Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade @saltcorn/data from 0.1.4 to 0.4.0 #5

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade @saltcorn/data from 0.1.4 to 0.4.0 #5

wants to merge 1 commit into from

Conversation

glutamate
Copy link
Collaborator

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 656/1000
Why? Recently disclosed, Has a fix available, CVSS 7.4		 Directory Traversal
SNYK-JS-ADMZIP-1065796		 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: @saltcorn/data The new version differs by 250 commits.
  • b230ed8 Publish
  • 8813bfb Misc: viewpost form data, select disabled (#606)
  • 821b7d6 runTableTriggers does not assume id int pk
  • 19fd71b Misc: Test email to, smtp email password type, delete sql views (#602)
  • 87ca9f2 External tables (#601)
  • 73a16a2 fix: packages/saltcorn-data/package.json & packages/saltcorn-data/package-lock.json to reduce vulnerabilities (#597)
  • 4261170 Publish
  • 705f626 Test send email (#596)
  • 41cd40d Builder: link btns, fvs handle text style, template in view labels (#595)
  • 60f72e8 UX misc: spaces in view names, some view selects include template, wizard steps in breadcrumbs (#594)
  • 97e471d Publish
  • 670fc75 Primary keys not named id (#593)
  • 9d972a6 Misc: sort order (#592)
  • 4da28ff Discover tables (#591)
  • d5270d6 Non integer primary keys (#590)
  • a00ec97 Id field (#589)
  • 6b0d9a0 Tableless view templates (#588)
  • dc1a969 Misc: quick edit roles, show for table, edit field type if no fields (#586)
  • bccf293 Publish
  • 02fb5d6 Backup tenants on cli (#585)
  • 98cb71a fix page run action http codes
  • cde5f77 fix var name in file upload response
  • 746ff40 file upload json respond filename
  • ec5e645 improve runMany fail error message

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

@snyk-bot
fix: package.json to reduce vulnerabilities
4a61af8 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ADMZIP-1065796
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@glutamate @snyk-bot