Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Upgrade: , , , , , , , execa, jsonpath-plus, openid-client, request, rfc4648, shelljs, stream-buffers, tar, tmp-promise, tslib, underscore, ws #118

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade: , , , , , , , execa, jsonpath-plus, openid-client, request, rfc4648, shelljs, stream-buffers, tar, tmp-promise, tslib, underscore, ws #118

wants to merge 1 commit into from

Conversation

roma8389
Copy link
Owner

@roma8389 roma8389 commented Sep 8, 2024

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

@types/js-yaml
from 4.0.1 to 4.0.9 | 8 versions ahead of your current version | 10 months ago
on 2023-11-07
@types/node
from 10.12.0 to 10.17.60 | 114 versions ahead of your current version | 3 years ago
on 2021-05-12
@types/request
from 2.47.1 to 2.48.12 | 13 versions ahead of your current version | 10 months ago
on 2023-11-07
@types/stream-buffers
from 3.0.3 to 3.0.7 | 4 versions ahead of your current version | 10 months ago
on 2023-11-07
@types/tar
from 4.0.3 to 4.0.5 | 2 versions ahead of your current version | 3 years ago
on 2021-07-02
@types/underscore
from 1.8.9 to 1.11.15 | 57 versions ahead of your current version | 10 months ago
on 2023-11-21
@types/ws
from 6.0.1 to 6.0.4 | 3 versions ahead of your current version | 5 years ago
on 2019-11-25
execa
from 5.0.0 to 5.1.1 | 3 versions ahead of your current version | 3 years ago
on 2021-06-04
jsonpath-plus
from 0.19.0 to 0.20.1 | 2 versions ahead of your current version | 5 years ago
on 2019-06-12
openid-client
from 4.1.1 to 4.9.1 | 21 versions ahead of your current version | 3 years ago
on 2021-10-13
request
from 2.88.0 to 2.88.2 | 1 version ahead of your current version | 5 years ago
on 2020-02-11
rfc4648
from 1.3.0 to 1.5.3 | 5 versions ahead of your current version | 10 months ago
on 2023-10-27
shelljs
from 0.8.4 to 0.8.5 | 1 version ahead of your current version | 3 years ago
on 2022-01-07
stream-buffers
from 3.0.2 to 3.0.3 | 1 version ahead of your current version | 3 months ago
on 2024-06-17
tar
from 6.1.9 to 6.2.1 | 8 versions ahead of your current version | 6 months ago
on 2024-03-21
tmp-promise
from 3.0.2 to 3.0.3 | 1 version ahead of your current version | 3 years ago
on 2021-10-26
tslib
from 1.9.3 to 1.14.1 | 8 versions ahead of your current version | 4 years ago
on 2020-10-09
underscore
from 1.12.1 to 1.13.7 | 12 versions ahead of your current version | a month ago
on 2024-07-24
ws
from 7.4.6 to 7.5.10 | 11 versions ahead of your current version | 3 months ago
on 2024-06-16

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Improper Privilege Management
SNYK-JS-SHELLJS-2332187		 676 Proof of Concept
high severity Denial of Service (DoS)
SNYK-JS-WS-7266574		 676 Proof of Concept
high severity Prototype Pollution
SNYK-JS-AJV-584908		 676 No Known Exploit
medium severity Uncontrolled Resource Consumption ('Resource Exhaustion')
SNYK-JS-TAR-6476909		 676 Proof of Concept
medium severity Open Redirect
SNYK-JS-GOT-2932019		 676 No Known Exploit
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-HTTPCACHESEMANTICS-3248783		 676 Proof of Concept
Release notes
Package name: @types/js-yaml
  • 4.0.9 - 2023-11-07
  • 4.0.8 - 2023-10-18
  • 4.0.7 - 2023-10-10
  • 4.0.6 - 2023-09-15
  • 4.0.5 - 2021-11-19
  • 4.0.4 - 2021-10-22
  • 4.0.3 - 2021-08-20
  • 4.0.2 - 2021-07-06
  • 4.0.1 - 2021-04-23
from @types/js-yaml GitHub release notes
Package name: @types/node
  • 10.17.60 - 2021-05-12
  • 10.17.59 - 2021-04-27
  • 10.17.58 - 2021-04-15
  • 10.17.57 - 2021-04-14
  • 10.17.56 - 2021-03-27
  • 10.17.55 - 2021-03-07
  • 10.17.54 - 2021-02-19
  • 10.17.53 - 2021-02-18
  • 10.17.52 - 2021-02-14
  • 10.17.51 - 2021-01-14
  • 10.17.50 - 2020-12-23
  • 10.17.49 - 2020-12-12
  • 10.17.48 - 2020-11-30
  • 10.17.47 - 2020-11-25
  • 10.17.46 - 2020-11-19
  • 10.17.45 - 2020-11-17
  • 10.17.44 - 2020-10-28
  • 10.17.43 - 2020-10-26
  • 10.17.42 - 2020-10-21
  • 10.17.41 - 2020-10-21
  • 10.17.40 - 2020-10-16
  • 10.17.39 - 2020-10-09
  • 10.17.38 - 2020-10-08
  • 10.17.37 - 2020-10-06
  • 10.17.36 - 2020-10-06
  • 10.17.35 - 2020-09-16
  • 10.17.34 - 2020-09-15
  • 10.17.33 - 2020-09-15
  • 10.17.32 - 2020-09-11
  • 10.17.31 - 2020-09-10
  • 10.17.30 - 2020-09-08
  • 10.17.29 - 2020-09-02
  • 10.17.28 - 2020-07-23
  • 10.17.27 - 2020-07-10
  • 10.17.26 - 2020-06-09
  • 10.17.25 - 2020-06-08
  • 10.17.24 - 2020-05-19
  • 10.17.23 - 2020-05-19
  • 10.17.22 - 2020-05-19
  • 10.17.21 - 2020-04-22
  • 10.17.20 - 2020-04-17
  • 10.17.19 - 2020-04-08
  • 10.17.18 - 2020-03-30
  • 10.17.17 - 2020-02-28
  • 10.17.16 - 2020-02-19
  • 10.17.15 - 2020-02-11
  • 10.17.14 - 2020-01-28
  • 10.17.13 - 2019-12-26
  • 10.17.12 - 2019-12-23
  • 10.17.11 - 2019-12-17
  • 10.17.10 - 2019-12-17
  • 10.17.9 - 2019-12-10
  • 10.17.8 - 2019-12-09
  • 10.17.7 - 2019-12-09
  • 10.17.6 - 2019-11-25
  • 10.17.5 - 2019-11-08
  • 10.17.4 - 2019-11-05
  • 10.17.3 - 2019-11-01
  • 10.17.2 - 2019-10-30
  • 10.17.1 - 2019-10-30
  • 10.17.0 - 2019-10-24
  • 10.14.22 - 2019-10-15
  • 10.14.21 - 2019-10-08
  • 10.14.20 - 2019-10-03
  • 10.14.19 - 2019-09-24
  • 10.14.18 - 2019-09-11
  • 10.14.17 - 2019-08-30
  • 10.14.16 - 2019-08-20
  • 10.14.15 - 2019-08-07
  • 10.14.14 - 2019-07-31
  • 10.14.13 - 2019-07-17
  • 10.14.12 - 2019-07-03
  • 10.14.11 - 2019-07-03
  • 10.14.10 - 2019-06-21
  • 10.14.9 - 2019-06-11
  • 10.14.8 - 2019-05-30
  • 10.14.7 - 2019-05-17
  • 10.14.6 - 2019-04-26
  • 10.14.5 - 2019-04-19
  • 10.14.4 - 2019-03-25
  • 10.14.3 - 2019-03-22
  • 10.14.2 - 2019-03-21
  • 10.14.1 - 2019-03-12
  • 10.14.0 - 2019-03-12
  • 10.12.30 - 2019-03-06
  • 10.12.29 - 2019-03-02
  • 10.12.28 - 2019-03-02
  • 10.12.27 - 2019-02-22
  • 10.12.26 - 2019-02-12
  • 10.12.25 - 2019-02-12
  • 10.12.24 - 2019-02-08
  • 10.12.23 - 2019-02-08
  • 10.12.22 - 2019-02-08
  • 10.12.21 - 2019-02-01
  • 10.12.20 - 2019-01-30
  • 10.12.19 - 2019-01-29
  • 10.12.18 - 2018-12-19
  • 10.12.17 - 2018-12-18
  • 10.12.16 - 2018-12-18
  • 10.12.15 - 2018-12-13
  • 10.12.14 - 2018-12-12
  • 10.12.13 - 2018-12-12
  • 10.12.12 - 2018-12-03
  • 10.12.11 - 2018-11-29
  • 10.12.10 - 2018-11-21
  • 10.12.9 - 2018-11-15
  • 10.12.8 - 2018-11-15
  • 10.12.7 - 2018-11-13
  • 10.12.6 - 2018-11-12
  • 10.12.5 - 2018-11-09
  • 10.12.4 - 2018-11-09
  • 10.12.3 - 2018-11-07
  • 10.12.2 - 2018-11-01
  • 10.12.1 - 2018-10-29
  • 10.12.0 - 2018-10-15
from @types/node GitHub release notes
Package name: @types/request
  • 2.48.12 - 2023-11-07
  • 2.48.11 - 2023-10-18
  • 2.48.10 - 2023-10-10
  • 2.48.9 - 2023-09-27
  • 2.48.8 - 2022-01-01
  • 2.48.7 - 2021-07-28
  • 2.48.6 - 2021-07-07
  • 2.48.5 - 2020-05-15
  • 2.48.4 - 2019-12-17
  • 2.48.3 - 2019-09-09
  • 2.48.2 - 2019-07-13
  • 2.48.1 - 2018-11-05
  • 2.48.0 - 2018-10-27
  • 2.47.1 - 2018-06-15
from @types/request GitHub release notes
Package name: @types/stream-buffers
  • 3.0.7 - 2023-11-07
  • 3.0.6 - 2023-10-18
  • 3.0.5 - 2023-09-25
  • 3.0.4 - 2021-07-02
  • 3.0.3 - 2019-04-24
from @types/stream-buffers GitHub release notes
Package name: @types/tar
  • 4.0.5 - 2021-07-02
  • 4.0.4 - 2020-11-18
  • 4.0.3 - 2019-07-10
from @types/tar GitHub release notes
Package name: @types/underscore
  • 1.11.15 - 2023-11-21
  • 1.11.14 - 2023-11-10
  • 1.11.13 - 2023-11-07
  • 1.11.12 - 2023-10-18
  • 1.11.11 - 2023-10-10
  • 1.11.10 - 2023-10-06
  • 1.11.9 - 2023-08-30
  • 1.11.8 - 2023-08-25
  • 1.11.7 - 2023-08-22
  • 1.11.6 - 2023-07-21
  • 1.11.5 - 2023-05-25
  • 1.11.4 - 2021-12-01
  • 1.11.3 - 2021-07-02
  • 1.11.2 - 2021-04-24
  • 1.11.1 - 2021-04-06
  • 1.11.0 - 2021-03-02
  • 1.10.24 - 2020-09-25
  • 1.10.23 - 2020-09-14
  • 1.10.22 - 2020-08-17
  • 1.10.21 - 2020-08-11
  • 1.10.20 - 2020-08-10
  • 1.10.19 - 2020-08-06
  • 1.10.18 - 2020-07-31
  • 1.10.17 - 2020-07-29
  • 1.10.16 - 2020-07-28
  • 1.10.15 - 2020-07-28
  • 1.10.14 - 2020-07-25
  • 1.10.13 - 2020-07-24
  • 1.10.12 - 2020-07-21
  • 1.10.11 - 2020-07-20
  • 1.10.10 - 2020-07-19
  • 1.10.9 - 2020-07-15
  • 1.10.8 - 2020-07-15
  • 1.10.7 - 2020-07-11
  • 1.10.6 - 2020-07-10
  • 1.10.5 - 2020-07-07
  • 1.10.4 - 2020-07-05
  • 1.10.3 - 2020-07-02
  • 1.10.2 - 2020-06-28
  • 1.10.1 - 2020-06-18
  • 1.10.0 - 2020-05-04
  • 1.9.4 - 2019-11-18
  • 1.9.3 - 2019-09-18
  • 1.9.2 - 2019-07-01
  • 1.9.1 - 2019-06-24
  • 1.9.0 - 2019-06-19
  • 1.8.20 - 2019-06-17
  • 1.8.19 - 2019-06-12
  • 1.8.18 - 2019-05-15
  • 1.8.17 - 2019-05-15
  • 1.8.16 - 2019-05-13
  • 1.8.15 - 2019-05-13
  • 1.8.14 - 2019-04-03
  • 1.8.13 - 2019-03-05
  • 1.8.12 - 2019-03-02
  • 1.8.11 - 2019-02-28
  • 1.8.10 - 2019-02-28
  • 1.8.9 - 2018-08-15
from @types/underscore GitHub release notes
Package name: @types/ws
  • 6.0.4 - 2019-11-25
  • 6.0.3 - 2019-08-23
  • 6.0.2 - 2019-08-05
  • 6.0.1 - 2018-09-06
from @types/ws GitHub release notes
Package name: execa from execa GitHub release notes
Package name: jsonpath-plus from jsonpath-plus GitHub release notes
Package name: openid-client
  • 4.9.1 - 2021-10-13

    Bug Fixes

    • do not implicitly calculate key ids for Client instances (46e44e7), closes #379
  • 4.9.0 - 2021-09-20

    Features

  • 4.8.0 - 2021-09-15

    Features

    • OAuth 2.0 Pushed Authorization Requests (PAR) is now a stable feature (327f366)
  • 4.7.5 - 2021-08-30

    Bug Fixes

    • typescript: add remaining properties from RFC7662 (#398) (166e89b)
  • 4.7.4 - 2021-05-25

    Bug Fixes

    • typescript: add a missing PATCH method to requestResource (6b2c3ce), closes #368
  • 4.7.3 - 2021-04-30

    Bug Fixes

    • fapi: validate ID Token's iat regardless of which channel it came from (b68b9ab)
  • 4.7.2 - 2021-04-23

    Bug Fixes

    • typescript: add types for 4.6.0 additions (9064136)
  • 4.7.1 - 2021-04-22

    Bug Fixes

    • typescript: add types for 4.7.0 additions (2c1d2ab)
  • 4.7.0 - 2021-04-22

    Features

  • 4.6.0 - 2021-03-25

    Features

    • added OAuth 2.0 Pushed Authorization Requests client API (e7af9f5), closes #259
  • 4.5.2 - 2021-03-24
  • 4.5.1 - 2021-03-15
  • 4.5.0 - 2021-03-10
  • 4.4.2 - 2021-03-07
  • 4.4.1 - 2021-02-26
  • 4.4.0 - 2021-01-29
  • 4.3.0 - 2021-01-22
  • 4.2.3 - 2021-01-18
  • 4.2.2 - 2020-11-30
  • 4.2.1 - 2020-10-27
  • 4.2.0 - 2020-10-03
  • 4.1.1 - 2020-09-14
from openid-client GitHub release notes
Package name: request from request GitHub release notes
Package name: rfc4648
  • 1.5.3 - 2023-10-27

    v1.5.3

  • 1.5.2 - 2022-05-30

    v1.5.2

  • 1.5.1 - 2022-01-04

    v1.5.1

  • 1.5.0 - 2021-05-25

    Allow modern versions of Node to use named exports when utilizing native modules support.

  • 1.4.0 - 2020-07-10

    v1.4.0

  • 1.3.0 - 2019-09-25

    This release ports everything over to TypeScript. There is no code size penalty (Babel + rollup.js are still awesome), and now we ship with type information.

from rfc4648 GitHub release notes
Package name: shelljs
  • 0.8.5 - 2022-01-07

    This was a small security fix for #1058.

  • 0.8.4 - 2020-04-25

    Small patch release to fix a circular dependency warning in node v14. See #973.

from shelljs GitHub release notes
Package name: stream-buffers from stream-buffers GitHub release notes
Package name: tar from tar GitHub release notes
Package name: tmp-promise
  • 3.0.3 - 2021-10-26
  • 3.0.2 - 2020-05-10

    update dependencies, add publish script, use strict mode

from tmp-promise GitHub release notes
Package name: tslib
  • 1.14.1 - 2020-10-09
  • 1.14.0 - 2020-10-06
  • 1.13.0 - 2020-05-13
  • 1.12.0 - 2020-05-12
  • 1.11.2 - 2020-05-05
  • 1.11.1 - 2020-02-27
  • 1.11.0 - 2020-02-20
  • 1.10.0 - 2019-06-10
  • 1.9.3 - 2018-06-22
from tslib GitHub release notes
Package name: underscore
  • 1.13.7 - 2024-07-24

    DataView bugfix, source links, dark mode and other improvements

  • 1.13.6 - 2022-09-23

    Hotfix after 1.13.5 to remove postinstall script

  • 1.13.5 - 2022-09-23

    Patch to add exports.require.module, plus testing updates

  • 1.13.4 - 2022-06-02

    Patch release to address WebPack module federation issue

  • 1.13.3 - 2022-04-23

    Patch release with improved compatibility with ExtendScript

  • 1.13.2 - 2021-12-16

    Underscore 1.13.2 -- minor bugfixes and improved documentation

  • 1.13.1 - 2021-04-15

    Restores the underscore.js UMD alias to git

  • 1.13.0 - 2021-04-09

    Node.js native ESM support in main release stream, docs updates

  • 1.13.0-3 - 2021-03-31

    Preview release that adds the "module" exports condition

  • 1.13.0-2 - 2021-03-15
  • 1.13.0-1 - 2021-03-11
  • 1.13.0-0 - 2021-03-10
  • 1.12.1 - 2021-03-15

    Security fix in _.template and restored optimization in _.debounce.

from underscore GitHub release notes
Package name: ws
  • 7.5.10 - 2024-06-16

    Bug fixes

  • 7.5.9 - 2022-07-15
  • 7.5.8 - 2022-05-26
  • 7.5.7 - 2022-02-07
  • 7.5.6 - 2021-11-23
  • 7.5.5 - 2021-09-08
  • 7.5.4 - 2021-08-28
  • 7.5.3 - 2021-07-10
  • 7.5.2 - 2021-07-04
  • 7.5.1 - 2021-06-29
  • 7.5.0 - 2021-06-16
  • 7.4.6 - 2021-05-25
from ws GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"","from":"types/js-yaml","to":"types/js-yaml"},{"name":"","from":"types/node","to":"types/node"},{"name":"","from":"types/request","to":"types/request"},{"name":"","from":"types/stream-buffers","to":"types/stream-buffers"},{"name":"","from":"types/tar","to":"types/tar"},{"name":"","from":"types/underscore","to":"types/underscore"},{"name":"","from":"types/ws","to":"types/ws"},{"name":"execa","from":"5.0.0","to":"5.1.1"},{"name":"jsonpath-plus","from":"0.19.0","to":"0.20.1"},{"name":"openid-client","from":"4.1.1","to":"4.9.1"},{"name":"request","from":"2.88.0","to":"2.88.2"},{"name":"rfc4648","from":"1.3.0","to":"1.5.3"},{"name":"shelljs","from":"0.8.4","to":"0.8.5"},{"name":"stream-buffers","from":"3.0.2","to":"3.0.3"},{"name":"tar","from":"6.1.9","to":"6.2.1"},{"name":"tmp-promise","from":"3.0.2","to":"3.0.3"},{"name":"tslib","from":"1.9.3","to":"1.14.1"},{"name":"underscore","from":"1.12.1","to":"1.13.7"},{"name":"ws","from":"7.4.6","to":"7.5.10"}],"env":"prod","hasFixes":true,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":[{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SHELLJS-2332187","issue_id":"SNYK-JS-SHELLJS-2332187","priority_score":676,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.1","score":355},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Improper Privilege Management"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-WS-7266574","issue_id":"SNYK-JS-WS-7266574","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-AJV-584908","issue_id":"SNYK-JS-AJV-584908","priority_score":619,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-TAR-6476909","issue_id":"SNYK-JS-TAR-6476909","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-GOT-2932019","issue_id":"SNYK-JS-GOT-2932019","priority_score":484,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.4","score":270},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Open Redirect"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-HTTPCACHESEMANTICS-3248783","issue_id":"SNYK-JS-HTTPCACHESEMANTICS-3248783","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"}],"prId":"2978536b-7db2-4884-90a3-4ba6052078da","prPublicId":"2978536b-7db2-4884-90a3-4ba6052078da","packageManager":"npm","priorityScoreList":[676,696,619,646,484,586],"projectPublicId":"7873cf15-3c44-4d49-b218-ced57450efdb","projectUrl":"https://app.snyk.io/org/roma8389/project/7873cf15-3c44-4d49-b218-ced57450efdb?utm_source=github&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["priorityScore"],"type":"auto","upgrade":["SNYK-JS-SHELLJS-2332187","SNYK-JS-WS-7266574","SNYK-JS-AJV-584908","SNYK-JS-TAR-6476909","SNYK-JS-GOT-2932019","SNYK-JS-HTTPCACHESEMANTICS-3248783"],"upgradeInfo":{"versionsDiff":8,"publishedDate":"2023-11-07T20:20:13.264Z"},"vulns":["SNYK-JS-SHELLJS-2332187","SNYK-JS-WS-7266574","SNYK-JS-AJV-584908","SNYK-JS-TAR-6476909","SNYK-JS-GOT-2932019","SNYK-JS-HTTPCACHESEMANTICS-3248783"]}'

@snyk-bot
fix: upgrade multiple dependencies with Snyk
2797cc9 
Snyk has created this PR to upgrade:
  - @types/js-yaml from 4.0.1 to 4.0.9.
    See this package in npm: https://www.npmjs.com/package/@types/js-yaml
  - @types/node from 10.12.0 to 10.17.60.
    See this package in npm: https://www.npmjs.com/package/@types/node
  - @types/request from 2.47.1 to 2.48.12.
    See this package in npm: https://www.npmjs.com/package/@types/request
  - @types/stream-buffers from 3.0.3 to 3.0.7.
    See this package in npm: https://www.npmjs.com/package/@types/stream-buffers
  - @types/tar from 4.0.3 to 4.0.5.
    See this package in npm: https://www.npmjs.com/package/@types/tar
  - @types/underscore from 1.8.9 to 1.11.15.
    See this package in npm: https://www.npmjs.com/package/@types/underscore
  - @types/ws from 6.0.1 to 6.0.4.
    See this package in npm: https://www.npmjs.com/package/@types/ws
  - execa from 5.0.0 to 5.1.1.
    See this package in npm: https://www.npmjs.com/package/execa
  - jsonpath-plus from 0.19.0 to 0.20.1.
    See this package in npm: https://www.npmjs.com/package/jsonpath-plus
  - openid-client from 4.1.1 to 4.9.1.
    See this package in npm: https://www.npmjs.com/package/openid-client
  - request from 2.88.0 to 2.88.2.
    See this package in npm: https://www.npmjs.com/package/request
  - rfc4648 from 1.3.0 to 1.5.3.
    See this package in npm: https://www.npmjs.com/package/rfc4648
  - shelljs from 0.8.4 to 0.8.5.
    See this package in npm: https://www.npmjs.com/package/shelljs
  - stream-buffers from 3.0.2 to 3.0.3.
    See this package in npm: https://www.npmjs.com/package/stream-buffers
  - tar from 6.1.9 to 6.2.1.
    See this package in npm: https://www.npmjs.com/package/tar
  - tmp-promise from 3.0.2 to 3.0.3.
    See this package in npm: https://www.npmjs.com/package/tmp-promise
  - tslib from 1.9.3 to 1.14.1.
    See this package in npm: https://www.npmjs.com/package/tslib
  - underscore from 1.12.1 to 1.13.7.
    See this package in npm: https://www.npmjs.com/package/underscore
  - ws from 7.4.6 to 7.5.10.
    See this package in npm: https://www.npmjs.com/package/ws

See this project in Snyk:
https://app.snyk.io/org/roma8389/project/7873cf15-3c44-4d49-b218-ced57450efdb?utm_source=github&utm_medium=referral&page=upgrade-pr
@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 8, 2024
edited
Loading

Mega-Linter status: ❌ ERROR

Descriptor Linter Files Fixed Errors Elapsed time
❌ COPYPASTE jscpd yes 5637 222.26s
❌ CREDENTIALS secretlint yes 1 294.97s
✅ EDITORCONFIG editorconfig-checker 2 0 1.26s
✅ GIT git_diff yes no 0.11s
✅ JSON eslint-plugin-jsonc 2 0 0 2.3s
✅ JSON jsonlint 2 0 1.05s
✅ JSON prettier 2 2 0 2.09s
✅ JSON v8r 2 0 9.91s
❌ SPELL cspell 2 12 2.84s
✅ SPELL misspell 2 0 0 0.12s

See errors details in artifact Mega-Linter reports on GitHub Action page
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@roma8389 @snyk-bot