Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Upgrade selenium-webdriver from 4.3.0 to 4.21.0 #15

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade selenium-webdriver from 4.3.0 to 4.21.0 #15

wants to merge 1 commit into from

Conversation

farmmanic
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade selenium-webdriver from 4.3.0 to 4.21.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 27 versions ahead of your current version.

  • The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
medium severity Cross-site Scripting (XSS)
SNYK-JS-RAILROADDIAGRAMS-6282875		 484 No Known Exploit
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-SANITIZEHTML-2957526		 484 No Known Exploit
medium severity Information Exposure
SNYK-JS-SANITIZEHTML-6256334		 484 Proof of Concept
Release notes
Package name: selenium-webdriver
  • 4.21.0 - 2024-05-16

    Changelog

    For each component's detailed changelog, please check:

    Commits in this release

    Click to see all the commits included in this release
    • f034dc5d32 - [rb] Setting nightly version :: Diego Molina
    • 480ce7060f - [dotnet] Setting nightly version :: Diego Molina
    • d9c33f4478 - [js] Setting nightly version :: Diego Molina
    • be5d67c97b - [py] Setting nightly version :: Diego Molina
    • 0d620d2be4 - [java] Setting snapshot version :: Diego Molina
    • 057323db14 - [nightly] Fixing typo :: Diego Molina
    • 3e3cf89fb6 - Update mirror info (Thu Apr 25 00:16:21 UTC 2024) :: Selenium CI Bot
    • 6ded247bd3 - [js] Fixing wrongly updated package-lock.json :: Diego Molina
    • 8723d04809 - [dotnet][rb][java][js][py] Automated Browser Version Update (#13841) :: Selenium CI Bot
    • dbd9ff3eed - Update mirror info (Fri Apr 26 00:15:49 UTC 2024) :: Selenium CI Bot
    • cf5393b050 - [rb] Return and deprecate DriverFinder.path :: Alex Rodionov
    • 7ca4f5e4d8 - [ci] Don't run on macOS ARM :: Alex Rodionov
    • 3296fdf449 - [rb] Release 4.20.1 :: Alex Rodionov
    • f2b68137f6 - [rb] Update version for nightly :: Alex Rodionov
    • 6ece8d7aee - Ensure rules_proto comes from the module file (#13879) :: Simon Stewart
    • 7f25fd1e61 - [dotnet][rb][java][js][py] Automated Browser Version Update (#13878) :: Selenium CI Bot
    • ffb03bde4d - [bidi][java] Add methods to allow all parameters for script callFunction and evaluate method (#13873) :: Puja Jagani
    • 9c8133a8bf - [dotnet][rb][java][js][py] Automated Browser Version Update (#13886) :: Selenium CI Bot
    • 2f7ac69252 - [java] Setting a connection timeout for the WS connection :: Diego Molina
    • 9de36e29dd - Bump rules_jvm_external to 6.1 (#13890) :: Simon Stewart
    • d5ff4315f5 - Bump to Bazel 7.1.1 (#13891) :: Simon Stewart
    • ac93fab589 - Add MODULE.bazel.lock to the gitignore file until it is stable between platforms :: Simon Stewart
    • 1bcc79f8a8 - [bazel + js] Allow bazel build //javascript/... to work (#13893) :: Simon Stewart
    • ef96a7b184 - [bazel] Update rules_jvm_external to 6.1 :: Alex Rodionov
    • 8688ad2d0d - [rb] Fix Chromium tests on Windows :: Alex Rodionov
    • b456e6089d - [rb] Use Bazel JDK in remote tests :: Alex Rodionov
    • 020521aa5c - [rb] Safari window minimize tests are passing :: Alex Rodionov
    • 7fc9a12d28 - [rb] Allow focusing tests w/o extra args :: Alex Rodionov
    • f54ba8ba00 - [rb] Fix syntax error in BUILD file :: Alex Rodionov
    • 8d94b342a3 - [rb] Use no-sandbox on non-Windows :: Alex Rodionov
    • 1e0cde199c - [dotnet][rb][java][js][py] Automated Browser Version Update (#13895) :: Selenium CI Bot
    • 5d4cfc1e1e - [java] Improving error message for BiDi connection :: Diego Molina
    • 86fd063330 - [py] removed unused logger object from firefox/webdriver.py (#13892) :: Sandeep Suryaprasad
    • a0a3914845 - [java] Improving logging to understand why "Value must be set" is raised. :: Diego Molina
    • c114dbd530 - [js] Ensure 'selectVisibleByText' method is same as other languages (#13899) :: Puja Jagani
    • ad53a19918 - Revert "[bazel] Update rules_jvm_external to 6.1" :: Alex Rodionov
    • 17d927b596 - [bazel] Only use credential helper for RBE :: Alex Rodionov
    • 5fe3362dfc - [grid] flatten combined routes to improve routing (#13856) :: Jörg Sautter
    • 970557de27 - [Java] Java language level aids (#13834) :: Alex
    • fe2edbdeba - [grid][java]: apply protocol version in relay session factory (#13880) :: Viet Nguyen Duc
    • 7b83fc135b - [java][sm] Configure Selenium Manager environment from System Properties (#13858) :: Oleksandr Kulychok
    • 8e3e26e0a2 - [java][grid]: Set test name to video file name in dynamic grid (#13907) :: Viet Nguyen Duc
    • 72562d8d88 - [grid][java]: session-timeout set connection timeout in RemoteNode (#13854) :: Viet Nguyen Duc
    • 4b415384ea - [java] type casting and numeric improvements (#13909) :: Alex
    • 5cd4bd2477 - [cdp][java] Allow filters to recover from failed requests in NetworkInterceptor (#13847) :: Joe Bandenburg
    • 0345a23beb - [dotnet][rb][java][js][py] Automated Browser Version Update (#13903) :: Selenium CI Bot
    • 2062410a53 - [dotnet][rb][java][js][py] Automated Browser Version Update (#13916) :: Selenium CI Bot
    • 67ba0054e3 - [js] Ensure parity in the locators used by methods (#13902) :: Puja Jagani
    • 768cb3d700 - [dotnet][rb][java][js][py] Automated Browser Version Update (#13924) :: Selenium CI Bot
    • 978a2d6afe - [java] allow a DevTools listener to determinate the order of handler calls (#13921) :: Jörg Sautter
    • 94f7247cb7 - Bump jinja2 from 3.1.3 to 3.1.4 in /py/docs (#13911) :: dependabot[bot]
    • 17ba2aa3f9 - [java] removed an unused testing dependency :: Jörg Sautter
    • 2aa0f5a651 - [java] read selenium manager output as UTF-8 #13653 :: Jörg Sautter
    • e7324ef296 - [java] Reduce redundant toString() calls (#13932) :: Alex
    • df54f9534c - [dotnet][rb][java][js][py] Automated Browser Version Update (#13928) :: Selenium CI Bot
    • 4e59ac82d6 - Moving ignore_local_proxy_environment_variables to BaseOptions (#13926) :: Diego Molina
    • d1b84e4259 - [java] fixed format of expires in Cookie.toString #13927 :: Jörg Sautter
    • d556c8ea2e - [dotnet][rb][java][js][py] Automated Browser Version Update (#13935) :: Selenium CI Bot
    • 15319c07e3 - [dotnet] Overwrite internal log file if it already exists (#13900) :: Nikolay Borisenko
    • 0e7bd2cb67 - [java] Fixing JavaDocs for driver classes :: Diego Molina
    • cf5234de72 - [js] Updating README.md :: Diego Molina
    • 3b42a898e6 - [dotnet] Align binary location property for FirefoxOptions with other options (#13901) :: Nikolay Borisenko
    • 9f650fd0da - [grid] Using MutableCapabilities to get rid of browserVersion :: Diego Molina
    • 3e457dd8ef - [js] Running format script :: Diego Molina
    • ffbedeaada - [rust] Setting nightly version to get release script working :: Diego Molina
    • fd56c3a230 - Using macos-13 for now until we adapt to macos-latest :: Diego Molina
    • 03f626fcf6 - [js] Expose individual test targets to Bazel :: Alex Rodionov
    • 6978ea8c9d - [dotnet] Allow to run tests w/o pinned browsers :: Alex Rodionov
    • 4f72e3f7ef - [rb] Support registering extra headers in HTTP client :: Alex Rodionov
    • 3ec3cef9a0 - [rb] Support overriding User-Agent in HTTP client :: Alex Rodionov
    • 4cf9aeb151 - [rb] Support registering extra bridge commands :: Alex Rodionov
    • 991a653358 - [rb] Support overriding default locator conversion :: Alex Rodionov
    • 02381bfc39 - [rb] Support registering custom finders for SearchContext :: Alex Rodionov
    • 518496c5c5 - [rb] Support using custom element classes :: Alex Rodionov
    • 79ed462ef4 - Release 4.21.0 (#13948) :: Diego Molina
  • 4.20.0 - 2024-04-24

    Changelog

    For each component's detailed changelog, please check:

    Commits in this release

    Click to see all the commits included in this release
    • a12c3b56a9 - [build] Moving versions to nightly :: Diego Molina
    • 4fec60d2b8 - [rb] Update Gemfile.lock :: Alex Rodionov
    • 96cf53a454 - [rb] Fix document generation :: Alex Rodionov
    • 507970233b - [build] Bumping actions versions :: Diego Molina
    • 63e815627f - Update mirror info (Thu Mar 28 00:15:30 UTC 2024) :: Selenium CI Bot
    • b7d831db8c - [bidi][js] Update the capture screenshot APIs to include all parameters and remove scroll parameter (#13744) :: Puja Jagani
    • 0b29138fa7 - [rust] Bump to rules_rust 0.41.0 (Rust 1.77.0) :: Boni García
    • cc7f3402f8 - Update mirror info (Fri Mar 29 00:15:26 UTC 2024) :: Selenium CI Bot
    • acd9d0e77d - [bidi] [java] Fix the bazel file after the BiDi breaking change :: Puja Jagani
    • abe0ee07dc - [java] Updating change log and bumping version :: Puja Jagani
    • 3ef121c0b2 - Update mirror info (Fri Mar 29 12:14:17 UTC 2024) :: Selenium CI Bot
    • 6cda692993 - [grid] synchronize read from field written by other thread :: Jörg Sautter
    • 9c6ccdbf40 - Update mirror info (Sat Mar 30 00:14:35 UTC 2024) :: Selenium CI Bot
    • 1f88231e2b - [js] Fix linting (#13753) :: Puja Jagani
    • a2aa09f143 - Bumping to SNAPSHOT for Nightly :: Diego Molina
    • ec7c11fae8 - Update mirror info (Mon Apr 1 12:08:01 UTC 2024) :: Selenium CI Bot
    • e90e4a5001 - [rb] Return JRuby dependencies :: Alex Rodionov
    • ef3d9e870e - [rb][java][dotnet][py] Skipping Edge tests due to https://bugs.chromium.org/p/chromedriver/issues/detail?id=4743 :: Diego Molina
    • a169d905b4 - [JS][bidi] Impelments functionality to retrieve all top-level browsing contexts :: Sri Harsha
    • a663d280de - [js] Running format script :: Diego Molina
    • 37565afc72 - [dotnet] Simplify definition of building test web server for unit tests :: Nikolay Borisenko
    • 911b312090 - [js] Add JS comments for BiDi related files (#13763) :: Puja Jagani
    • 309b3e802f - [bidi][java] Deprecate using builder for Locate Node parameters. (#13767) :: Puja Jagani
    • baf6116541 - [bidi][java] Update Locator class to not use optional :: Puja Jagani
    • cca70e3eb4 - [JS] lint fixes :: Sri Harsha
    • 68ad9845aa - [grid] do not create unused HttpResponse instances :: Jörg Sautter
    • aaa7e791a4 - [bidi][java] Enable chrome tests (#13770) :: Puja Jagani
    • b49ae752c9 - [JS] Set browserName by default when browserOptions are used :: Sri Harsha
    • 111941bd3c - [JS] Implement fullPageScreenshot functionality for Firefox (#13301) :: Sri Harsha
    • 38829c7c63 - [bidi][java] Enable grid BiDi chrome test (#13778) :: Puja Jagani
    • 12ed6cc2d9 - [dotnet] use correct devtools session id after reinitialization (#13768) :: schrufygroovy
    • 44eba5952f - [js] Running format script :: Diego Molina
    • 8c8adec916 - [grid] handle baseRoute like the hubRoute and the graphqlRoute (#13772) :: Jörg Sautter
    • 392ffbc08d - [JS] Remove duplicate license agreement from files :: Sri Harsha
    • b800dfcde2 - [java] [bidi] Enable test that pass in chrome :: Puja Jagani
    • dc62d248fb - [bidi][java] Enable Edge BiDi tests (#13780) :: Puja Jagani
    • a3d4d144d9 - [bidi][js] Enable add intercept parameters test :: Puja Jagani
    • 97950ef9ad - [py] Skipping Edge tests due to https://bugs.chromium.org/p/chromedriver/issues/detail?id=4743 :: Diego Molina
    • b9fddae69c - [java] Enabling Edge tests for BiDi :: Diego Molina
    • b867008a66 - [dotnet][rb][java][js][py] Automated Browser Version Update (#13750) :: Selenium CI Bot
    • 2b59996257 - Add type hints for selenium.webdriver.remote.webdriver.WebDriver.init (#13775) :: Adam Dangoor
    • 9f8e0b8497 - Add types to set_window_position parameters (#13786) :: Adam Dangoor
    • d142ce0cd5 - [bidi][js] Enable tests for Edge and Chrome (#13790) :: Puja Jagani
    • 33c6b7841a - Fixing atom to capitalize text (#13792) :: Diego Molina
    • a0210e3a7c - [bidi][js] Fix log inspector test :: Puja Jagani
    • ad92541cf1 - [grid][java] fix node-docker (#13789) :: Viet Nguyen Duc
    • 16796dba18 - [dotnet][rb][java][js][py] Automated Browser Version Update (#13798) :: Selenium CI Bot
    • 8001566c18 - Bump idna from 3.4 to 3.7 in /py (#13808) :: dependabot[bot]
    • 9ab4f75173 - [rust] Minor typo-fix in warninig trace :: Boni García
    • 3cf0669b94 - [rust] Use DEBUG level for WARN traces in offline mode (#13810) :: Boni García
    • 61f507f386 - [rust] Update rules_rust and crate dependencies to latest stable versions :: Boni García
    • 6d7e7da3c1 - [grid][java] browser containers provisioned in dynamic grid can get hostconfig from node-docker (#13804) :: Viet Nguyen Duc
    • 8d77159463 - [dotnet][rb][java][js][py] Automated Browser Version Update (#13819) :: Selenium CI Bot
    • 25fd49a3d9 - [JS] Update npm deps to latest :: Sri Harsha
    • 4ecc1033ca - [java] Selenium Manager generates output from argument list (#13385) :: Titus Fortner
    • 9f5123661f - [rb] update SOC for driver finder and selenium manager classes (#13386) :: Titus Fortner
    • 77df95b883 - Update Dockerfile to use JDK 17 (#13823) :: Trig
    • bfbed918d8 - [py] update SOC for driver finder and selenium manager classes (#13387) :: Titus Fortner
    • ec5757d2e9 - [JS] Migrate eslint to latest (#13825) :: Sri Harsha
    • d04cbb5164 - [grid][java]: dynamic grid re-fetch browser images if they were pruned during runtime (#13821) :: Viet Nguyen Duc
    • e9ef7e0980 - [JS] Fix stale element test and enable window tests :: Sri Harsha
    • 85c0ad1b23 - [dotnet][rb][java][js][py] Automated Browser Version Update (#13830) :: Selenium CI Bot
    • 54829c7686 - [dotnet][rb][java][js][py] Automated Browser Version Update (#13835) :: Selenium CI Bot
    • f0b5a04cb9 - Nightly dotnet (#13838) :: Diego Molina
    • ffe3d2ad31 - [bazel] Enable bzlmod :: Alex Rodionov
    • a24c22912c - [bazel] Move rules_ruby to MODULE :: Alex Rodionov
    • d9a922b3b0 - [bazel] Move rules_dotnet to MODULE :: Alex Rodionov
    • 16db80ae10 - [bazel] Move rules_rust to MODULE :: Alex Rodionov
    • cee8c4d80e - [bazel] Move rules_python to MODULE :: Alex Rodionov
    • 2c76a22077 - [bazel] Move rules_jvm_external to MODULE :: Alex Rodionov
    • 214d26060c - [bazel] Move apple_rules_lint to MODULE :: Alex Rodionov
    • cd0a14f148 - [bazel] Move rules_proto to MODULE :: Alex Rodionov
    • bf0dcd939e - [bazel] Move rules_js to MODULE :: Alex Rodionov
    • 63d65e3f75 - [bazel] Move rules_oci to MODULE :: Alex Rodionov
    • 2749ec7314 - [bazel] Move rules_pkg to MODULE :: Alex Rodionov
    • 70bb02a6f0 - [bazel] Move prebuilt selenium-manager to MODULE :: Alex Rodionov
    • 60a57b4b30 - [bazel] Move buildifier to MODULE :: Alex Rodionov
    • c69304ad54 - [bazel] Move pinned browsers to MODULE :: Alex Rodionov
    • 91b6d4ebc0 - [bazel] Extract remote configuration into separate file :: Alex Rodionov
    • 853b4dfa61 - [bazel] Fix runfiles loading in Bzlmod :: Alex Rodionov
    • 050c6440cf - [bazel] Add missing dependencies :: Alex Rodionov
    • fa57e9c20a - [bazel] Update lockfile :: Alex Rodionov
    • 0608c63416 - [bazel] Fix .NET compiler errors :: Alex Rodionov
    • 3e8261de9e - [bazel] Fix runfiles loading in JavaScript tests :: Alex Rodionov
    • 6eac5d5150 - [bazel] Update gem checksums :: Alex Rodionov
    • 0ec0b73d04 - [bazel] Keep rules_rust in WORKSPACE :: Alex Rodionov
    • 3b02ff6a5c - [bazel] Repin Cargo.Bazel.lock :: CI Build
    • c9f5e353de - [bazel] Regenerate maven_install.json :: Alex Rodionov
    • 3af3558166 - [dotnet] Ignore flaky tests on RBE :: Alex Rodionov
    • b3da4e538d - [bazel] Update gem checksums :: Alex Rodionov
    • 5b6fa4863d - [bazel] Disable lockfile :: Alex Rodionov
    • e062acbb45 - [rb] Disable failing Edge test :: Alex Rodionov
    • a09f70d031 - [bazel] Update CI caching manifest for bzlmod :: Alex Rodionov
    • 71122cd649 - [bazel] Update rules_rust to 0.41 :: Alex Rodionov
    • 1f8dc10f19 - Revert "[rb] Disable failing Edge test" :: Alex Rodionov
    • ace280cccc - [ci] Don't use non-bzlmod caches :: Alex Rodionov
    • b734f5e0c7 - [bazel] Fix node toolchain loading :: Alex Rodionov
    • 8d6c0778ba - [ci] Use JDK 17 :: Alex Rodionov
    • 6831e8e19e - [bazel] Restore javadoc targets :: Alex Rodionov
    • 4d29ac9da6 - [bazel] Fix maven_bom targets :: Alex Rodionov
    • cafb91a5e2 - [bazel] Remove WORKSPACE mode in favor of bzlmod :: Alex Rodionov
    • 44ab4a82b6 - [rb][dotnet][java][py] Update Edge to 123 :: Alex Rodionov
    • 77858975e1 - [rb] Fix runfiles location in docs :: Alex Rodionov
    • e1677cd11b - [dotnet] Revert System namespace prefix :: Alex Rodionov
    • bed404cbf0 - [bazel] Move rules_rust to MODULE.bazel :: Alex Rodionov
    • 7b9281760c - [bazel] Update bazel_features :: Alex Rodionov
    • 686153006f - [bazel] Update rules_rust :: Alex Rodionov
    • 08ec566227 - [bazel] Revert Cargo changes :: Alex Rodionov
    • 929a862200 - [bazel] Use default Rust toolchain :: Alex Rodionov
    • 88b7a1fcef - [bazel] Update rules_js :: Alex Rodionov
    • aa62f106c7 - [bazel] Move rules_rust back to WORKSPACE to fix zstd compilation :: Alex Rodionov
    • f36b334177 - [dotnet] Making SeleniumManager a thin wrapper (#13833) :: Diego Molina
    • 9e7adc790b - Nightly javascript (#13844) ...

@snyk-bot
fix: upgrade selenium-webdriver from 4.3.0 to 4.21.0
73b9623 
Snyk has created this PR to upgrade selenium-webdriver from 4.3.0 to 4.21.0.

See this package in npm:
selenium-webdriver

See this project in Snyk:
https://app.snyk.io/org/farmmanic/project/5cdeaebd-aa49-45a3-9328-23d1eaf446b2?utm_source=github&utm_medium=referral&page=upgrade-pr
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@farmmanic @snyk-bot