[Snyk] Upgrade: , axios, , node-fetch, bcrypt, config, connect-sqlite3, dotenv, eta, express-session, helmet, jsonwebtoken, mongoose, nodemailer, passport, redis, socket.io, uuid #66
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade:
- @consumet/extensions from 1.5.6 to 1.7.0.
See this package in npm: https://www.npmjs.com/package/@consumet/extensions
- axios from 1.7.4 to 1.7.6.
See this package in npm: https://www.npmjs.com/package/axios
- @sendgrid/mail from 8.1.2 to 8.1.3.
See this package in npm: https://www.npmjs.com/package/@sendgrid/mail
- node-fetch from 2.6.7 to 2.7.0.
See this package in npm: https://www.npmjs.com/package/node-fetch
- bcrypt from 5.1.0 to 5.1.1.
See this package in npm: https://www.npmjs.com/package/bcrypt
- config from 3.3.8 to 3.3.12.
See this package in npm: https://www.npmjs.com/package/config
- connect-sqlite3 from 0.9.13 to 0.9.15.
See this package in npm: https://www.npmjs.com/package/connect-sqlite3
- dotenv from 16.0.3 to 16.4.5.
See this package in npm: https://www.npmjs.com/package/dotenv
- eta from 2.0.1 to 2.2.0.
See this package in npm: https://www.npmjs.com/package/eta
- express-session from 1.17.3 to 1.18.0.
See this package in npm: https://www.npmjs.com/package/express-session
- helmet from 6.0.1 to 6.2.0.
See this package in npm: https://www.npmjs.com/package/helmet
- jsonwebtoken from 9.0.0 to 9.0.2.
See this package in npm: https://www.npmjs.com/package/jsonwebtoken
- mongoose from 8.0.0 to 8.6.0.
See this package in npm: https://www.npmjs.com/package/mongoose
- nodemailer from 6.9.9 to 6.9.14.
See this package in npm: https://www.npmjs.com/package/nodemailer
- passport from 0.6.0 to 0.7.0.
See this package in npm: https://www.npmjs.com/package/passport
- redis from 4.6.2 to 4.7.0.
See this package in npm: https://www.npmjs.com/package/redis
- socket.io from 4.6.2 to 4.7.5.
See this package in npm: https://www.npmjs.com/package/socket.io
- uuid from 9.0.0 to 9.0.1.
See this package in npm: https://www.npmjs.com/package/uuid
See this project in Snyk:
https://app.snyk.io/org/wearrrrr/project/c5221bf9-95a7-4382-b968-38dcab93a98c?utm_source=github&utm_medium=referral&page=upgrade-pr
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade multiple dependencies.
👯♂ The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
@consumet/extensions
from 1.5.6 to 1.7.0 | 2 versions ahead of your current version | 2 months ago
on 2024-07-24
axios
from 1.7.4 to 1.7.6 | 2 versions ahead of your current version | 22 days ago
on 2024-08-30
@sendgrid/mail
from 8.1.2 to 8.1.3 | 1 version ahead of your current version | 6 months ago
on 2024-04-02
node-fetch
from 2.6.7 to 2.7.0 | 7 versions ahead of your current version | a year ago
on 2023-08-23
bcrypt
from 5.1.0 to 5.1.1 | 1 version ahead of your current version | a year ago
on 2023-08-16
config
from 3.3.8 to 3.3.12 | 4 versions ahead of your current version | 3 months ago
on 2024-06-25
connect-sqlite3
from 0.9.13 to 0.9.15 | 1 version ahead of your current version | 6 months ago
on 2024-03-11
dotenv
from 16.0.3 to 16.4.5 | 17 versions ahead of your current version | 7 months ago
on 2024-02-20
eta
from 2.0.1 to 2.2.0 | 4 versions ahead of your current version | a year ago
on 2023-05-17
express-session
from 1.17.3 to 1.18.0 | 1 version ahead of your current version | 8 months ago
on 2024-01-28
helmet
from 6.0.1 to 6.2.0 | 7 versions ahead of your current version | a year ago
on 2023-05-06
jsonwebtoken
from 9.0.0 to 9.0.2 | 2 versions ahead of your current version | a year ago
on 2023-08-30
mongoose
from 8.0.0 to 8.6.0 | 32 versions ahead of your current version | 24 days ago
on 2024-08-28
nodemailer
from 6.9.9 to 6.9.14 | 5 versions ahead of your current version | 3 months ago
on 2024-06-19
passport
from 0.6.0 to 0.7.0 | 1 version ahead of your current version | 10 months ago
on 2023-11-27
redis
from 4.6.2 to 4.7.0 | 14 versions ahead of your current version | 2 months ago
on 2024-07-29
socket.io
from 4.6.2 to 4.7.5 | 6 versions ahead of your current version | 6 months ago
on 2024-03-14
uuid
from 9.0.0 to 9.0.1 | 1 version ahead of your current version | a year ago
on 2023-09-12
Release notes
Package name: @consumet/extensions
-
1.7.0 - 2024-07-24
- feat(zoro): added search suggestions by @ jasanpreetn9 in #536
- fix(zoro): Resolve null banner issue in fetchSpotlight by @ jasanpreetn9 in #538
- fix(zoro): fetchEpisodeSources by @ carlosesteven in #543
- fix(extractor): Rabbit by @ drblgn in #542
- refactor(anify): Change base endpoint by @ codeblitz97 in #558
- fix(gogoanime): include brackets in subOrDub filter by @ MelvinHK in #557
- feat: add readmanga.app provider by @ ReneAslanov in #556
- refactor(anilist) by @ isaactan98 in #560
- refactor(anify): Add base url as a global constant by @ codeblitz97 in #561
- refactor(fmovies.ts) by @ Anupm0 in #552
- build(deps): bump actions/setup-node from 4.0.2 to 4.0.3 by @ dependabot in #559
- fix(gogoanime): Download link not showing properly on other server+optimize header streamwish by @ hase0278 in #564
- feat(mangadex): Add cover image to the search results by @ gilbertlucas46 in #563
- feat: add animedrive.hu provider by @ ferivoq in #555
- @ drblgn made their first contribution in #537
- @ codeblitz97 made their first contribution in #558
- @ isaactan98 made their first contribution in #560
- @ Anupm0 made their first contribution in #552
- @ gilbertlucas46 made their first contribution in #563
- @ ferivoq made their first contribution in #555
-
1.6.0 - 2024-05-20
- fix(gogoanime): Episode number of episodes with decimal point showing… by @ hase0278 in #474
- bugfix: extract url source at flixhq by @ dhelbegor in #478
- feat: add fetch by country at flixhq.ts by @ dhelbegor in #469
- Gogo - Added Genres and Release Date for fetchAnimeList(), Includes test by @ weedeej in #477
- Add genre route to flixHQ provider by @ dhelbegor in #476
- Fix AnimeUnity episodes info by @ aleganza in #473
- Feat(dramacool): add (genres, duration, status) to fetchMediaInfo by @ carlosesteven in #479
- new endpoint added in mangadex like fetchrandom,fetchRecentlyAdded,fe… by @ kodify-js in #481
- Updated gogoanime ajax url by @ shashstormer in #485
- Fix(zoro): update the extractor in fetchEpisodeSources and update zoro domain. by @ carlosesteven in #482
- feat(zoro): added fetchStudio by @ jasanpreetn9 in #490
- fix(zoro): fixed hasNextPage always being true by @ bitknox in #491
- feat(zoro): Fetches the schedule for a given date. by @ jasanpreetn9 in #492
- Update comick.ts by @ Toasty360 in #493
- feat(zero): added fetchSpotlight by @ jasanpreetn9 in #495
- Feat gogo extra fields by @ weedeej in #494
- refactor: refactor code at zoro by @ jasanpreetn9 in #496
- feat(zoro): added additional meta data to fetchAnimeInfo by @ jasanpreetn9 in #498
- added turkish123 by @ Toasty360 in #499
- fixed viewasian streaming links issue by @ Toasty360 in #501
- build(deps): bump actions/setup-node from 4.0.1 to 4.0.2 by @ dependabot in #460
- feat(gogoanime): get direct download link from download link by @ hase0278 in #505
- fix(9anime) Update domain by @ erynith in #510
- refactor(gogoanime): Refactor fetchEpisodeSources by @ hase0278 in #514
- Fix MegaCloud extractVariables (Zoro) by @ Kylart in #520
- fix: animesaturn scraper by @ aleganza in #519
- Fix Megacloud extractVariables for Zoro by @ Kylart in #521
- feat:optional custom domain for zoro&gogo by @ shivang2607 in #526
- fix(gogoanime): fetchDirectDownloadLink by @ hase0278 in #527
- Fix title scrape in GogoAnime search() by @ MelvinHK in #530
- fix(streamwish): Grab video sources extractor by @ hase0278 in #529
- fix: AnimeUnity episode sources by @ aleganza in #534
- fix: issue #523 allows a broader range of totalSeasons values by @ ICEPrey in #524
- feat: AnimeUnity more episode sources by @ aleganza in #535
- @ dhelbegor made their first contribution in #478
- @ carlosesteven made their first contribution in #479
- @ kodify-js made their first contribution in #481
- @ shashstormer made their first contribution in #485
- @ jasanpreetn9 made their first contribution in #490
- @ erynith made their first contribution in #510
- @ Kylart made their first contribution in #520
- @ shivang2607 made their first contribution in #526
- @ MelvinHK made their first contribution in #530
- @ ICEPrey made their first contribution in #524
-
1.5.6 - 2024-02-25
- build(deps): bump github/codeql-action from 2 to 3 by @ dependabot in #442
- build(deps): bump actions/setup-node from 4.0.0 to 4.0.1 by @ dependabot in #443
- include outro when extracting from rapidcloud by @ bitknox in #448
- fix(util): fix null TypeError in getHashFromImage by @ bitknox in #446
- Add AnimeUnity provider by @ aleganza in #449
- feat(TMDB): Trending API by @ EhsanFox in #445
- feat(zoro): extra functions by @ shubham7101 in #453
- gogoanime: Update provider url to https://gogoanime3.co/ by @ hase0278 in #458
- fix(rabbitstream): keys by @ BeamlakAschalew in #464
- Switch rabbitstream keys back to github based by @ eatmynerds in #465
- fix(gogoanime): scraping text fields by @ weedeej in #472
- feat(gogoanime): Anime List by @ hase0278 in #466
- @ EhsanFox made their first contribution in #445
- @ shubham7101 made their first contribution in #453
- @ BeamlakAschalew made their first contribution in #464
- @ eatmynerds made their first contribution in #465
- @ weedeej made their first contribution in #472
from @consumet/extensions GitHub release notesWhat's Changed
New Contributors
Full Changelog: v1.6.0...v1.7.0
What's Changed
New Contributors
Full Changelog: v1.5.6...v1.6.0
What's Changed
New Contributors
Full Changelog: v1.5.5...v1.5.6
Package name: axios
-
1.7.6 - 2024-08-30
- fetch: fix content length calculation for FormData payload; (#6524) (085f568)
- fetch: optimize signals composing logic; (#6582) (df9889b)
Dmitriy Mozgovoy
Jacques Germishuys
kuroino721
-
1.7.5 - 2024-08-23
- adapter: fix undefined reference to hasBrowserEnv (#6572) (7004707)
- core: add the missed implementation of AxiosError#status property; (#6573) (6700a8a)
- core: fix
- fetch: fix credentials handling in Cloudflare workers (#6533) (550d885)
Dmitriy Mozgovoy
Antonin Bas
Hans Otto Wirtz
-
1.7.4 - 2024-08-13
- sec: CVE-2024-39338 (#6539) (#6543) (6b6b605)
- sec: disregard protocol-relative URL to remediate SSRF (#6539) (07a661a)
Lev Pachmanov
Đỗ Trọng Hải
from axios GitHub release notesRelease notes:
Bug Fixes
Contributors to this release
Release notes:
Bug Fixes
ReferenceError: navigator is not definedfor custom environments; (#6567) (fed1a4b)Contributors to this release
Release notes:
Bug Fixes
Contributors to this release
Package name: @sendgrid/mail
-
8.1.3 - 2024-04-02
- PR #1396: Manual release. Thanks to @ manisha1997!
- PR #1395: fixed axios vulnerability CVE-2024-28849. Thanks to @ tiwarishubham635!
-
8.1.2 - 2024-04-01
- No Change. Manual release.
from @sendgrid/mail GitHub release notesRelease Notes
Library - Fix
Library - Chore
Release Notes
Library - Chore
Package name: node-fetch
2.7.0 (2023-08-23)
Features
AbortError(