[Snyk] Security upgrade har-validator from 1.8.0 to 3.4.0#8

Open

snyk-bot wants to merge 1 commit into

master from

snyk-fix-21afb09442412688d27fd5f3110bce05

Open

[Snyk] Security upgrade har-validator from 1.8.0 to 3.4.0 #8
snyk-bot wants to merge 1 commit into
master from
snyk-fix-21afb09442412688d27fd5f3110bce05

Conversation

@snyk-bot

@snyk-bot snyk-bot commented Sep 13, 2021

Copy link

Copy Markdown

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
high severity	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: har-validator

The new version differs by 73 commits.

9b372bd feat(cli): remove CLI in favor of using har-cli package
ed15905 fix(Error): Error.name should be HARError
89b6486 feat(validator): change validator to the superior AJV
95f9fea test(promises): clean up tests
5858097 feat(node4): better organize the lib directory
ddba552 feat(exports): browser object
e9512ab docs(README): require example
a16db5a feat(module): include header() query() exports
ccd70cf Merge pull request fixed global variable leaks request/request#67 from ahmadnassri/greenkeeper/babel-preset-env-0.0.9
40b9d1d chore(package): update babel-preset-env to version 0.0.9
33c2cb3 fix(docs): update to new require paths in docs
b500008 build(scripts): remove nyc dependency, use tap directly to generate coverage
0e05b18 chore(package): update echint to version 2.0.0
9c21e4d test(dependency): adding missing dependency
423c578 test(dependencies): tap has build-in reporter formatting now
4926007 build(build): improved build process
2a1ea36 Merge pull request Add request/response times to response object request/request#64 from ahmadnassri/greenkeeper/remove-node-0.10
6dd199e chore: drop support for Node.js 0.10
a12fd05 Merge pull request Strange behavior when putting request/request#63 from ahmadnassri/greenkeeper-tap-8.0.0
eaf66eb chore(package): update tap to version 8.0.0
12239a6 Merge pull request use Buffer for the body request/request#62 from ahmadnassri/greenkeeper-codeclimate-test-reporter-0.4.0
2bbbf42 chore(package): update codeclimate-test-reporter to version 0.4.0
e76c48f Merge pull request _redirectsFollowed not incrementing request/request#58 from ahmadnassri/greenkeeper-tap-mocha-reporter-3.0.0
cb22949 chore(package): update tap-mocha-reporter to version 3.0.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

@snyk-bot


 fix: package.json to reduce vulnerabilities

7ff0889

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Security upgrade har-validator from 1.8.0 to 3.4.0#8

[Snyk] Security upgrade har-validator from 1.8.0 to 3.4.0 #8
snyk-bot wants to merge 1 commit into
master from
snyk-fix-21afb09442412688d27fd5f3110bce05

Conversation

@snyk-bot snyk-bot commented Sep 13, 2021

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant