8000 [Snyk] Security upgrade @pulumi/awsx from 0.40.0 to 2.20.0 by Abuchtela · Pull Request #147 · Abuchtela/web · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

[Snyk] Security upgrade @pulumi/awsx from 0.40.0 to 2.20.0 #147

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade @pulumi/awsx from 0.40.0 to 2.20.0 #147

wants to merge 1 commit into from

Conversation

Abuchtela
Copy link
Owner

snyk-top-banner

Snyk has created this PR to fix 3 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • infra/staging/package.json
  • infra/staging/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVER-3247795		   159  
medium severity Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116		   131  
medium severity Uncontrolled Resource Consumption
SNYK-JS-GRPCGRPCJS-7242922		   49  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

@socket-security Socket Security
Copy link

New, updated, and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/text-table@0.2.0 None 0 11 kB substack
npm/through@2.3.8 None 0 12.5 kB dominictarr
npm/through2@2.0.5 None 0 9.65 kB rvagg
npm/timers-browserify@2.0.12 None 0 10.4 kB jryans
npm/tmp@0.0.33 filesystem 0 26 kB raszi
npm/to-arraybuffer@1.0.1 None 0 5.54 kB jhiesey
npm/to-fast-properties@2.0.0 None 0 3.5 kB sindresorhus
npm/to-object-path@0.3.0 None 0 5.07 kB jonschlinkert
npm/to-regex-range@2.1.1 🔁 npm/to-regex-range@5.0.1 None 0 20.3 kB jonschlinkert
npm/trim-newlines@2.0.0 None 0 2.97 kB sindresorhus
npm/trim-right@1.0.1 None 0 2.61 kB sindresorhus
npm/trim-trailing-lines@1.1.4 None 0 4.6 kB wooorm
npm/trim@0.0.1 None 0 2.71 kB tjholowaychuk
npm/trough@1.0.5 None 0 13.1 kB wooorm
npm/tty-browserify@0.0.0 None 0 1.99 kB substack
npm/type-check@0.3.2 None 0 20.9 kB gkz
npm/typedarray@0.0.6 None 0 26 kB substack
npm/uglify-es@3.3.9 eval, filesystem 0 768 kB alexlamsl
npm/uglifyjs-webpack-plugin@1.3.0 eval Transitive: filesystem +1 71.6 kB evilebottnawi
npm/unherit@1.1.3 None +1 12 kB wooorm
npm/unicode-canonical-property-names-ecmascript@1.0.4 None 0 4.34 kB mathias
npm/unicode-match-property-ecmascript@1.0.4 None 0 4.41 kB mathias
npm/unicode-match-property-value-ecmascript@1.2.0 None 0 24.4 kB mathias
npm/unicode-property-aliases-ecmascript@1.1.0 None 0 5.41 kB mathias
npm/unified@7.1.0 None 0 55 kB wooorm
npm/union-value@1.0.1 None 0 6.83 kB doowb
npm/uniq@1.0.1 None 0 4.32 kB mikolalysenko
npm/unique-filename@1.1.1 None 0 41.4 kB iarna
npm/unique-slug@2.0.2 None 0 2.68 kB zkat
npm/unist-util-find-all-after@1.0.5 None 0 12.6 kB wooorm
npm/unist-util-is@3.0.0 None 0 11.1 kB wooorm
npm/unist-util-remove-position@1.1.4 None 0 6.65 kB wooorm
npm/unist-util-stringify-position@1.1.2 🔁 npm/unist-util-stringify-position@3.0.0 None 0 6.55 kB wooorm
npm/unist-util-visit-parents@2.1.2 None 0 11.6 kB wooorm
npm/unist-util-visit@1.4.1 None 0 6.87 kB wooorm
npm/unset-value@1.0.0 None 0 8.53 kB jonschlinkert
npm/uri-js@4.4.1 None 0 470 kB garycourt
npm/urix@0.1.0 None 0 4.37 kB lydell
npm/url@0.11.0 None 0 76.8 kB defunctzombie
npm/use@3.1.1 None 0 9.51 kB jonschlinkert
npm/util-deprecate@1.0.2 None 0 5.48 kB tootallnate
npm/util@0.11.1 🔁 npm/util@0.10.3 None 0 24.5 kB goto-bus-stop
npm/v8-compile-cache@2.3.0 environment, filesystem, unsafe 0 16.8 kB zertosh
npm/vfile-location@2.0.6 None 0 7.64 kB wooorm
npm/vfile-message@1.1.1 🔁 npm/vfile-message@3.0.1 None 0 9.03 kB wooorm
npm/vfile@3.0.1 unsafe 0 19.1 kB wooorm
npm/vm-browserify@1.1.2 None 0 15.5 kB goto-bus-stop
npm/watchpack-chokidar2@2.0.1 None 0 427 B sokra
npm/watchpack@1.7.5 None 0 22.8 kB sokra
npm/webpack-cli@3.3.12 environment, filesystem, shell, unsafe 0 224 kB evilebottnawi
npm/webpack-sources@1.4.3 None 0 36.7 kB sokra
npm/webpack@4.46.0 environment, filesystem, unsafe 0 1.48 MB sokra
npm/which-module@2.0.0 None 0 4.58 kB nexdrew
npm/which@1.3.1 environment 0 9.42 kB isaacs
npm/word-wrap@1.2.3 None 0 10.6 kB jonschlinkert
npm/worker-farm@1.7.0 environment, shell 0 49.9 kB rvagg
npm/wrap-ansi@5.1.0 None 0 9.62 kB sindresorhus
npm/write@0.2.1 🔁 npm/write@1.0.3 None 0 6.94 kB jonschlinkert
npm/x-is-string@0.1.0 None 0 4.67 kB mattesch
npm/y18n@4.0.3 filesystem 0 11 kB oss-bot
npm/yallist@2.1.2 🔁 npm/yallist@3.1.1 None 0 13.6 kB isaacs
npm/yargs-parser@10.1.0 environment 0 48.4 kB bcoe
npm/yargs@13.3.2 environment, filesystem 0 229 kB oss-bot

View full report↗︎

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Abuchtela @snyk-bot
0