[Snyk] Security upgrade zaproxy from 1.0.0-rc.1 to 1.0.1
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this Merge Request
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
Severity | Issue | Breaking Change | Exploit Maturity |
---|---|---|---|
Prototype Pollution SNYK-JS-LODASH-567746 |
No | Proof of Concept |
Commit messages
Package name: zaproxy
The new version differs by 8 commits.- 6f2f583 Merge pull request #9 from binarymist/bump-lodash
- 1d1cc5d Update changelog to 1.0.1
- 75e8853 version bump
- 90470c2 Updated package-lock.json for the lodash patch
- e8cd42f Merge pull request #5 from zaproxy/dependabot/npm_and_yarn/request-promise-native-1.0.7
- 88c8f1a Bump request-promise-native from 1.0.5 to 1.0.7
- 63df5e7 Merge pull request #4 from thc202/changelog-update-post-rel
- ca1e9cd Update changelog for next dev iteration
Check the changes in this Merge Request to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report