Skip to content

[Snyk] Security upgrade pm2 from 4.2.1 to 4.5.5 #158

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

[Snyk] Security upgrade pm2 from 4.2.1 to 4.5.5 #158

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link
Contributor

@snyk-bot snyk-bot commented Apr 9, 2021

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
⚠️ Warning 
Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
low severity 578/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 3.7		 Improper Input Validation
SNYK-JS-SYSTEMINFORMATION-1244526		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: pm2 The new version differs by 133 commits.
  • a6a52dc pm2@4.5.5
  • 5e18920 pm2@4.5.4
  • b743ce0 pm2@4.5.3
  • 88b5ab4 pm2@4.5.2
  • cc9714c bump copyright years
  • 64f8ea0 pm2@4.5.1
  • c0372a8 prepare 4.5.1
  • 56ffa13 upgrade debug
  • 452cc85 upgrade systeminformation
  • f376825 feat: restore --sort option on pm2 ls #4536
  • 2f61ddb fix: cron-restart in cluster mode + alias --cron to --cron-restart fix #4834 #4733 #4307 #4834
  • 0b56e72 Merge branch 'master' into development
  • 2ba6dff Merge pull request #4892 from AdamMajer/fix_npm7_devel
  • f830d5f Merge pull request #4897 from Glyphack/patch-2
  • d13e4a3 test against Node 15.x
  • 94615fb Update systeminformation package to 4.27.11
  • 25b7ccd tests: fix tests with npm7
  • 73a4eaf [ci skip] bump readme
  • 49f1871 pm2@4.5.0
  • 3e004dc add udp client/server example + fix typo
  • 310d68d pm2@4.5.0 - testing phase
  • 7f11906 Merge pull request #4681 from guard43ru/development
  • 108ddea Merge pull request #4741 from getsnoopy/fix-unit-test-script
  • c4929d1 Merge pull request #4762 from ffflorian/patch-1

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot