Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Security upgrade wait-on from 7.2.0 to 8.0.2 #73

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Security upgrade wait-on from 7.2.0 to 8.0.2 #73

wants to merge 1 commit into from

Conversation

matrix-compute
Copy link
Owner

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • deps/undici/src/package.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
medium severity Cross-site Scripting (XSS)
SNYK-JS-AXIOS-6671926		   479  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

@socket-security Socket Security
Copy link

New, updated, and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@fastify/busboy@2.1.0 🔁 npm/@fastify/busboy@2.1.1 None 0 80.1 kB eomm
npm/@matteo.collina/tspl@0.1.1 None 0 7.29 kB matteo.collina
npm/@sinonjs/fake-timers@11.2.2 eval +1 121 kB fatso83
npm/@types/node@18.19.15 🔁 npm/@types/node@20.17.13, npm/@types/node@22.10.6 None 0 3.88 MB types
npm/abort-controller@3.0.0 None +1 265 kB mysticatea
npm/axios@1.6.7 network Transitive: environment +2 1.9 MB jasonsaayman
npm/borp@0.9.1 environment Transitive: filesystem, network, shell, unsafe +46 3.79 MB matteo.collina
npm/chai-as-promised@7.1.1 None +2 50.6 kB domenic
npm/chai-iterator@3.0.2 None 0 31.6 kB harrysarson
npm/chai-string@1.5.0 None 0 30.8 kB onechiporenko
npm/chai@4.4.1 None +6 881 kB keithamus
npm/concurrently@8.2.2 environment, filesystem +8 8.56 MB gustavohenke
npm/cronometro@2.0.2 Transitive: eval +5 1.57 MB shogun_panda
npm/dns-packet@5.6.1 None +1 78.7 kB silverwind
npm/docsify-cli@4.4.4 filesystem Transitive: environment, eval, network, shell +60 6.14 MB sy-records
npm/form-data@4.0.0 filesystem, network +5 314 kB niftylettuce
npm/formdata-node@6.0.3 None 0 128 kB octetstream
npm/got@14.2.0 Transitive: network +19 756 kB sindresorhus
npm/https-pem@3.0.0 filesystem 0 5.28 kB watson
npm/husky@9.0.10 environment, filesystem, shell 0 3.61 kB typicode
npm/jsdom@24.0.0 eval, filesystem, network, shell, unsafe +11 5.01 MB domenic
npm/jsfuzz@1.0.15 filesystem, shell Transitive: environment, eval, unsafe +140 10.7 MB yevgenyp
npm/mitata@0.1.8 None 0 22.3 kB evan
npm/mocha@10.3.0 environment, eval, filesystem +39 3.79 MB joshuakgoldberg
npm/node-fetch@3.3.2 network +4 201 kB node-fetch-bot
npm/p-timeout@3.2.0 None +1 10.5 kB sindresorhus
npm/pre-commit@1.2.2 environment, filesystem Transitive: shell +6 78.8 kB 3rdeden
npm/proxy@1.0.2 network Transitive: environment, filesystem, shell +5 83.1 kB tootallnate
npm/proxyquire@2.1.3 unsafe +4 96.8 kB bendrucker

🚮 Removed packages: npm/@babel/plugin-transform-modules-commonjs@7.26.3, npm/@babel/preset-typescript@7.26.0, npm/@isaacs/string-locale-compare@1.1.0, npm/@npmcli/arborist@7.5.4, npm/@npmcli/config@8.3.4, npm/@npmcli/eslint-config@4.0.5, npm/@npmcli/fs@3.1.1, npm/@npmcli/git@5.0.8, npm/@npmcli/map-workspaces@3.0.6, npm/@npmcli/package-json@5.2.1, npm/@npmcli/promise-spawn@7.0.2, npm/@npmcli/run-script@7.0.4, npm/@npmcli/template-oss@4.21.3, npm/@sigstore/tuf@2.3.4, npm/@tootallnate/once@1.1.2, npm/@tufjs/repo-mock@2.0.2, npm/@types/debug@4.1.12, npm/@types/jest@29.5.14, npm/@types/proxy-from-env@1.0.4, npm/@types/semver@7.5.8, npm/@types/tar@6.1.13, npm/@types/which@3.0.4, npm/@typescript-eslint/eslint-plugin@6.21.0, npm/@typescript-eslint/parser@6.21.0, npm/@yarnpkg/eslint-config@1.0.0, npm/@yarnpkg/fslib@3.1.1, npm/@zkochan/cmd-shim@6.0.0, npm/abbrev@2.0.0, npm/accepts@1.3.7, npm/ajv-formats-draft2019@1.6.1, npm/ajv-formats@2.1.1, npm/ajv@8.17.1, npm/ansi-escape-sequences@5.1.2, npm/any-promise@1.3.0, npm/array-back@4.0.2, npm/asn1.js-rfc5280@1.2.2, npm/asn1.js@4.10.1, npm/babel-plugin-dynamic-import-node@2.3.3, npm/basic-auth@2.0.1, npm/batch@0.6.1, npm/better-sqlite3@9.6.0, npm/byte-size@6.2.0, npm/bytes@3.1.0, npm/cacache@18.0.4, npm/cache-content-type@1.0.1, npm/clipanion@3.2.1, npm/co-body@6.1.0, npm/command-line-args@5.1.1, npm/command-line-usage@6.1.1, npm/common-log-format@1.0.0, npm/compressible@2.0.18, npm/content-disposition@0.5.3, npm/content-type@1.0.4, npm/cookies@0.8.0, npm/copy-to@2.0.1, npm/create-mixin@3.0.0, npm/delegates@1.0.0, npm/esbuild@0.19.5, npm/eslint-plugin-arca@0.16.0, npm/find-replace@3.0.0, npm/function-bind@1.1.1, npm/has@1.0.3, npm/http-assert@1.4.1, npm/inflation@2.0.0, npm/is-docker@2.2.1, npm/jsonparse@1.3.1, npm/jsonstream@1.3.5, npm/keygrip@1.1.0, npm/koa-bodyparser@4.3.0, npm/koa-compose@4.1.0, npm/koa-compress@3.1.0, npm/koa-conditional-get@2.0.0, npm/koa-convert@1.2.0, npm/koa-etag@3.0.0, npm/koa-is-json@1.0.0, npm/koa-json@2.0.2, npm/koa-morgan@1.0.1, npm/koa-range@0.3.0, npm/koa-route@3.2.0, npm/koa-send@5.0.1, npm/koa-static@5.0.0, npm/koa@2.13.1, npm/load-module@3.0.0, npm/local-web-server@4.2.1, npm/lodash.assignwith@4.2.0, npm/lodash.camelcase@4.3.0, npm/lodash.throttle@4.1.1, npm/lws-basic-auth@2.0.0, npm/lws-blacklist@3.0.0, npm/lws-body-parser@2.0.0, npm/lws-compress@2.0.0, npm/lws-conditional-get@2.0.0, npm/lws-cors@3.0.0, npm/lws-index@2.0.0, npm/lws-json@2.0.0, npm/lws-log@2.0.0, npm/lws-mime@2.0.0, npm/lws-range@3.0.0, npm/lws-request-monitor@2.0.0, npm/lws-rewrite@3.1.1, npm/lws-spa@3.0.0, npm/lws-static@2.0.0, npm/lws@3.1.0, npm/media-typer@0.3.0, npm/methods@1.1.2, npm/morgan@1.10.0, npm/mz@2.7.0, npm/negotiator@0.6.2, npm/node-version-matches@2.0.1, npm/on-headers@1.0.2, npm/only@0.0.2, npm/qrcode-terminal@0.12.0, npm/qs@6.10.1, npm/raw-body@2.4.1, npm/reduce-flatten@3.0.1, npm/resolve-path@1.4.0, npm/safer-buffer@2.1.2, npm/serve-index-75lb@2.0.1, npm/setprototypeof@1.1.1, npm/side-channel@1.0.4, npm/stream-log-stats@3.0.2, npm/stream-slice@0.1.2, npm/stream-via@1.0.4, npm/streaming-json-stringify@3.1.0, npm/table-layout@1.0.2, npm/tar@6.2.1, npm/thenify-all@1.6.0, npm/thenify@3.3.1, npm/through@2.3.8, npm/toidentifier@1.0.0, npm/ts-node@10.9.2, npm/tsscmp@1.0.6, npm/type-is@1.6.18, npm/typescript@5.7.3, npm/typical@6.0.1, npm/unpipe@1.0.0, npm/util-deprecate@1.0.2, npm/v8-compile-cache@2.4.0, npm/vary@1.1.2, npm/walk-back@4.0.0, npm/wordwrapjs@4.0.1, npm/ylru@1.2.1

View full report↗︎

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@matrix-compute @snyk-bot