New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade nconf from 0.8.5 to 0.11.3 #1

Open

snyk-bot wants to merge 1 commit into master from snyk-upgrade-1e9daa19a07cf13418d3a6b850541c8e

snyk-bot commented Sep 29, 2021

Snyk has created this PR to upgrade nconf from 0.8.5 to 0.11.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 7 versions ahead of your current version.
The recommended version was released 3 months ago, on 2021-06-21.

Release notes

Package name: nconf

0.11.3 - 2021-06-21
Fixes:
- Handle case where parsed config object doesn't have a prototype (#365) (@ ilkkao)
0.11.2 - 2021-01-26
This release resolves several security vulnerabilities by upgrading underlying packages.
0.11.1 - 2021-01-08
This release resolves several security vulnerabilities by upgrading underlying packages.
0.11.0 - 2020-11-24
This release resolves several security vulnerabilities by upgrading underlying packages.

WARNING: Due to upstream packages updates, this may cause issues with older Node.js versions (e.g. Node.js v8.x). Those older Node releases are out of support anyway, so you shouldn't use them, but be aware of this possibility.
0.10.0 - 2017-12-18
0.10.0
0.9.1 - 2017-11-04
0.9.1
0.9.0 - 2017-11-04
0.8.5 - 2017-09-27

from nconf GitHub release notes

Commit messages

Package name: nconf

218059e 0.11.3
dc8c3d6 Handle case where parsed config object hasn't prototype (#365)
b1914ae 0.11.2
54bd403 chore: upgrade deps to fix security vulns
e6dfa5d 0.11.1
709cc60 Bump node-notifier from 8.0.0 to 8.0.1 (#355)
eca2bf3 Bump ini from 1.3.5 to 1.3.6 (#353)
85229df chore: enable circleci
91e9106 chore: update changelog
4122731 0.11.0
56794d1 chore: upgrade deps to fix security vulns
1392ac4 0.10.0
01f25fa Regex as env separator (Regular Expression DoS vulnerability mrvautin/adminMongo#288)
16667be Argv store separator (mongoweb error mrvautin/adminMongo#291)
bac910a 0.9.1
2bdf7e1 Clean Argv Store options (Feature request: Add storage used for database mrvautin/adminMongo#290)
b9321b2 transformer can now return an undefined key (npm install fails on Could not resolve dependency: mocha-jsdom mrvautin/adminMongo#289)
81ce0be Update changelog
b1ee63c fix error in transform function when dealing with dropped entries (Bug, deny of service with null char in url mrvautin/adminMongo#287)
9f70ba1 [doc] Update changelog
8afcf99 [dist] Version bump. 0.9.0
b41c505 Save conf to dedicated file (How to clear browser cookies by running it in docker? mrvautin/adminMongo#283)
52e0a35 Update changelog
fa215a4 add tests for the normal configuration of yargs via argv

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs


          fix: upgrade nconf from 0.8.5 to 0.11.3

e7009b6

Snyk has created this PR to upgrade nconf from 0.8.5 to 0.11.3.

See this package in npm:
https://www.npmjs.com/package/nconf

See this project in Snyk:
https://app.snyk.io/org/sayak-sarkar/project/16953bee-82d5-4d62-8e84-3341a0580834?utm_source=github&utm_medium=referral&page=upgrade-pr

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment