Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Security upgrade appium from 1.22.3 to 2.0.0 #239

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

timoa
Copy link
Owner

@timoa timoa commented Oct 27, 2023

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 748/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.1
Cross-site Request Forgery (CSRF)
SNYK-JS-AXIOS-6032459
Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: appium The new version differs by 250 commits.
  • 3fa73a1 chore(appium): remove rc tag from appium 2
  • 1ab323b chore(appium): promote appium npm tag to latest
  • b8e1f38 chore(docutils): update dependency mkdocs-material to v9.1.18
  • 02896d0 chore(deps): update eslint-related packages
  • 8a6a4ba chore: publish
  • 52b646c chore(typedoc-plugin-appium): update snapshots
  • 2b35170 fix(base-driver): pass thru all type args to ExternalDriver
  • c13333b fix(appium): type fixes for ts v5
  • 62f4244 fix(types): update some more types to reflect reality
  • 26eb766 chore(base-driver): actually run type tests
  • 679865e fix(eslint-config-appium): remove prototype assignment warning
  • f1d768c chore: upgrade typescript
  • d6cca51 fix(types): separate the type of opts from initialOpts
  • 3d614d6 fix(base-driver): allow subclass to define shape of settings object
  • ee9b2a3 fix(types): ensure return type of deleteSession can always be void
  • e30ad0e chore(appium,types): remove some useless type arguments
  • 01061b2 fix(types,base-driver): remove deviceName from base constraints
  • 24e7aec fix(types): fix signature of updateSettings
  • ed1856d fix(support): update dependency semver to v7.5.3
  • 757fbaa chore(deps): update dependency @ types/node to v18.16.19
  • fdd2ac0 fix(doctor): update dependency appium-adb to v9.11.7
  • 3906f7d chore(docutils): update dependency mkdocs-material to v9.1.17
  • f09fbb6 fix(appium): restrict address to ipv6/hostname (#18824)
  • 97fe159 chore(appium): Improve the error message on config load error (#18829)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Request Forgery (CSRF)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants