[Snyk] Upgrade ibm-openapi-validator from 0.27.1 to 0.42.0 #3

snyk-bot · 2021-05-09T21:25:21Z

Snyk has created this PR to upgrade ibm-openapi-validator from 0.27.1 to 0.42.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 34 versions ahead of your current version.
The recommended version was released 25 days ago, on 2021-04-14.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-PRISMJS-1076581	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Prototype Pollution SNYK-JS-INI-1048974	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-COPYPROPS-1082870	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-JSONPOINTER-596925	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-HANDLEBARS-1279029	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Remote Code Execution (RCE) SNYK-JS-HANDLEBARS-1056767	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Cross-site Scripting (XSS) SNYK-JS-DOMPURIFY-1035544	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Cross-site Scripting (XSS) SNYK-JS-DOMPURIFY-1016634	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: ibm-openapi-validator

0.42.0 - 2021-04-14
0.42.0 (2021-04-14)

Features
- add rule to check for consistent major version in path (b6c8e65)
0.41.0 - 2021-04-14
0.41.0 (2021-04-14)

Features
- show path to component that caused error in verbose mode (#272) (3c1c458)
0.40.3 - 2021-04-14
0.40.3 (2021-04-14)

Bug Fixes
- soften the response-example-provided rule to look only at success responses (#273) (b5dac3e)
0.40.2 - 2021-04-14
0.40.2 (2021-04-14)

Bug Fixes
- cannot find ajv module when ibm:oas ruleset extended (#279) (fd2cb29)
0.40.1 - 2021-04-07
0.40.1 (2021-04-07)

Bug Fixes
- set the exit code for json output (#269) (b6e9899)
0.40.0 - 2021-04-06
0.40.0 (2021-04-06)

Features
- validate x-sdk-operations extension (#268) (b025eac)
0.39.0 - 2021-03-26
0.39.0 (2021-03-26)

Features
- remove error for partial path templating (#262) (2838875)
0.38.0 - 2021-03-19
0.38.0 (2021-03-19)

Features
- warn for missing response examples (#265) (0f10376)
0.37.1 - 2021-03-16
0.37.1 (2021-03-16)

Bug Fixes
- correct the minimum required version of Node (#264) (8b3bad4)
0.37.0 - 2021-03-16
0.37.0 (2021-03-16)

Features
- custom Spectral rule to ensure content objects contain schema (#258) (bb9e419)
0.36.0 - 2021-03-12
0.35.2 - 2021-03-09
0.35.1 - 2021-03-08
0.35.0 - 2021-03-05
0.34.4 - 2021-03-01
0.34.3 - 2021-02-22
0.34.2 - 2021-02-18
0.34.1 - 2021-01-27
0.34.0 - 2021-01-26
0.33.2 - 2021-01-11
0.33.1 - 2021-01-04
0.33.0 - 2020-12-30
0.32.0 - 2020-12-28
0.31.1 - 2020-10-23
0.31.0 - 2020-10-15
0.30.1 - 2020-10-02
0.30.0 - 2020-09-23
0.29.4 - 2020-09-22
0.29.3 - 2020-09-02
0.29.2 - 2020-08-27
0.29.1 - 2020-08-26
0.29.0 - 2020-08-11
0.28.1 - 2020-08-06
0.28.0 - 2020-06-23
0.27.1 - 2020-05-04

from ibm-openapi-validator GitHub release notes

Commit messages

Package name: ibm-openapi-validator

4db7af4 chore(release): 0.42.0 [skip ci]
b6c8e65 feat: add rule to check for consistent major version in path
84db9d5 chore(release): 0.41.0 [skip ci]
3c1c458 feat: show path to component that caused error in verbose mode (ConflictingNonceInMempool fix: increment faucet mempool tx nonces hirosystems/stacks-blockchain-api#272)
390b887 chore(release): 0.40.3 [skip ci]
b5dac3e fix: soften the response-example-provided rule to look only at success responses (Tests for Rosetta account/ and mempool/ endpoints hirosystems/stacks-blockchain-api#273)
8d86983 chore(release): 0.40.2 [skip ci]
fd2cb29 fix: cannot find ajv module when ibm:oas ruleset extended (Can't call function with traits on mocknet hirosystems/stacks-blockchain-api#279)
2bf13e1 chore(release): 0.40.1 [skip ci]
b6e9899 fix: set the exit code for json output (add openapi docs for rosetta endpoints hirosystems/stacks-blockchain-api#269)
3cb4021 chore(release): 0.40.0 [skip ci]
b025eac feat: validate x-sdk-operations extension (Expose STX lock up events hirosystems/stacks-blockchain-api#268)
fd34717 Error responses (chore(openapi): use contract_address only #258 hirosystems/stacks-blockchain-api#266)
75e48f0 chore(release): 0.39.0 [skip ci]
2838875 feat: remove error for partial path templating (Query param named different than typescript def hirosystems/stacks-blockchain-api#262)
311982d chore(release): 0.38.0 [skip ci]
0f10376 feat: warn for missing response examples (fix: add get contract data map entry schema #264 hirosystems/stacks-blockchain-api#265)
141bdc1 chore(release): 0.37.1 [skip ci]
8b3bad4 fix: correct the minimum required version of Node ([client] SmartContractApis.getContractDataMapEntry returns Promise<void> hirosystems/stacks-blockchain-api#264)
d8e6909 chore(release): 0.37.0 [skip ci]
bb9e419 feat: custom Spectral rule to ensure content objects contain schema (StacksAddress vs ContractAddress hirosystems/stacks-blockchain-api#258)
65a9b3d build: drop support for Node 8.x and deprecate Node 10.x (rosetta submit api hirosystems/stacks-blockchain-api#263)
d672b91 chore(release): 0.36.0 [skip ci]
e61f803 feat: synchronize the inCodeValidator output to match the CLI -json output (Add Rosetta API to openapi.yaml hirosystems/stacks-blockchain-api#260)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade ibm-openapi-validator from 0.27.1 to 0.42.0. See this package in npm: https://www.npmjs.com/package/ibm-openapi-validator See this project in Snyk: https://app.snyk.io/org/baby636/project/cf5cd236-6535-4a02-9e8a-a5a7ae9f9e8d?utm_source=github&utm_medium=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade ibm-openapi-validator from 0.27.1 to 0.42.0 #3

[Snyk] Upgrade ibm-openapi-validator from 0.27.1 to 0.42.0 #3

snyk-bot commented May 9, 2021

0.42.0 (2021-04-14)

Features

0.41.0 (2021-04-14)

Features

0.40.3 (2021-04-14)

Bug Fixes

0.40.2 (2021-04-14)

Bug Fixes

0.40.1 (2021-04-07)

Bug Fixes

0.40.0 (2021-04-06)

Features

0.39.0 (2021-03-26)

Features

0.38.0 (2021-03-19)

Features

0.37.1 (2021-03-16)

Bug Fixes

0.37.0 (2021-03-16)

Features

[Snyk] Upgrade ibm-openapi-validator from 0.27.1 to 0.42.0 #3

Are you sure you want to change the base?

[Snyk] Upgrade ibm-openapi-validator from 0.27.1 to 0.42.0 #3

Conversation

snyk-bot commented May 9, 2021

Snyk has created this PR to upgrade ibm-openapi-validator from 0.27.1 to 0.42.0.

0.42.0 (2021-04-14)

Features

0.41.0 (2021-04-14)

Features

0.40.3 (2021-04-14)

Bug Fixes

0.40.2 (2021-04-14)

Bug Fixes

0.40.1 (2021-04-07)

Bug Fixes

0.40.0 (2021-04-06)

Features

0.39.0 (2021-03-26)

Features

0.38.0 (2021-03-19)

Features

0.37.1 (2021-03-16)

Bug Fixes

0.37.0 (2021-03-16)

Features