[Snyk] Security upgrade typings from 0.6.5 to 0.6.6 by snyk-bot · Pull Request #130 · Centaurioun/tutorials

snyk-bot · 2022-12-16T07:14:38Z

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- json-modules/json/src/main/webapp/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7	Server-side Request Forgery (SSRF) SNYK-JS-NETMASK-1089716	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: typings

The new version differs by 15 commits.

7894a3e v0.6.6
da17762 Merge pull request Restyle [Snyk] Security upgrade io.kubernetes:client-java from 11.0.0 to 17.0.0 #162 from typings/use-typings-promise
d772cca Use `any-promise`, move typings to Typings
153e1de Merge pull request Restyle [Snyk] Security upgrade com.thoughtworks.xstream:xstream from 1.4.9 to 1.4.15 #158 from typings/replace-proxy-agent
d610738 Replace `proxy-agent` with lighter implementation
221db8f Merge pull request Restyle [Snyk] Security upgrade com.amazonaws:aws-java-sdk from 1.12.331 to 1.12.366 #150 from unional/update-contributing
6365aba Change contribution section to step by step guide
afd15ed Merge pull request [Snyk] Security upgrade org.springframework.cloud:spring-cloud-starter-zookeeper-config from 2.0.0.RELEASE to 4.0.0 #153 from typings/memo/browser
b55801e 📝 order the options based on preference
66ff6a7 📝 document the initial setup for `main` vs. `browser`
7faa6b6 v0.6.5
220f2d9 Kill caching layer, causing request failures
4bd5615 Merge pull request Restyle [Snyk] Security upgrade org.springframework.data:spring-data-gemfire from 1.7.4.RELEASE to 1.9.11.RELEASE #141 from johnnyreilly/patch-1
55518bd Update README.md
dd00461 Update README.md

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Server-side Request Forgery (SSRF)

…bilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NETMASK-1089716

fix: json-modules/json/src/main/webapp/package.json to reduce vulnera…

cc78141

…bilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NETMASK-1089716

restyled-io bot mentioned this pull request Dec 16, 2022

Restyle [Snyk] Security upgrade typings from 0.6.5 to 0.6.6 #131

Closed

Merge branch 'master' into snyk-fix-e6e903d9dbc5fc382531d19f36b963ba

130d8a9

mergify bot merged commit 4d173c4 into master Apr 9, 2023

mergify bot deleted the snyk-fix-e6e903d9dbc5fc382531d19f36b963ba branch April 9, 2023 23:47

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Security upgrade typings from 0.6.5 to 0.6.6#130

[Snyk] Security upgrade typings from 0.6.5 to 0.6.6#130
mergify[bot] merged 2 commits intomasterfrom
snyk-fix-e6e903d9dbc5fc382531d19f36b963ba

snyk-bot commented Dec 16, 2022

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

snyk-bot commented Dec 16, 2022

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant