Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Fix for 1 vulnerabilities #1330

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link

@snyk-bot snyk-bot commented Jan 9, 2023

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • integrations/adobe-analytics/package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
low severity 461/1000
Why? Recently disclosed, Has a fix available, CVSS 3.5
Regular Expression Denial of Service (ReDoS)
SNYK-JS-DEBUG-3227433
Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: eslint The new version differs by 250 commits.
  • 439e8e6 4.7.0
  • 2ec62f9 Build: changelog update for 4.7.0
  • 787b78b Upgrade: Espree v3.5.1 (fixes #9153) (#9314)
  • 1488b51 Update: run rules after `node.parent` is already set (fixes #9122) (#9283)
  • 4431d68 Docs: fix wrong config in max-len example. (#9309)
  • 9d1df92 Chore: Revert "avoid handling Rules instances in config-validator" (#9295)
  • 7d24dde Docs: Fix code snippet to refer to the correct option (#9313)
  • 12388d4 �Chore: rewrite parseListConfig for a small perf gain. (#9300)
  • ce1f084 Update: fix MemberExpression handling in no-extra-parens (fixes #9156)
  • 0c720a3 Update: allow autofixing when using processors (fixes #7510) (#9090)
  • 838df76 Chore: upgrade deps. (#9289)
  • f12def6 Update: indent flatTernary option to handle `return` (fixes #9285) (#9296)
  • e220687 Fix: remove autofix for var undef inits (fixes #9231) (#9288)
  • 002e199 Docs: fix no-restricted-globals wrong config. (#9305)
  • fcfe91a Docs: fix wrong config in id-length example. (#9303)
  • 2731f94 Update: make newline-per-chained-call fixable (#9149)
  • 61f1093 Chore: avoid monkeypatching Linter instances in RuleTester (#9276)
  • 28929cb Chore: remove Linter#reset (refs #9161) (#9268)
  • abc8634 Build: re-run browserify when generating site (#9275)
  • 7685fed Fix: IIFE and arrow functions in no-invalid-this (fixes #9126) (#9258)
  • 7c95d5d Chore: avoid handling Rules instances in config-validator (#9277)
  • 2b1eba2 Chore: enable eslint-plugin/no-deprecated-context-methods (#9279)
  • 981f933 Fix: reuse the AST of source code object in verify (#9256)
  • cd698ba Docs: move RuleTester documentation to Node.js API page (#9273)

See the full diff

Package name: karma The new version differs by 250 commits.
  • a4d5bdc chore: release v3.0.0
  • 75f466d chore: release v2.0.6
  • 5db9399 chore: update contributors
  • eb3b1b4 chore(deps): update mime -> 2.3.1 (#3107)
  • 732396a fix(travis): Up the socket timeout 2->20s. (#3103)
  • 173848e Remove erroneous change log entries for 2.0.3
  • 1002569 chore(ci): drop node 9 from travis tests (#3100)
  • 02f54c6 fix(server): Exit clean on unhandledRejections. (#3092)
  • 0fdd8f9 chore(deps): update socket.io -> 2.1.1 (#3099)
  • 90f5546 fix(travis): use the value not the key name. (#3097)
  • fba5d36 fix(travis): validate TRAVIS_COMMIT if TRAVIS_PULL_REQUEST_SHA is not set. (#3094)
  • 56fda53 fix(init): add "ChromeHeadless" to the browsers' options (#3096)
  • f6d2f0e fix(config): Wait 30s for browser activity per Travis. (#3091)
  • a58fa45 fix(travis): Validate TRAVIS_PULL_REQUEST_SHA rather than TRAVIS_COMMIT. (#3093)
  • 88b977f fix(config): wait 20s for browser activity. (#3087)
  • 94a6728 chore: remove support for node 4, update log4js (#3082)
  • c5dc62d docs: better clarity for API usage
  • 0018947 chore: release v2.0.5
  • 02dc1f4 chore: update contributors
  • dc7265b fix(browser): ensure browser state is EXECUTING when tests start (#3074)
  • 7617279 refactor(filelist): rename promise -> lastCompletedRefresh and remove unused promise (#3060)
  • a701732 fix(doc): Document release steps for admins (#3063)
  • 93ba05a fix(middleware): Obey the Promise API.
  • 518cb11 fix: remove circular reference in Browser

See the full diff

Package name: mocha The new version differs by 250 commits.
  • d69bf14 Release v4.0.0
  • 171b9f9 pfix "prepublishOnly" potential portability problem
  • 60e39d9 Update link to wiki (GitHub at the leading `--`)
  • 804f9d5 Update link because GitHub ate the leading `--`
  • 3326c23 update CHANGELOG for v4.0.0 [ci skip]
  • 6dd9252 add link to wiki on --compilers deprecation
  • 96318e1 Deprecate --compilers
  • 92beda9 drop bower support
  • 58a4c6a remove unused .npmignore
  • 7af6611 kill Date#toISOString shim
  • 43501a2 reduce noise about slow tests; make a few tests faster, etc.
  • fa228e9 update --exit / --no-exit integration test for new default behavior
  • 3fdd3ff Switch default from forced exit to no-exit
  • c5d69e0 add integration tests for --exit/--no-exit
  • 3a7f8dc enhance runMochaJSON() helper by returning the subprocess instance
  • 0690d1a remove unused manual tests which remained in test/misc/
  • 49e01d5 move the "only" specs out of test/misc/only/ and into test/only/
  • 16ffca2 remove shims to avoid decrease in coverage
  • 1f3b39a upgrade diff
  • e6e3519 upgrade commander
  • f1efc14 remove special treatment of unsupported node version in travis before-install script
  • bc50020 upgrade debug
  • 1103f9c upgrade coveralls
  • f09ebf6 remove readable-stream

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant