[Snyk] Upgrade auditjs from 4.0.18 to 4.0.37#143
Conversation
Snyk has created this PR to upgrade auditjs from 4.0.18 to 4.0.37. See this package in npm: https://www.npmjs.com/package/auditjs See this project in Snyk: https://app.snyk.io/org/kadirselcuk/project/61431766-4171-4299-80d7-2d83d424affb?utm_source=github&utm_medium=referral&page=upgrade-pr
|
*Ruff* 🐶 I wasn't able to find any Docker Compose files in your repository at any of the given paths in the Files checked:
What is this?Pull Dog is a GitHub app that makes test environments for your pull requests using Docker, from a Visit our website to learn more. Commands
TroubleshootingNeed help? Don't hesitate to file an issue in our repository Configuration {
"isLazy": false,
"dockerComposeYmlFilePaths": [
"docker-compose.yml"
],
"expiry": "00:00:00",
"conversationMode": "singleComment"
}Trace ID |
|
Mode: paranoid | Total findings: 1 | Considered vulnerability: 1 Vulnerable Libraries (1)
More info on how to fix Vulnerable Libraries in General. 👉 Go to the dashboard for detailed results. 📥 Happy? Share your feedback with us. |
Snyk has created this PR to upgrade auditjs from 4.0.18 to 4.0.37.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-XMLDOM-1534562
Why? CVSS 6.5
SNYK-JS-XMLDOM-1084960
Why? CVSS 6.5
SNYK-JS-LOG4JS-2348757
Why? CVSS 6.5
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: auditjs
-
4.0.37 - 2022-04-20
- security(npm): lock colors library to 1.4.0 (#251) (36ae07f), closes #250
-
4.0.36 - 2022-02-08
- sonatype-2021-4879 in minimatch : 3.0.4 (384a99f)
-
4.0.35 - 2022-01-20
- CVE-2022-21704 in log4js : 6.3.0 (b7f1548)
-
4.0.34 - 2022-01-20
- CVE-2022-0235 in node-fetch : 2.6.1 (cde4677)
-
4.0.33 - 2021-10-25
- Error message formatting (#248) (c8acb04), closes #206
-
4.0.32 - 2021-09-16
- revert fix for SONATYPE-2021-1169, breaks eslint. needs more work (a7428e2)
- SONATYPE-2021-1169 (74abe3c)
-
4.0.31 - 2021-09-07
- Make caching class return undefined if property does not exist (#247) (8e3b3ad)
- use newer node version in CI release process, required to run semantic-release. (589e0ce)
- use newly published @ xmldom/xmldom package. fixes #243 (9f8b646)
-
4.0.30 - 2021-08-09
- CVE-2021-32796, will change when xmldom@0.7.0 is published on npm (#242) (a6c8e32)
-
4.0.29 - 2021-08-05
- Initial move to yarn (#241) (88b063f)
-
4.0.28 - 2021-08-03
- workaround to fix issue #239. may convert to yarn later (2056567)
-
4.0.27 - 2021-07-30
-
4.0.26 - 2021-07-29
-
4.0.25 - 2021-03-12
-
4.0.24 - 2021-02-12
-
4.0.23 - 2021-01-11
-
4.0.22 - 2020-12-18
-
4.0.21 - 2020-12-17
-
4.0.20 - 2020-11-17
-
4.0.19 - 2020-11-06
-
4.0.18 - 2020-06-04
from auditjs GitHub release notes4.0.37 (2022-04-20)
Bug Fixes
4.0.36 (2022-02-08)
Bug Fixes
4.0.35 (2022-01-20)
Bug Fixes
4.0.34 (2022-01-20)
Bug Fixes
4.0.33 (2021-10-25)
Bug Fixes
4.0.32 (2021-09-16)
Bug Fixes
4.0.31 (2021-09-07)
Bug Fixes
4.0.30 (2021-08-09)
Bug Fixes
4.0.29 (2021-08-05)
Bug Fixes
4.0.28 (2021-08-03)
Bug Fixes
Commit messages
Package name: auditjs
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:

🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs