Skip to content

[Snyk] Fix for 1 vulnerabilities#40

Open
robdyke wants to merge 1 commit intoremove-custom-frequencyfrom
snyk-fix-c359258e4b715096e801133fccde5410
Open

[Snyk] Fix for 1 vulnerabilities#40
robdyke wants to merge 1 commit intoremove-custom-frequencyfrom
snyk-fix-c359258e4b715096e801133fccde5410

Conversation

@robdyke
Copy link
Copy Markdown

@robdyke robdyke commented Apr 27, 2022

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • nh_graphs/dev/coffee/package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5		 Prototype Pollution
SNYK-JS-ASYNC-2441827		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: karma-sauce-launcher The new version differs by 46 commits.
  • 004d61d chore: release v1.2.0
  • f783f63 chore: update contributors
  • a21fbd9 chore(deps): update dev dependencies
  • 79c70c2 feat(config): expose commandTimeout, idleTimeout, maxDuration options
  • f607303 Merge branch 'master' of https://github.com/JamieMason/karma-sauce-launcher into JamieMason-master
  • 0362ad5 docs(readme): fix SauceLabs doc links
  • 0ac67d4 feat(config): allow SE traffic to be sent via Sauce Connect's Relay
  • 0219065 docs(readme): add hint to platform configurator
  • bae326f feat(config): pass parentTunnel to selenium
  • bae758a feat(config): add proxy option
  • e792677 feat(deps): upgrade sauce connect
  • 79b688c chore(travis): update build config
  • 1af7432 chore: release v1.1.0
  • 9939f1d chore: update contributors
  • de8fbcc chore: update dependencies
  • 747a19f feat: update deps and add new saucelabs config
  • 3fe1c75 feat(launcher): expose commandTimeout, idleTimeout, maxDuration options
  • 2e8ff42 chore: release v1.0.0
  • d2d331c chore: update contributors
  • 3a4467b version bump to 1.0
  • 18480ef chore: release v0.3.1
  • 7ba0aad chore: update contributors
  • c1e39f4 Merge pull request [Snyk] Security upgrade gulp from 3.9.0 to 4.0.0 #87 from petejohanson/master
  • 9a5a147 fix(reporter): Add adapters property for 0.13 compat.

See the full diff

Package name: sauce-connect-launcher The new version differs by 54 commits.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Apr 27, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@robdyke @snyk-bot