Skip to content

[Snyk] Security upgrade docpad from 6.78.6 to 6.80.0 #11

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade docpad from 6.78.6 to 6.80.0 #11

wants to merge 1 commit into from

Conversation

@CharaD7
Copy link
Owner

@CharaD7 CharaD7 commented Jan 18, 2023

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-COOKIEJAR-3149984		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: docpad The new version differs by 32 commits.
  • 84e5bc6 remove unused locales and getmac, update travis
  • 623436d updated sponsors
  • 133f706 removed debug executables, and updated remaining deps
  • af84870 removed all non vital cloud communication - close #1041
  • 6315686 update plugin dev dep versions now that all plugins are updated
  • 44edf4e readme: fix invalid linking
  • 77e62a6 ran through boundation agian, and added support in plugin loader for docpad version flags
  • 13a9fde more complete changelog and version beta flag
  • 6bdb5f8 more clear implementation of f71222c26bdc7396aa3a2f40d7df06665f1a318b
  • ab60355 changelog tabs to spaces
  • 829546a update changelog and version for recent commits
  • 15ae214 stdin errors changed to log level 6
  • f71222c prevent log entries from writing to a closed logger
  • 73c40dc coffee-script to coffeescript
  • eeaa425 Merge branch 'master' into dev-updatedeps
  • b1a11c7 projectz compile
  • 4d54c7d fixed some regressions from the update deps
  • 969dd5e updated with boundation, coffeescript v2, more dep updates, and dynamic doc content type workaround
  • 223da56 fix https://github.com/Events out of order docpad/docpad#1062
  • e5e9846 version bump, history entry, update base files
  • c8c46c2 improvements to #1049
  • 809aee3 Merge pull request #1049 from craigsssmith/master
  • eab16f5 v6.79.3. Bugfix.
  • 4f81d10 v6.79.2. Fix plugin tests and reduce package size.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

@snyk-bot
fix: package.json to reduce vulnerabilities
84701b1 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-COOKIEJAR-3149984
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@CharaD7 @snyk-bot