Skip to content

[Snyk] Security upgrade aegir from 14.0.0 to 22.1.0 #78

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: CircleCI-v2
Choose a base branch
from
Open

[Snyk] Security upgrade aegir from 14.0.0 to 22.1.0 #78

wants to merge 1 commit into from

Conversation

adamlaska
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • examples/circuit-relaying/package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
critical severity 714/1000
Why? Has a fix available, CVSS 10		 Cross-site Scripting (XSS)
SNYK-JS-REMARKHTML-1583433		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: aegir The new version differs by 250 commits.
  • 0ac32a5 chore: release version v22.1.0
  • de99b8a chore: update contributors
  • 6ecbf42 chore: update deps
  • 435bb20 feat: checks action and bundlesize check improvements (#532)
  • e538d56 chore: update deps (#574)
  • ce08301 docs: fixed small error (#565)
  • de7b513 chore: release version v22.0.0
  • fa38887 chore: update contributors
  • 19bb300 feat: turn off sourcemaps for production builds (#549)
  • 0375fe7 chore: release version v21.10.2
  • ae2383e chore: update contributors
  • 09ba9c6 fix: fix process.env in karma tests (#559)
  • fd55d7c chore: release version v21.10.1
  • 8459163 chore: update contributors
  • e36e1de fix: whitelist process env keys (#557)
  • 0554d92 chore: release version v21.10.0
  • 94e77cc chore: update contributors
  • 8444136 feat: echo request headers (#553)
  • cda5da0 chore: release version v21.9.2
  • 2c80d54 chore: update contributors
  • 5dd58e6 fix: bump deps
  • 26fd09e chore: release version v21.9.1
  • 5da3ad4 chore: update contributors
  • 1f2dab6 fix: better stack traces and add process to node: false

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

This was referenced Nov 25, 2023
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@adamlaska @snyk-bot