Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Upgrade: , , , , , , , , , , , tslib, rxjs, , , , , , , , cypress, cypress-fail-on-console-error, echarts, mock-socket, qrcode, start-server-and-test, zone.js #100

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade: , , , , , , , , , , , tslib, rxjs, , , , , , , , cypress, cypress-fail-on-console-error, echarts, mock-socket, qrcode, start-server-and-test, zone.js #100

wants to merge 1 commit into from

Conversation

X-oss-byte
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

@angular/animations
from 14.2.12 to 14.3.0 | 1 version ahead of your current version | 2 years ago
on 2023-03-13
@angular/common
from 14.2.12 to 14.3.0 | 1 version ahead of your current version | 2 years ago
on 2023-03-13
@angular/compiler
from 14.2.12 to 14.3.0 | 1 version ahead of your current version | 2 years ago
on 2023-03-13
@angular/core
from 14.2.12 to 14.3.0 | 1 version ahead of your current version | 2 years ago
on 2023-03-13
@angular/forms
from 14.2.12 to 14.3.0 | 1 version ahead of your current version | 2 years ago
on 2023-03-13
@angular/platform-browser
from 14.2.12 to 14.3.0 | 1 version ahead of your current version | 2 years ago
on 2023-03-13
@angular/platform-browser-dynamic
from 14.2.12 to 14.3.0 | 1 version ahead of your current version | 2 years ago
on 2023-03-13
@angular/platform-server
from 14.2.12 to 14.3.0 | 1 version ahead of your current version | 2 years ago
on 2023-03-13
@angular/router
from 14.2.12 to 14.3.0 | 1 version ahead of your current version | 2 years ago
on 2023-03-13
@fortawesome/fontawesome-svg-core
from 6.2.1 to 6.6.0 | 7 versions ahead of your current version | 2 months ago
on 2024-07-16
@fortawesome/free-solid-svg-icons
from 6.2.1 to 6.6.0 | 7 versions ahead of your current version | 2 months ago
on 2024-07-16
tslib
from 2.4.1 to 2.7.0 | 9 versions ahead of your current version | 22 days ago
on 2024-08-23
rxjs
from 7.8.0 to 7.8.1 | 1 version ahead of your current version | a year ago
on 2023-04-26
@angular-devkit/build-angular
from 14.2.10 to 14.2.13 | 3 versions ahead of your current version | a year ago
on 2023-10-05
@angular/cli
from 14.2.10 to 14.2.13 | 3 versions ahead of your current version | a year ago
on 2023-10-05
@angular/localize
from 14.2.12 to 14.3.0 | 1 version ahead of your current version | 2 years ago
on 2023-03-13
@cypress/schematic
from 2.4.0 to 2.5.2 | 3 versions ahead of your current version | 3 months ago
on 2024-06-07
@fortawesome/angular-fontawesome
from 0.11.1 to 0.15.0 | 6 versions ahead of your current version | 4 months ago
on 2024-05-23
@fortawesome/fontawesome-common-types
from 6.2.1 to 6.6.0 | 7 versions ahead of your current version | 2 months ago
on 2024-07-16
@types/qrcode
from 1.5.0 to 1.5.5 | 5 versions ahead of your current version | 10 months ago
on 2023-11-07
cypress
from 12.7.0 to 12.17.4 | 15 versions ahead of your current version | a year ago
on 2023-08-15
cypress-fail-on-console-error
from 4.0.2 to 4.0.3 | 1 version ahead of your current version | a year ago
on 2023-05-04
echarts
from 5.4.1 to 5.5.1 | 9 versions ahead of your current version | 3 months ago
on 2024-06-27
mock-socket
from 9.1.5 to 9.3.1 | 4 versions ahead of your current version | a year ago
on 2023-09-11
qrcode
from 1.5.1 to 1.5.4 | 3 versions ahead of your current version | a month ago
on 2024-08-05
start-server-and-test
from 1.14.0 to 1.15.4 | 5 versions ahead of your current version | 2 years ago
on 2023-02-13
zone.js
from 0.12.0 to 0.15.0 | 15 versions ahead of your current version | 24 days ago
on 2024-08-21

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Asymmetric Resource Consumption (Amplification)
SNYK-JS-BODYPARSER-7926860		 326 No Known Exploit
high severity Sandbox Bypass
SNYK-JS-WEBPACK-3358798		 326 Proof of Concept
medium severity Cross-site Scripting
SNYK-JS-EXPRESS-7926867		 326 No Known Exploit
medium severity Cross-site Scripting (XSS)
SNYK-JS-ECHARTS-7300340		 326 Proof of Concept
medium severity Open Redirect
SNYK-JS-EXPRESS-6474509		 326 No Known Exploit
medium severity Improper Input Validation
SNYK-JS-POSTCSS-5926692		 326 No Known Exploit
medium severity Prototype Pollution
SNYK-JS-TOUGHCOOKIE-5672873		 326 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-SIDEWAYFORMULA-3317169		 326 No Known Exploit
low severity Cross-site Scripting
SNYK-JS-SEND-7926862		 326 No Known Exploit
low severity Cross-site Scripting
SNYK-JS-SERVESTATIC-7926865		 326 No Known Exploit
Release notes
Package name: @angular/animations
  • 14.3.0 - 2023-03-13
  • 14.2.12 - 2022-11-21
from @angular/animations GitHub release notes
Package name: @angular/common
  • 14.3.0 - 2023-03-13
  • 14.2.12 - 2022-11-21
from @angular/common GitHub release notes
Package name: @angular/compiler
  • 14.3.0 - 2023-03-13
  • 14.2.12 - 2022-11-21
from @angular/compiler GitHub release notes
Package name: @angular/core
  • 14.3.0 - 2023-03-13
  • 14.2.12 - 2022-11-21
from @angular/core GitHub release notes
Package name: @angular/forms
  • 14.3.0 - 2023-03-13
  • 14.2.12 - 2022-11-21
from @angular/forms GitHub release notes
Package name: @angular/platform-browser
  • 14.3.0 - 2023-03-13
  • 14.2.12 - 2022-11-21
from @angular/platform-browser GitHub release notes
Package name: @angular/platform-browser-dynamic
  • 14.3.0 - 2023-03-13
  • 14.2.12 - 2022-11-21
from @angular/platform-browser-dynamic GitHub release notes
Package name: @angular/platform-server
  • 14.3.0 - 2023-03-13
  • 14.2.12 - 2022-11-21
from @angular/platform-server GitHub release notes
Package name: @angular/router
  • 14.3.0 - 2023-03-13
  • 14.2.12 - 2022-11-21
from @angular/router GitHub release notes
Package name: @fortawesome/fontawesome-svg-core from @fortawesome/fontawesome-svg-core GitHub release notes
Package name: @fortawesome/free-solid-svg-icons from @fortawesome/free-solid-svg-icons GitHub release notes
Package name: tslib from tslib GitHub release notes
Package name: rxjs
  • 7.8.1 - 2023-04-26

    chore(publish): 7.8.1

  • 7.8.0 - 2022-12-15
from rxjs GitHub release notes
Package name: @angular-devkit/build-angular
  • 14.2.13 - 2023-10-05
  • 14.2.12 - 2023-06-28
  • 14.2.11 - 2023-03-16
  • 14.2.10 - 2022-11-17
from @angular-devkit/build-angular GitHub release notes
Package name: @angular/cli
  • 14.2.13 - 2023-10-05
  • 14.2.12 - 2023-06-28
  • 14.2.11 - 2023-03-16
  • 14.2.10 - 2022-11-17
from @angular/cli GitHub release notes
Package name: @angular/localize
  • 14.3.0 - 2023-03-13
  • 14.2.12 - 2022-11-21
from @angular/localize GitHub release notes
Package name: @cypress/schematic
  • 2.5.2 - 2024-06-07
  • 2.5.1 - 2023-09-07
  • 2.5.0 - 2023-01-25
  • 2.4.0 - 2022-12-02
from @cypress/schematic GitHub release notes
Package name: @fortawesome/angular-fontawesome
  • 0.15.0 - 2024-05-23

    Make sure to check upgrade instructions.

    Added

    • Support for Angular 18.
    • Documentation on how to use NPM Kit packages.
    • Documentation on how to correctly use fa-stack in standalone components.
    • Documentation on how to use custom icons.
    • FAQ page with considerations on whether to use this library.
    • Configuration option for the FontAwesomeTestingModule to not throw errors when adding icons.
    • Documentation on how to add global styles to the page.

    Fixed

    • Documentation for the rotate input.
    • Global styles are now correctly added to the page in SSR context.

    Changed

    • icon input type is now more permissive.
    • @ fortawesome/fontawesome-svg-core became a regular dependency.

    Removed

    • Angular 17.x is no longer supported. If you are using this version, please, stick with version 0.14.1.
    • Deprecated inputs spin and pulse. Use animation input instead.
    • Deprecated inputs styles and classes.
  • 0.14.1 - 2023-12-23

    Fixed

    • Removed import from @ fortawesome/fontawesome-common-types, which was an undeclared dependency.
  • 0.14.0 - 2023-11-08

    Added

    • Support for Angular 17.
    • Possibility to use all components as standalone.

    Changed

    • Examples to use standalone components instead of modules.

    Removed

    • Angular 16.x is no longer supported. If you are using this version, please, stick with version 0.13.0.
  • 0.13.0 - 2023-05-04

    Added

    • Support for Angular 16.

    Removed

    • Angular 15.x is no longer supported. If you are using this version, please, stick with version 0.12.1.
  • 0.12.1 - 2023-01-09

    Added

  • 0.12.0 - 2022-11-18

    Make sure to check upgrade instructions.

    Added

    • Support for Angular 15.
    • Documentation and option in ng-add schematic to use new Sharp Solid icons style.

    Changed

    • Documentation on how to create fa-icon programmatically updated to not use deprecated ComponentFactoryResolver.

    Deprecated

    • classes and styles inputs on all components are deprecated for removal as confusing and generally not useful. See upgrade instructions for the suggested migration path.

    Removed

    • Angular 14.x is no longer supported. If you are using this version, please, stick with version 0.11.1.
  • 0.11.1 - 2022-06-16
    • Added a missing peer dependency on @ angular/core.
from @fortawesome/angular-fontawesome GitHub release notes
Package name: @fortawesome/fontawesome-common-types from @fortawesome/fontawesome-common-types GitHub release notes
Package name: @types/qrcode
  • 1.5.5 - 2023-11-07
  • 1.5.4 - 2023-10-18
  • 1.5.3 - 2023-10-18
  • 1.5.2 - 2023-08-30
  • 1.5.1 - 2023-06-30
  • 1.5.0 - 2022-08-19
from @types/qrcode GitHub release notes
Package name: cypress
  • 12.17.4 - 2023-08-15

    Changelog: https://docs.cypress.io/guides/references/changelog#12-17-4

  • 12.17.3 - 2023-08-01
  • 12.17.2 - 2023-07-20
  • 12.17.1 - 2023-07-10
  • 12.17.0 - 2023-07-06
  • 12.16.0 - 2023-06-26
  • 12.15.0 - 2023-06-20
  • 12.14.0 - 2023-06-07
  • 12.13.0 - 2023-05-23
  • 12.12.0 - 2023-05-09
  • 12.11.0 - 2023-04-26
  • 12.10.0 - 2023-04-17
  • 12.9.0 - 2023-03-28
  • 12.8.1 - 2023-03-15
  • 12.8.0 - 2023-03-14
  • 12.7.0 - 2023-02-25
from cypress GitHub release notes
Package name: cypress-fail-on-console-error

@snyk-bot
fix: upgrade multiple dependencies with Snyk
65b25bf 
Snyk has created this PR to upgrade:
  - @angular/animations from 14.2.12 to 14.3.0.
    See this package in npm: https://www.npmjs.com/package/@angular/animations
  - @angular/common from 14.2.12 to 14.3.0.
    See this package in npm: https://www.npmjs.com/package/@angular/common
  - @angular/compiler from 14.2.12 to 14.3.0.
    See this package in npm: https://www.npmjs.com/package/@angular/compiler
  - @angular/core from 14.2.12 to 14.3.0.
    See this package in npm: https://www.npmjs.com/package/@angular/core
  - @angular/forms from 14.2.12 to 14.3.0.
    See this package in npm: https://www.npmjs.com/package/@angular/forms
  - @angular/platform-browser from 14.2.12 to 14.3.0.
    See this package in npm: https://www.npmjs.com/package/@angular/platform-browser
  - @angular/platform-browser-dynamic from 14.2.12 to 14.3.0.
    See this package in npm: https://www.npmjs.com/package/@angular/platform-browser-dynamic
  - @angular/platform-server from 14.2.12 to 14.3.0.
    See this package in npm: https://www.npmjs.com/package/@angular/platform-server
  - @angular/router from 14.2.12 to 14.3.0.
    See this package in npm: https://www.npmjs.com/package/@angular/router
  - @fortawesome/fontawesome-svg-core from 6.2.1 to 6.6.0.
    See this package in npm: https://www.npmjs.com/package/@fortawesome/fontawesome-svg-core
  - @fortawesome/free-solid-svg-icons from 6.2.1 to 6.6.0.
    See this package in npm: https://www.npmjs.com/package/@fortawesome/free-solid-svg-icons
  - tslib from 2.4.1 to 2.7.0.
    See this package in npm: https://www.npmjs.com/package/tslib
  - rxjs from 7.8.0 to 7.8.1.
    See this package in npm: https://www.npmjs.com/package/rxjs
  - @angular-devkit/build-angular from 14.2.10 to 14.2.13.
    See this package in npm: https://www.npmjs.com/package/@angular-devkit/build-angular
  - @angular/cli from 14.2.10 to 14.2.13.
    See this package in npm: https://www.npmjs.com/package/@angular/cli
  - @angular/localize from 14.2.12 to 14.3.0.
    See this package in npm: https://www.npmjs.com/package/@angular/localize
  - @cypress/schematic from 2.4.0 to 2.5.2.
    See this package in npm: https://www.npmjs.com/package/@cypress/schematic
  - @fortawesome/angular-fontawesome from 0.11.1 to 0.15.0.
    See this package in npm: https://www.npmjs.com/package/@fortawesome/angular-fontawesome
  - @fortawesome/fontawesome-common-types from 6.2.1 to 6.6.0.
    See this package in npm: https://www.npmjs.com/package/@fortawesome/fontawesome-common-types
  - @types/qrcode from 1.5.0 to 1.5.5.
    See this package in npm: https://www.npmjs.com/package/@types/qrcode
  - cypress from 12.7.0 to 12.17.4.
    See this package in npm: https://www.npmjs.com/package/cypress
  - cypress-fail-on-console-error from 4.0.2 to 4.0.3.
    See this package in npm: https://www.npmjs.com/package/cypress-fail-on-console-error
  - echarts from 5.4.1 to 5.5.1.
    See this package in npm: https://www.npmjs.com/package/echarts
  - mock-socket from 9.1.5 to 9.3.1.
    See this package in npm: https://www.npmjs.com/package/mock-socket
  - qrcode from 1.5.1 to 1.5.4.
    See this package in npm: https://www.npmjs.com/package/qrcode
  - start-server-and-test from 1.14.0 to 1.15.4.
    See this package in npm: https://www.npmjs.com/package/start-server-and-test
  - zone.js from 0.12.0 to 0.15.0.
    See this package in npm: https://www.npmjs.com/package/zone.js

See this project in Snyk:
https://app.snyk.io/org/sammyfilly/project/02c03ac3-31f4-4d0a-ab4f-93c6af17989e?utm_source=github&utm_medium=referral&page=upgrade-pr
@stackblitz StackBlitz
Copy link

stackblitz bot commented Sep 14, 2024

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Sep 14, 2024

⚠️ No Changeset found

Latest commit: 65b25bf

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

sourcery-ai[bot]
sourcery-ai bot reviewed Sep 14, 2024
View reviewed changes
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have skipped reviewing this pull request. Here's why:

  • It seems to have been created by a bot ('[Snyk]' found in title). We assume it knows what it's doing!
  • We don't review packaging changes - Let us know if you'd like us to change this.

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@X-oss-byte @snyk-bot