New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade apollo-server-express from 2.19.0 to 2.26.2 #164

Open

sandorTuranszky wants to merge 1 commit into master from snyk-upgrade-3757e6e2cb857e8ffcea3b4973e1d480

Owner

sandorTuranszky commented Feb 18, 2024

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade apollo-server-express from 2.19.0 to 2.26.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 41 versions ahead of your current version.
The recommended version was released 6 months ago, on 2023-08-30.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-XSS-1584355	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-OBJECTPATH-1585658	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-OBJECTPATH-1569453	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-APOLLOSERVERCORE-5876618	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: apollo-server-express

8fbc66c Release
f016446 fixup tests missing graphRef
f0c84d4 Merge pull request from GHSA-j5g3-5c8r-7qfx
755770e Merge pull request #7571 from apollographql/sb/tweak-playground-page
ca9199a Add referrer
84053c0 Tweak v2 Playground page and update deprecation notice
711fa01 Remaining v2 EOL notice updates (#7337)
ace0cd5 Update v2 docs with official EOL messaging (#7335)
9fa185c Docs: fix previous-versions link
49c5a62 version-2: deploy docs on push
e0d9973 Add AS2 deprecation notices (#7151)
940448c Corrected broken link to RESTDataSource Github (#7090)
7cb1da8 publish to v2 dist-tag by default
84852fc Release
a2b8fc6 Update dependency on graphql-upload fork to fix #7060
91de501 Release
3f4fe5a Backport #5537 to AS2 (#6829)
ae444b2 Release
54879d0 Update OSS orb to pass --no-verify-access to lerna publish
82d4498 Disable graphql-upload integration when it is not used (#6476)
c98507e Remove files from old Gatsby docs theme (v2) (#6216)
628fbb7 Updates for new docs infra (v2) (#6210)
41671ec docs: fix error on custom directives page (#6183)
a725306 Release

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs


          fix: upgrade apollo-server-express from 2.19.0 to 2.26.2

c6f58e9

Snyk has created this PR to upgrade apollo-server-express from 2.19.0 to 2.26.2.

See this package in npm:
https://www.npmjs.com/package/apollo-server-express

See this project in Snyk:
https://app.snyk.io/org/sandorturanszky/project/0785f907-6187-4235-96bf-b81811d612d2?utm_source=github&utm_medium=referral&page=upgrade-pr

vercel bot commented Feb 18, 2024 •

edited

Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
expressjs-opensource	❌ Failed (Inspect)			Feb 18, 2024 1:27am

vercel bot had a problem deploying to Preview

February 18, 2024 01:27

Failure

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment