Skip to content

[Snyk] Security upgrade doxdox from 2.0.3 to 3.0.0 #23

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade doxdox from 2.0.3 to 3.0.0 #23

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 551/1000
Why? Recently disclosed, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-UGLIFYJS-1727251		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: doxdox The new version differs by 26 commits.
  • e0038de Version bump.
  • c794fe5 Fixed issue with empty path causing no files to be found.
  • cf18730 Updated minimum Node.js version.
  • 0da63fc Updated travis and appveyor configs.
  • cc281ef Year bump.
  • da57a87 Removed old bithound file.
  • c652c16 Formatted code.
  • 1b3d6ed Updated packages.
  • c36f0ab Whitespace.
  • af5a7a5 Removed unused globby option.
  • a156332 Updated build config files.
  • 086bcfc Updated packages.
  • 1737287 Merge pull request #58 from neogeek/greenkeeper/chalk-2.3.0
  • b7290a2 Merge pull request #54 from neogeek/greenkeeper/update-notifier-2.3.0
  • 22475af Merge pull request #56 from neogeek/greenkeeper/codecov-3.0.0
  • 0608898 Merge pull request #57 from neogeek/greenkeeper/mocha-4.0.1
  • 48ff3c0 fix(package): update chalk to version 2.3.0
  • 7bced8b chore(package): update codecov to version 3.0.0
  • e1a2ca4 fix(package): update update-notifier to version 2.3.0
  • 9b62128 chore(package): update mocha to version 4.0.1
  • 5758cf6 Merge pull request #51 from neogeek/greenkeeper/chalk-2.1.0
  • 1f47b71 fix(package): update chalk to version 2.1.0
  • 3c6e205 Updated packages.
  • 97b4455 Removed locked files.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

@snyk-bot
fix: package.json to reduce vulnerabilities
b7b4bf9 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-UGLIFYJS-1727251
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot