[Snyk] Upgrade morgan from 1.9.0 to 1.10.0

[WoozChucky]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade morgan from 1.9.0 to 1.10.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 2 versions ahead of your current version.
• The recommended version was released 3 years ago, on 2020-03-20.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Arbitrary Code Injection SNYK-JS-MORGAN-72579	661/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.8	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: morgan

• 1.10.0 - 2020-03-20
  
  • Add :total-time token
  • Fix trailing space in colored status code for dev format
  • deps: basic-auth@~2.0.1
    • deps: safe-buffer@5.1.2
  • deps: depd@~2.0.0
    • Replace internal eval usage with Function constructor
    • Use instance methods on process to check for listeners
  • deps: on-headers@~1.0.2
    • Fix res.writeHead patch missing return value
• 1.9.1 - 2018-09-11
  
  • Fix using special characters in format
  • deps: depd@~1.1.2
    • perf: remove argument reassignment
• 1.9.0 - 2017-09-27
  
  • Use res.headersSent when available
  • deps: basic-auth@~2.0.0
    • Use safe-buffer for improved Buffer API
  • deps: debug@2.6.9
  • deps: depd@~1.1.1
    • Remove unnecessary Buffer loading

from morgan GitHub release notes

Commit messages

Package name: morgan

• c68d2ea 1.10.0
• aa718d7 Add :total-time token
• ce15462 build: remove deprecated Travis CI directive
• e13e0d3 build: Node.js@13.11
• f023828 build: use nyc for test coverage
• 30c0871 build: mocha@7.1.1
• 8114639 docs: document success color in dev format
• 5d8176f docs: update rotating-file-stream usage for 2.x
• c54194c tests: ignore branch coverage that varies
• 5659d2f build: Node.js@12.16
• 43518b4 build: Node.js@13.10
• 7a42b31 build: Node.js@10.19
• 397208d build: Node.js@8.17
• 89dffcc build: mocha@7.1.0
• 9bf0e8c build: eslint-plugin-markdown@1.0.2
• 3ea521c build: mocha@7.0.1
• f72345d build: eslint@6.8.0
• 675be35 build: eslint-plugin-import@2.20.1
• 9ff523d build: Node.js@12.13
• 23f26c9 build: mocha@6.2.2
• f67208d build: eslint-plugin-import@2.19.1
• b7496d9 build: eslint@6.7.2
• 662aa28 build: eslint-plugin-markdown@1.0.1
• 20a26fe build: support Node.js 13.x

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs