Skip to content

[Snyk] Security upgrade snyk from 1.621.0 to 1.675.0

Denis Rudnei de Souza requested to merge snyk-fix-391f38da0f3de0b08f2c588c6c653ab0 into master

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this Merge Request

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 658/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-AXIOS-6124857 		No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: snyk The new version differs by 250 commits.
  • 48035f8 Merge pull request #2120 from snyk/fix/code-new-code-api-support
  • a102ba4 fix: corrected codeowners for sast-team
  • 5b49f5c fix: updated dependency on @ snyk/code-client
  • bfa6493 fix: support of the new Code API
  • b7a190b Merge pull request #2093 from snyk/wip/dockerfile-parse-error-messages
  • f584ac9 Merge pull request #2137 from snyk/protect/smoke-tests
  • 9fe5704 Merge pull request #2140 from snyk/fix/update-tar-1
  • cf031e7 fix: update tar dependency
  • 6a48d29 Merge pull request #2138 from snyk/fix/cli-code-0-exclude-base-image-vulns
  • 2c5b41d fix: return correct exit code when using --exclude-base-image-vulns
  • 0d56ab9 Merge pull request #2135 from snyk/chore/compress-binaries
  • 4d8273d test: show that excluding base image vulns returns wrong exit code
  • 57db6b2 chore: include 'node' in cache key
  • 1ba5025 chore: remove unused semantic-release rc
  • f6b78ec chore: compress binary releases
  • 7438096 chore: ignore binary-releases directory
  • 294148c Merge pull request #2131 from snyk/test/analytics-tests
  • d8a4243 Merge pull request #2132 from snyk/chore/remove-release-notes-confirmation
  • 34e7c7b test: add acceptance test for analytics
  • 24370cd Merge pull request #2125 from snyk/chore/use-bin
  • 1dd610d Merge pull request #2127 from snyk/fix/docker-exit-codes
  • 9dfc57e Merge pull request #2122 from snyk/fix/iac-path-parsing
  • 1fb9ffd chore: remove broken release notes action
  • 8566273 fix: IaC path parsing

See the full diff

Check the changes in this Merge Request to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

Merge request reports