[Snyk] Security upgrade marked from 0.3.19 to 1.1.1 by snyk-bot · Pull Request #9 · scality/node

snyk-bot · 2020-07-27T23:40:35Z

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- tools/doc/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Breaking Change	Exploit Maturity
	Regular Expression Denial of Service (ReDoS ) SNYK-JS-MARKED-584281	Yes	No Known Exploit

Commit messages

Package name: marked

The new version differs by 250 commits.

1ad8e69 Merge pull request docs: state decoding behavior for url pathname nodejs/node#1731 from UziTech/release-1.1.1
7e17526 1.1.1
7fbee6e Merge pull request core: set PROVIDER type as Persistent class id nodejs/node#1730 from UziTech/update-deps
6f7522f Merge pull request Which is the future of compatibility of nodejs and iojs after joining Node Foundation? nodejs/node#1729 from UziTech/quick-ref
f8024eb remove ending slash
524ae66 remove ending slash
0d6e056 build
04ac593 update dev deps
f36f676 🗜️ build [skip ci]
dddf9ae Merge pull request tools: make eslint work on subdirectories nodejs/node#1686 from calculuschild/EmphasisFixes
6b729ed Merge branch 'EmphasisFixes' of https://github.com/calculuschild/marked into EmphasisFixes
e27e6f9 Sorted strong and em into sub-objects
a761316 Merge pull request Add more robust option parsing [WIP] nodejs/node#1726 from UziTech/show-rules
f8193ed add npm run rules
ad720c1 Make emEnd const
1fb141d Make strEnd const
226bbe7 Lint
cc778ad Removed redundancy in "startEM" check
211b9f9 Removed Lookbehinds
982b57e Merge pull request crypto: fix legacy SNICallback nodejs/node#1720 from vassudanagunta/docs-patch-1
2a847e6 clarify level of support for Markdown flavors
bd4f8c4 Fix unrestricted "any character" for REDOS
4e7902e Gaaaah lint
4db32dc Links are masked only once per inline string

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MARKED-584281

fix: tools/doc/package.json to reduce vulnerabilities

8b9706c

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MARKED-584281

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Security upgrade marked from 0.3.19 to 1.1.1#9

[Snyk] Security upgrade marked from 0.3.19 to 1.1.1#9
snyk-bot wants to merge 1 commit into
masterfrom
snyk-fix-30a88255f60dd037a2a86d11b4725085

snyk-bot commented Jul 27, 2020

Labels

1 participant

Conversation