Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

[Snyk] Upgrade browser-sync from 2.18.13 to 3.0.4 #30

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
snyk-io wants to merge 1 commit into master
base: master
Choose a base branch
Loading
from snyk-upgrade-19ab250832f933c17fc5a6a8653bb49e

Conversation

Copy link

@snyk-io snyk-io bot commented Sep 4, 2025

snyk-top-banner

Snyk has created this PR to upgrade browser-sync from 2.18.13 to 3.0.4.

i️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

  • The recommended version is 79 versions ahead of your current version.

  • The recommended version was released 5 months ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Prototype Pollution
SNYK-JS-JSONSCHEMA-1920922 		644 No Known Exploit
high severity Code Injection
SNYK-JS-LODASH-1040724 		644 Proof of Concept
high severity Arbitrary Code Injection
SNYK-JS-XMLHTTPREQUESTSSL-1082936 		644 Proof of Concept
high severity Access Restriction Bypass
SNYK-JS-XMLHTTPREQUESTSSL-1255647 		644 Proof of Concept
high severity Prototype Pollution
SNYK-JS-LODASH-450202 		644 Proof of Concept
high severity Prototype Pollution
SNYK-JS-LODASH-608086 		644 Proof of Concept
high severity Prototype Pollution
SNYK-JS-LODASH-6139239 		644 Proof of Concept
high severity Prototype Pollution
SNYK-JS-LODASH-73638 		644 Proof of Concept
high severity Prototype Pollution
SNYK-JS-OBJECTPATH-1017036 		644 Proof of Concept
high severity Prototype Poisoning
SNYK-JS-QS-3153490 		644 Proof of Concept
high severity Denial of Service (DoS)
npm:qs:20140806 		644 No Known Exploit
high severity Prototype Override Protection Bypass
npm:qs:20170213 		644 No Known Exploit
high severity Prototype Poisoning
SNYK-JS-QS-3153490 		644 Proof of Concept
high severity Prototype Poisoning
SNYK-JS-QS-3153490 		644 Proof of Concept
high severity Prototype Override Protection Bypass
npm:qs:20170213 		644 No Known Exploit
high severity Denial of Service (DoS)
SNYK-JS-DECODEURICOMPONENT-3149970 		644 Proof of Concept
high severity Denial of Service (DoS)
SNYK-JS-ENGINEIO-1056749 		644 Proof of Concept
high severity Denial of Service (DoS)
SNYK-JS-ENGINEIO-3136336 		644 No Known Exploit
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ES5EXT-6095076 		644 Proof of Concept
high severity Arbitrary File Overwrite
SNYK-JS-FSTREAM-174725 		644 No Known Exploit
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVER-3247795 		644 Proof of Concept
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVER-3247795 		644 Proof of Concept
high severity Denial of Service (DoS)
SNYK-JS-SOCKETIOPARSER-1056752 		644 Proof of Concept
high severity Arbitrary File Overwrite
SNYK-JS-TAR-1536528 		644 No Known Exploit
high severity Arbitrary File Overwrite
SNYK-JS-TAR-1536531 		644 No Known Exploit
high severity Arbitrary File Write
SNYK-JS-TAR-1579147 		644 No Known Exploit
high severity Arbitrary File Write
SNYK-JS-TAR-1579152 		644 No Known Exploit
high severity Arbitrary File Write
SNYK-JS-TAR-1579155 		644 No Known Exploit
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-1023599 		644 Proof of Concept
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-610226 		644 Proof of Concept
high severity Denial of Service (DoS)
npm:ws:20171108 		644 Mature
high severity Prototype Pollution
npm:deap:20180415 		644 Proof of Concept
high severity Prototype Pollution
npm:deep-extend:20180409 		644 Proof of Concept
high severity Prototype Pollution
npm:extend:20180424 		644 No Known Exploit
high severity Regular Expression Denial of Service (ReDoS)
npm:fresh:20170908 		644 No Known Exploit
high severity Regular Expression Denial of Service (ReDoS)
npm:fresh:20170908 		644 No Known Exploit
high severity Regular Expression Denial of Service (ReDoS)
npm:parsejson:20170908 		644 No Known Exploit
high severity Regular Expression Denial of Service (ReDoS)
npm:sshpk:20180409 		644 Proof of Concept
high severity Regular Expression Denial of Service (ReDoS)
npm:sshpk:20180409 		644 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905 		644 Proof of Concept
medium severity Prototype Pollution
SNYK-JS-YARGSPARSER-560381 		644 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-73639 		644 Proof of Concept
medium severity Prototype Pollution
npm:lodash:20180130 		644 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-MINIMATCH-3050818 		644 No Known Exploit
medium severity Prototype Pollution
SNYK-JS-MINIMIST-559764 		644 Proof of Concept
medium severity Prototype Pollution
SNYK-JS-MINIMIST-559764 		644 Proof of Concept
medium severity Prototype Pollution
SNYK-JS-OBJECTPATH-1569453 		644 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHPARSE-1077067 		644 Proof of Concept
medium severity Denial of Service (DoS)
npm:qs:20140806-1 		644 No Known Exploit
medium severity Cross-site Scripting (XSS)
SNYK-JS-CONNECT-5846225 		644 Proof of Concept
medium severity Denial of Service (DoS)
npm:connect:20120107 		644 No Known Exploit
medium severity Cross-site Scripting (XSS)
npm:connect:20130701 		644 No Known Exploit
medium severity Cross-site Scripting (XSS)
SNYK-JS-COOKIE-8163060 		644 No Known Exploit
medium severity Prototype Pollution
SNYK-JS-EAZYLOGGER-8708044 		644 Proof of Concept
medium severity Open Redirect
SNYK-JS-EXPRESS-6474509 		644 No Known Exploit
medium severity Cross-site Scripting
SNYK-JS-EXPRESS-7926867 		644 No Known Exploit
medium severity Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
SNYK-JS-EXPRESS-8310337 		644 Proof of Concept
medium severity Cross-site Scripting (XSS)
npm:express:20140912 		644 No Known Exploit
medium severity Denial of Service (DoS)
SNYK-JS-HTTPPROXY-569139 		644 Proof of Concept
medium severity Insecure Defaults
SNYK-JS-SOCKETIO-1024859 		644 Proof of Concept
medium severity Uncontrolled Resource Consumption ('Resource Exhaustion')
SNYK-JS-TAR-6476909 		644 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
npm:tough-cookie:20170905 		644 No Known Exploit
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-1072471 		644 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
npm:ua-parser-js:20180227 		644 Proof of Concept
medium severity Arbitrary Code Injection
SNYK-JS-UNDERSCORE-1080984 		644 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-WS-1296835 		644 Proof of Concept
low severity Prototype Pollution
SNYK-JS-MINIMIST-2429795 		644 Proof of Concept
low severity Prototype Pollution
SNYK-JS-MINIMIST-2429795 		644 Proof of Concept
low severity Prototype Pollution
SNYK-JS-MINIMIST-2429795 		644 Proof of Concept
low severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-BRACEEXPANSION-9789073 		644 Proof of Concept
low severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-BRACEEXPANSION-9789073 		644 Proof of Concept
low severity Regular Expression Denial of Service (ReDoS)
npm:braces:20180219 		644 Proof of Concept
low severity Cross-site Scripting
SNYK-JS-SEND-7926862 		644 No Known Exploit
low severity Cross-site Scripting
SNYK-JS-SERVESTATIC-7926865 		644 No Known Exploit
critical severity Improper Input Validation
SNYK-JS-SOCKETIOPARSER-3091012 		644 No Known Exploit
medium severity Regular Expression Denial of Service (ReDoS)
npm:ua-parser-js:20171012 		644 No Known Exploit
medium severity Insecure Randomness
npm:ws:20160920 		644 No Known Exploit
low severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-TAR-1536758 		644 No Known Exploit
low severity Regular Expression Denial of Service (ReDoS)
npm:clean-css:20180306 		644 Proof of Concept
low severity Regular Expression Denial of Service (ReDoS)
npm:debug:20170905 		644 Proof of Concept
low severity Regular Expression Denial of Service (ReDoS)
npm:debug:20170905 		644 Proof of Concept
low severity Regular Expression Denial of Service (ReDoS)
npm:debug:20170905 		644 Proof of Concept
low severity Regular Expression Denial of Service (ReDoS)
npm:debug:20170905 		644 Proof of Concept
low severity Regular Expression Denial of Service (ReDoS)
npm:mime:20170907 		644 No Known Exploit
low severity Regular Expression Denial of Service (ReDoS)
npm:mime:20170907 		644 No Known Exploit
low severity Regular Expression Denial of Service (ReDoS)
npm:ms:20170412 		644 No Known Exploit
low severity Regular Expression Denial of Service (ReDoS)
npm:ms:20170412 		644 No Known Exploit
low severity Regular Expression Denial of Service (ReDoS)
npm:ms:20170412 		644 No Known Exploit
low severity Regular Expression Denial of Service (ReDoS)
npm:ms:20170412 		644 No Known Exploit
Release notes
Package name: browser-sync
  • 3.0.4 - 2025年04月02日

    v3.0.4

  • 3.0.3 - 2024年09月23日

    What's Changed

    Full Changelog: v3.0.2...v3.0.3

  • 3.0.2 - 2023年12月27日

    What's Changed

    New Contributors

    Full Changelog: v3.0.1...v3.0.2

  • 3.0.1 - 2023年12月27日

    ⚠️ Breaking

    • removed localtunnel (it's not maintained, and was always optional) - see #2059

    What's Changed

    Full Changelog: v2.29.3...v3.0.1

  • 3.0.0 - 2023年12月27日

    v3.0.0

  • 3.0.0-alpha.2 - 2023年12月27日

    v3.0.0-alpha.2

  • 3.0.0-alpha.1 - 2023年12月27日

    v3.0.0-alpha.1

  • 3.0.0-alpha.0 - 2023年12月27日

    v3.0.0-alpha.0

  • 2.30.0-alpha.3 - 2023年05月19日

    v2.30.0-alpha.3

  • 2.30.0-alpha.2 - 2023年05月19日

    v2.30.0-alpha.2

  • 2.30.0-alpha.1 - 2023年05月19日
  • 2.29.3 - 2023年05月17日
  • 2.29.2 - 2023年05月17日
  • 2.29.1 - 2023年03月22日
  • 2.29.1-alpha.0 - 2023年03月22日
  • 2.29.0 - 2023年03月16日
  • 2.28.3 - 2023年03月04日
  • 2.28.2 - 2023年03月04日
  • 2.28.1 - 2023年02月27日
  • 2.28.0 - 2023年02月27日
  • 2.27.12 - 2023年02月23日
  • 2.27.11 - 2022年12月19日
  • 2.27.10 - 2022年05月16日
  • 2.27.9 - 2022年03月15日
  • 2.27.8 - 2022年03月13日
  • 2.27.7 - 2021年10月27日
  • 2.27.6 - 2021年10月26日
  • 2.27.5 - 2021年07月27日
  • 2.27.4 - 2021年07月01日
  • 2.27.3 - 2021年06月26日
  • 2.27.1 - 2021年06月24日
  • 2.26.14 - 2021年01月24日
  • 2.26.14-y.2 - 2021年01月24日
  • 2.26.14-y.1 - 2021年01月24日
  • 2.26.13 - 2020年10月17日
  • 2.26.12 - 2020年07月26日
  • 2.26.10 - 2020年07月17日
  • 2.26.9 - 2020年07月16日
  • 2.26.7 - 2019年06月07日
  • 2.26.6 - 2019年06月07日
  • 2.26.5 - 2019年04月24日
  • 2.26.4 - 2019年04月22日
  • 2.26.3 - 2018年10月13日
  • 2.26.2 - 2018年10月13日
  • 2.26.1 - 2018年10月13日
  • 2.26.0 - 2018年10月06日
  • 2.25.3-alpha.0 - 2018年10月06日
  • 2.25.2-alpha.0 - 2018年10月06日
  • 2.25.1-alpha.0 - 2018年10月06日
  • 2.25.0 - 2018年10月06日
  • 2.25.0-alpha.0 - 2018年09月17日
  • 2.24.7 - 2018年08月26日
  • 2.24.6 - 2018年07月21日
  • 2.24.5 - 2018年06月24日
  • 2.24.4 - 2018年05月03日
  • 2.24.3 - 2018年05月03日
  • 2.24.3-rc1 - 2018年05月02日
  • 2.24.2 - 2018年05月02日
  • 2.24.2-rc1 - 2018年05月02日
  • 2.24.1 - 2018年04月30日
  • 2.24.1-rc1 - 2018年04月30日
  • 2.24.0 - 2018年04月29日
  • 2.24.0-rc4 - 2018年04月29日
  • 2.24.0-rc3 - 2018年04月29日
  • 2.24.0-rc2 - 2018年04月29日
  • 2.24.0-rc1 - 2018年04月29日
  • 2.23.7 - 2018年04月20日
  • 2.23.6 - 2018年01月24日
  • 2.23.5 - 2018年01月10日
  • 2.23.4 - 2018年01月10日
  • 2.23.3 - 2018年01月05日
  • 2.23.2 - 2018年01月01日
  • 2.23.1 - 2017年12月29日
  • 2.23.0 - 2017年12月29日
  • 2.22.0 - 2017年12月28日
  • 2.21.0 - 2017年12月22日
  • 2.20.1 - 2017年12月22日
  • 2.20.0 - 2017年12月21日
  • 2.19.0 - 2017年12月19日
  • 2.18.13 - 2017年07月20日
from browser-sync GitHub release notes

Important

  • Warning: This PR contains a major version upgrade, and may be a breaking change.
  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information: 

Snyk has created this PR to upgrade browser-sync from 2.18.13 to 3.0.4.
See this package in npm:
browser-sync
See this project in Snyk:
https://app.snyk.io/org/mattdanielbrown/project/529a4064-d045-4ca7-ab49-8b7ce9f0d235?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr
Copy link
Author

snyk-io bot commented Sep 4, 2025

🎉 Snyk checks have passed. No issues have been found so far.

security/snyk check is complete. No issues have been found. (View Details)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants

AltStyle によって変換されたページ (->オリジナル) /