b4bd486c2748… 

    …2cad22ca48f99fb34

[Snyk] Upgrade globals from 10.1.0 to 10.4.0
    @leonardoadame
    leonardoadame committed May 12, 2023
    Configuration menu
    Copy the full SHA
    616a8bf View commit details
    Browse the repository at this point in the history

Commits on May 24, 2023

  1. fix: deps/uv/docs/requirements.txt to reduce vulnerabilities 

    The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532
    @snyk-bot
    snyk-bot committed May 24, 2023
    Configuration menu
    Copy the full SHA
    a614a8a View commit details
    Browse the repository at this point in the history

Commits on Jun 12, 2023

  1. Merge pull request #10 from leonardoadame/snyk-fix-8d86d74fb78e75dbf9… 

    …14fcf9fdb45341

[Snyk] Security upgrade requests from 2.22.0 to 2.31.0
    @leonardoadame
    leonardoadame committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    52682c9 View commit details
    Browse the repository at this point in the history

Commits on Jun 16, 2023

  1. Merge pull request #3 from leonardoadame/snyk-fix-3fed45732244c5baec2… 

    …452a2501c403d

[Snyk] Fix for 5 vulnerabilities
    @leonardoadame
    leonardoadame committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    2e2374f View commit details
    Browse the repository at this point in the history

Commits on Jun 20, 2023

  1. fix: tools/node_modules/eslint/node_modules/@babel/core/package.json … 

    …to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-SEMVER-3247795
    @snyk-bot
    snyk-bot committed Jun 20, 2023
    Configuration menu
    Copy the full SHA
    eb66b7e View commit details
    Browse the repository at this point in the history

  2. fix: tools/node_modules/eslint/node_modules/@babel/eslint-parser/pack… 

    …age.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-SEMVER-3247795
    @snyk-bot
    snyk-bot committed Jun 20, 2023
    Configuration menu
    Copy the full SHA
    47a5b14 View commit details
    Browse the repository at this point in the history

  3. fix: deps/v8/tools/package.json & deps/v8/tools/package-lock.json to … 

    …reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-SEMVER-3247795
    @snyk-bot
    snyk-bot committed Jun 20, 2023
    Configuration menu
    Copy the full SHA
    30fc1d1 View commit details
    Browse the repository at this point in the history

Commits on Jun 21, 2023

  1. fix: tools/node_modules/eslint/node_modules/@babel/helper-compilation… 

    …-targets/package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-SEMVER-3247795
    @snyk-bot
    snyk-bot committed Jun 21, 2023
    Configuration menu
    Copy the full SHA
    1100bde View commit details
    Browse the repository at this point in the history

Commits on Jun 22, 2023

  1. Merge pull request #13 from leonardoadame/snyk-fix-ee8912d3a9cd5262aa… 

    …8829879580bfb4

[Snyk] Security upgrade semver from 6.3.0 to 7.5.2
    @leonardoadame
    leonardoadame committed Jun 22, 2023
    Configuration menu
    Copy the full SHA
    853f217 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #15 from leonardoadame/snyk-fix-900859a513e8ed4cc8… 

    …aa20aac868f5e5

[Snyk] Security upgrade semver from 6.3.0 to 7.5.2
    @leonardoadame
    leonardoadame committed Jun 22, 2023
    Configuration menu
    Copy the full SHA
    35fab6e View commit details
    Browse the repository at this point in the history

  3. Merge pull request #14 from leonardoadame/snyk-fix-b7180ea97e108aabee… 

    …5479ebc6233124

[Snyk] Security upgrade local-web-server from 4.2.1 to 5.0.0
    @leonardoadame
    leonardoadame committed Jun 22, 2023
    Configuration menu
    Copy the full SHA
    f827f4a View commit details
    Browse the repository at this point in the history

  4. Merge pull request #4 from leonardoadame/snyk-upgrade-f919faf2a9ba7c3… 

    …fa026d85a0edb65c5

[Snyk] Upgrade: @babel/types, @babel/generator, @babel/parser, @babel/template, @babel/traverse
    @leonardoadame
    leonardoadame committed Jun 22, 2023
    Configuration menu
    Copy the full SHA
    73ba401 View commit details
    Browse the repository at this point in the history

Commits on Jun 24, 2023

  1. Merge pull request #12 from leonardoadame/snyk-fix-763b7501c41ba23cc9… 

    …11126a17ab65f0

[Snyk] Security upgrade semver from 6.3.0 to 7.5.2
    @leonardoadame
    leonardoadame committed Jun 24, 2023
    Configuration menu
    Copy the full SHA
    d735ea2 View commit details
    Browse the repository at this point in the history

Commits on Jul 6, 2023

  1. fix: tools/node_modules/eslint/node_modules/gensync/package.json to r… 

    …educe vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AJV-584908
- https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
- https://snyk.io/vuln/SNYK-JS-MERGE-1040469
- https://snyk.io/vuln/SNYK-JS-MERGE-1042987
- https://snyk.io/vuln/SNYK-JS-SEMVER-3247795
- https://snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873
- https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381
- https://snyk.io/vuln/npm:braces:20180219
- https://snyk.io/vuln/npm:mem:20180117
    @snyk-bot
    snyk-bot committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    49e3f78 View commit details
    Browse the repository at this point in the history