Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk Update] New fixes for 2 vulnerable dependency paths #81

Merged
merged 1 commit into from
Oct 4, 2017

Conversation

snyk-bot
Copy link
Contributor

@snyk-bot snyk-bot commented Oct 4, 2017

This project has vulnerabilities that could not be fixed, or were patched when no upgrade was available. Good news, new upgrades or patches have now been published! This pull request fixes vulnerable dependencies you couldn’t previously address.

The PR includes:

  • Changes to package.json to upgrade the vulnerable dependencies to a fixed version.

Vulnerabilities that will be fixed

With an upgrade:

You can read more about Snyk's upgrade and patch logic in Snyk's documentation.

Note that this pull request only addresses vulnerabilities that previously had no fixes. See the Snyk test report to review and remediate the full list of vulnerable dependencies.

Check the changes in this PR to ensure they won't cause issues with your project.

Stay secure,
The Snyk team

@codecov
Copy link

codecov bot commented Oct 4, 2017

Codecov Report

Merging #81 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@          Coverage Diff          @@
##           master    #81   +/-   ##
=====================================
  Coverage     100%   100%           
=====================================
  Files          11     11           
  Lines         202    199    -3     
=====================================
- Hits          202    199    -3
Impacted Files Coverage Δ
bin/egg-bin.js 100% <0%> (ø) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b2a3ac6...ed16d47. Read the comment docs.

@popomore popomore merged commit e3c33e9 into master Oct 4, 2017
@popomore
Copy link
Member

popomore commented Oct 9, 2017

@popomore popomore deleted the snyk-fix-2a708b9d branch October 9, 2017 02:14
@popomore
Copy link
Member

popomore commented Oct 9, 2017

  • egg-bin@4.3.4

fengmk2 pushed a commit that referenced this pull request Dec 17, 2022
[skip ci]

## 1.0.0 (2022-12-17)

### Features

* add `egg-bin autod --check` command ([#70](#70)) ([0f0c7ab](0f0c7ab))
* add COV_EXCLUDES for coverage excludes ([#7](#7)) ([a33e561](a33e561))
* add sticky mode support ([#32](#32)) ([f5a1152](f5a1152))
* add ts env in command ([#98](#98)) ([756310e](756310e))
* allow loading ts compiler from cwd ([#169](#169)) ([4a54cec](4a54cec))
* auto detect available port ([#22](#22)) ([6d7ad41](6d7ad41))
* auto require setup file ([#24](#24)) ([a847750](a847750))
* build-in intelli-espower-loader ([#20](#20)) ([4e86a67](4e86a67))
* change default timeout to 60000 ([#50](#50)) ([cbc9263](cbc9263))
* commands support specific execArgv(harmony) ([#33](#33)) ([0c7108b](0c7108b))
* cov support output json-summary ([#64](#64)) ([c1de734](c1de734))
* cov support typescript ([#91](#91)) ([8a05e19](8a05e19))
* **cov:** add nyc instrument passthrough ([#103](#103)) ([8fa805b](8fa805b))
* **cov:** add prerequire option ([#53](#53)) ([055c47f](055c47f))
* **cov:** add prerequire option ([#53](#53)) ([a6a2b4a](a6a2b4a))
* debug proxy support ([678b83d](678b83d))
* **debug:** [BREAKING_CHANGE] remove iron-node ([#26](#26)) ([9d4170f](9d4170f))
* default enable c8 report ([#189](#189)) ([72e925b](72e925b))
* **dev:** pass debug args to execArgv ([#12](#12)) ([92b111f](92b111f))
* egg-bin check ([#87](#87)) ([92b1489](92b1489))
* enable mochawesome by default ([#193](#193)) ([6636e8f](6636e8f))
* expose proc ([#152](#152)) ([dcc9b25](dcc9b25))
* extractArgv refactor & extract debug port ([994616d](994616d))
* extractArgv support expose_debug_as ([6f5d525](6f5d525))
* impl parallel for mocha parallel mode ([#185](#185)) ([78141e8](78141e8))
* intergration with egg-ts-helper ([#123](#123)) ([263cfd1](263cfd1))
* pass --check to pkgfiles ([#48](#48)) ([7b0c995](7b0c995))
* remove correct-source-map.js ([#109](#109)) ([8b62742](8b62742))
* resolve istanbul path for coffee ([#9](#9)) ([147add8](147add8))
* revert egg-bin check ([#90](#90)) ([83322e6](83322e6))
* revert to 4.2.0 ([c65a00d](c65a00d))
* set EGG_MASTER_CLOSE_TIMEOUT when run dev ([#88](#88)) ([c48860c](c48860c))
* should print error stack ([#132](#132)) ([5c621f6](5c621f6))
* simplify mocha error stack ([#59](#59)) ([0b01158](0b01158))
* support $NODE_DEBUG_OPTION ([#71](#71)) ([1340ce7](1340ce7))
* support c8 report ([#172](#172)) ([1e96da2](1e96da2))
* support cov command  in win32 ([#52](#52)) ([93b731d](93b731d))
* support egg-bin test --changed ([#111](#111)) ([51f93aa](51f93aa))
* support egg.typescript ([#92](#92)) ([a7f0ca8](a7f0ca8))
* support mocha custom require args ([#5](#5)) ([fb8fd32](fb8fd32))
* support read egg.require from package.json ([#121](#121)) ([904103f](904103f))
* support set eggTsHelper ([#183](#183)) ([f564cbf](f564cbf))
* support switch ts compiler ([#158](#158)) ([a74bae2](a74bae2))
* support typescript ([#89](#89)) ([75b5cd6](75b5cd6))
* test  --dry-run ([#145](#145)) ([3cc3b0b](3cc3b0b))
* try to use --inspect first ([#19](#19)) ([d7ad24c](d7ad24c))
* update pkg.files that if file exists ([#37](#37)) ([af5af6a](af5af6a))
* upgrade espower-typescript to 9.0 ([#106](#106)) ([35e89db](35e89db))
* use nyc instead of istanbul ([#63](#63)) ([3cf312c](3cf312c))
* use test when run cov on Windows ([#18](#18)) ([611027f](611027f)), closes [/github.com/eggjs/egg/pull/133#issuecomment-256827488](https://github.com/eggjs//github.com/eggjs/egg/pull/133/issues/issuecomment-256827488)
* use unparseArgv from common-bin ([#45](#45)) ([da41b8e](da41b8e))

### Bug Fixes

* --full-trace should be boolean ([#191](#191)) ([bfd7fab](bfd7fab))
* -x only support string ([#47](#47)) ([b79f0cc](b79f0cc))
* .setup.js should be the first test file ([#30](#30)) ([4f45c6b](4f45c6b))
* add missing deps ([#42](#42)) ([86ebc75](86ebc75))
* add power-assert to deps ([#21](#21)) ([8b7ce8d](8b7ce8d))
* auto add .setup.ts file ([#147](#147)) ([00afdf7](00afdf7))
* can not find iron-node in subprocess ([#8](#8)) ([d6a57f5](d6a57f5))
* ci failed ([#162](#162)) ([4a076e6](4a076e6))
* clean more mocha error stack ([#60](#60)) ([9c77118](9c77118))
* conflix source map support ([#181](#181)) ([a1ec4f7](a1ec4f7))
* cov replaced warning at win ([#49](#49)) ([d2850a5](d2850a5))
* **cov:** istanbul path env ([#44](#44)) ([ce8f141](ce8f141))
* **cov:** wait 1 second for Windows ([#16](#16)) ([742f6fc](742f6fc))
* debug at 6.x ([469739f](469739f))
* debug mode detect ([#130](#130)) ([819d78f](819d78f))
* debug-test invoke formatTestArgs ([a82a87a](a82a87a))
* don't pass prerequire ([#57](#57)) ([e0d03d3](e0d03d3))
* downgrade ts-node ([#126](#126)) ([d802694](d802694))
* egginfo is not exists ([#159](#159)) ([8666e9e](8666e9e))
* ets not found ([#124](#124)) ([8f6135e](8f6135e))
* fix cov env ([#188](#188)) ([e18ceda](e18ceda))
* fix ENABLE_MOCHA_PARALLEL/AUTO_AGENT env ([#187](#187)) ([88ba6d5](88ba6d5))
* fix espwoer-typescript inject logic ([#178](#178)) ([2e0fecd](2e0fecd))
* fix source map line number incorrect ([#107](#107)) ([ca4f78f](ca4f78f)), closes [/github.com/TypeStrong/ts-node/blob/master/src/index.ts#L218](https://github.com/eggjs//github.com/TypeStrong/ts-node/blob/master/src/index.ts/issues/L218)
* fixed ts-node ignore files ([#105](#105)) ([a790304](a790304))
* force exit when runner complete ([#83](#83)) ([7386194](7386194))
* ignore eggTsHelper on node-test ([#186](#186)) ([c5db00e](c5db00e))
* ignore frontend files and document files ([#65](#65)) ([f9d578e](f9d578e))
* let sub class can override getFrameworkOrEggPath ([1320144](1320144))
* link mocha bin from inner file ([#15](#15)) ([f6cb195](f6cb195))
* make sure dev command eggPath can be override ([#23](#23)) ([22510d7](22510d7))
* make sure files sort in all platforms ([#86](#86)) ([6689962](6689962))
* nyc shim ([#138](#138)) ([3b370ef](3b370ef))
* only hotfix spawn-wrap on windows ([#69](#69)) ([e784a3d](e784a3d))
* package.json to reduce vulnerabilities ([#108](#108)) ([e910ae3](e910ae3))
* package.json to reduce vulnerabilities ([#81](#81)) ([e3c33e9](e3c33e9))
* remove espower typescript ([#160](#160)) ([563923a](563923a))
* remove temp excludes ([40aaca1](40aaca1))
* remove ts extensions by default ([#94](#94)) ([1c860a9](1c860a9))
* revert nyc ([#140](#140)) ([9cb8125](9cb8125)), closes [/github.com//pull/133#issuecomment-489387659](https://github.com/eggjs//github.com/eggjs/egg-bin/pull/133/issues/issuecomment-489387659)
* should exit when no test files found ([#100](#100)) ([e375ba4](e375ba4))
* should ignore fixtures and node_modules ([#96](#96)) ([e73c569](e73c569))
* should not timeout when debugging ([#129](#129)) ([3b6819c](3b6819c))
* should only read pkg if argv.typescript not pass ([#97](#97)) ([1e93020](1e93020))
* should pass customEgg to startCluster ([#25](#25)) ([e3d7974](e3d7974))
* should support -p ([#27](#27)) ([df86893](df86893))
* should support multi exclude dirs ([#66](#66)) ([1ac9d68](1ac9d68))
* support --workers same as egg-scripts ([#127](#127)) ([fcae123](fcae123))
* support egg-bin dev --cluster and --baseDir ([#36](#36)) ([ba7d409](ba7d409))
* support node4 ([#35](#35)) ([dbbaf98](dbbaf98))
* support relative path ([#95](#95)) ([7531faa](7531faa))
* There is a case sensitive issue from spawn-wrap  on Windows ([#67](#67)) ([56f8518](56f8518))
* use co-mocha instead of thunk-mocha ([#38](#38)) ([f6b5171](f6b5171))
* use context.env instead of process.env ([#58](#58)) ([9aa0030](9aa0030))
* use inspector at 7.x+ ([#74](#74)) ([2e3498e](2e3498e))
* using ts-node in app should check tscompiler and deps ([#170](#170)) ([662b9e9](662b9e9))
* wait more time for Window 😢 ([#17](#17)) ([d6f6b3b](d6f6b3b))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants