Skip to content
This repository has been archived by the owner on Jan 20, 2021. It is now read-only.

[Snyk] Fix for 1 vulnerabilities #39

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Fix for 1 vulnerabilities #39

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
high severity Improper Input Validation
SNYK-JS-URLPARSE-543307		 No Proof of Concept
Commit messages
Package name: url-parse The new version differs by 22 commits.
  • b21a365 [dist] 1.4.5
  • 3ecd256 [security] Trim left to prevent unsantitized input from generating false positives
  • 6667379 [pkg] Update assume to version 2.2.0 (#169)
  • d13c6d0 [pkg] Update mocha to version 6.1.1 (#171)
  • 9923bac chore(package): update mocha to version 6.0.0 (#167)
  • 52b9206 [fix] Return the base URL pathname when the relative URL is empty (#166)
  • 219b4c5 chore(package): update nyc to version 13.2.0 (#165)
  • bc9da1e [dist] 1.4.4
  • b15fd4a [ocd] code style
  • 7781ad8 [fix] global is not defined (#160)
  • 9fb86cf [doc] Replace URL with Url (#158)
  • 4e14338 [codestyle] Mark location and parser in JSDoc as optional (#153)
  • 1c19d5a [security] Fix typo in SECURITY.md (#151)
  • a84b506 [sec] Updated reporter details
  • 541b70f [test] Fix incorrect test, was not supposted to be added with previous commit
  • 426e929 [dist] 1.4.3
  • d7b582e [security] Added missing SECURITY.md
  • 53b1794 [security] Sanitize paths, hosts before parsing.
  • f60fa4e chore(package): update sauce-browsers to version 2.0.0 (#149)
  • 3cc810c [test] Remove Opera from the list of browsers to test
  • da8cddb [dist] 1.4.2
  • 56c0573 URL -> Url (#148)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

馃 View latest project report

馃洜 Adjust project settings

馃摎 Read more about Snyk's upgrade and patch logic

@coveralls
Copy link

Pull Request Test Coverage Report for Build 107

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 90.909%
Totals Coverage Status
Change from base Build 98: 0.0%
Covered Lines: 678
Relevant Lines: 738
馃挍 - Coveralls

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@snyk-bot @coveralls