forked from ipfs/ipfs-desktop
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Snyk] Fix for 120 vulnerabilities #39
Merged
MarcelRaschke
merged 2 commits into
master
from
snyk-fix-b95a8927b9d6ec6df54dd3aa716dc272
Sep 23, 2022
Merged
[Snyk] Fix for 120 vulnerabilities #39
MarcelRaschke
merged 2 commits into
master
from
snyk-fix-b95a8927b9d6ec6df54dd3aa716dc272
Sep 23, 2022
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ELECTRON-1257943 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1258207 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1260586 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1277203 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1277526 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1278596 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1296553 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1296555 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1296557 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1296559 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1296561 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1296563 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1296565 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1312313 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1312314 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1312315 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1313765 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1313767 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1314896 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1315151 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1315668 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1533614 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1534881 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1534882 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1534883 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1534884 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1536579 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1536581 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1536587 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1585619 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1586050 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1656742 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1656743 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1656745 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1656746 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1656752 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1727342 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1727344 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1730574 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1731315 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1910985 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1910987 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1910988 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1910991 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1911949 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1912074 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1912075 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1912082 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1912084 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1912085 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1924893 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1924894 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1924895 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1930826 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1932538 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1932540 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1932542 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1932545 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1932547 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1932549 - https://snyk.io/vuln/SNYK-JS-ELECTRON-1932551 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2322001 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2329155 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2329162 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2329257 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2330890 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2332173 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2332176 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2338684 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2339883 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2351961 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2404183 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2404184 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2414027 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2420972 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2420994 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2422385 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2431353 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2434822 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2434824 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2774694 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2803052 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2803053 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2806357 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2806730 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2807802 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2807803 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2807804 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2807809 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2808872 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2808873 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2808874 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2812497 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2812499 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2824110 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2838863 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2869408 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2869410 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2870632 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2932172 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2934721 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2946881 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2946891 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2961655 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2977510 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2977512 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2978483 - https://snyk.io/vuln/SNYK-JS-ELECTRON-2978519 - https://snyk.io/vuln/SNYK-JS-GOT-2932019 - https://snyk.io/vuln/SNYK-JS-NANOID-2332193 - https://snyk.io/vuln/SNYK-JS-NTHCHECK-1586032 - https://snyk.io/vuln/SNYK-JS-SEMVERREGEX-1584358 - https://snyk.io/vuln/SNYK-JS-SEMVERREGEX-1585624 - https://snyk.io/vuln/SNYK-JS-SEMVERREGEX-2824151 - https://snyk.io/vuln/SNYK-JS-TAR-1536528 - https://snyk.io/vuln/SNYK-JS-TAR-1536531 - https://snyk.io/vuln/SNYK-JS-TAR-1536758 - https://snyk.io/vuln/SNYK-JS-TAR-1579147 - https://snyk.io/vuln/SNYK-JS-TAR-1579152 - https://snyk.io/vuln/SNYK-JS-TAR-1579155
delete-merged-branch
bot
deleted the
snyk-fix-b95a8927b9d6ec6df54dd3aa716dc272
branch
September 23, 2022 13:50
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Mature exploit, Has a fix available, CVSS 9.8
SNYK-JS-ELECTRON-1257943
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1258207
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1260586
Why? Has a fix available, CVSS 7.5
SNYK-JS-ELECTRON-1277203
Why? Has a fix available, CVSS 4.8
SNYK-JS-ELECTRON-1277526
Why? Has a fix available, CVSS 3.7
SNYK-JS-ELECTRON-1278596
Why? Has a fix available, CVSS 7.3
SNYK-JS-ELECTRON-1296553
Why? Has a fix available, CVSS 7.3
SNYK-JS-ELECTRON-1296555
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1296557
Why? Proof of Concept exploit, Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1296559
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1296561
Why? Has a fix available, CVSS 7.3
SNYK-JS-ELECTRON-1296563
Why? Has a fix available, CVSS 7.3
SNYK-JS-ELECTRON-1296565
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1312313
Why? Mature exploit, Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1312314
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1312315
Why? Mature exploit, Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1313765
Why? Has a fix available, CVSS 6.3
SNYK-JS-ELECTRON-1313767
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1314896
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1315151
Why? Has a fix available, CVSS 9.8
SNYK-JS-ELECTRON-1315668
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1533614
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1534881
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1534882
Why? Mature exploit, Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1534883
Why? Has a fix available, CVSS 6.5
SNYK-JS-ELECTRON-1534884
Why? Has a fix available, CVSS 6.3
SNYK-JS-ELECTRON-1536579
Why? Proof of Concept exploit, Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1536581
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1536587
Why? Mature exploit, Has a fix available, CVSS 5.3
SNYK-JS-ELECTRON-1585619
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1586050
Why? Has a fix available, CVSS 7.3
SNYK-JS-ELECTRON-1656742
Why? Mature exploit, Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1656743
Why? Has a fix available, CVSS 7.3
SNYK-JS-ELECTRON-1656745
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1656746
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1656752
Why? Has a fix available, CVSS 6.5
SNYK-JS-ELECTRON-1727342
Why? Mature exploit, Has a fix available, CVSS 5.3
SNYK-JS-ELECTRON-1727344
Why? Has a fix available, CVSS 6.8
SNYK-JS-ELECTRON-1730574
Why? Proof of Concept exploit, Has a fix available, CVSS 5.6
SNYK-JS-ELECTRON-1731315
Why? Mature exploit, Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1910985
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1910987
Why? Has a fix available, CVSS 4.3
SNYK-JS-ELECTRON-1910988
Why? Has a fix available, CVSS 4.3
SNYK-JS-ELECTRON-1910991
Why? Proof of Concept exploit, Has a fix available, CVSS 9.8
SNYK-JS-ELECTRON-1911949
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1912074
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1912075
Why? Has a fix available, CVSS 7.3
SNYK-JS-ELECTRON-1912082
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1912084
Why? Mature exploit, Has a fix available, CVSS 6.5
SNYK-JS-ELECTRON-1912085
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1924893
Why? Has a fix available, CVSS 5.6
SNYK-JS-ELECTRON-1924894
Why? Has a fix available, CVSS 6.5
SNYK-JS-ELECTRON-1924895
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1930826
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1932538
Why? Mature exploit, Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1932540
Why? Has a fix available, CVSS 5.5
SNYK-JS-ELECTRON-1932542
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1932545
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1932547
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-1932549
Why? Has a fix available, CVSS 9.6
SNYK-JS-ELECTRON-1932551
Why? Mature exploit, Has a fix available, CVSS 7.3
SNYK-JS-ELECTRON-2322001
Why? Has a fix available, CVSS 6.5
SNYK-JS-ELECTRON-2329155
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-2329162
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-2329257
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-2330890
Why? Has a fix available, CVSS 9.8
SNYK-JS-ELECTRON-2332173
Why? Has a fix available, CVSS 5.6
SNYK-JS-ELECTRON-2332176
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-2338684
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-2339883
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-2351961
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-2404183
Why? Has a fix available, CVSS 7.3
SNYK-JS-ELECTRON-2404184
Why? Mature exploit, Has a fix available, CVSS 7.6
SNYK-JS-ELECTRON-2414027
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-2420972
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-2420994
Why? Has a fix available, CVSS 5.3
SNYK-JS-ELECTRON-2422385
Why? Has a fix available, CVSS 3.4
SNYK-JS-ELECTRON-2431353
Why? Mature exploit, Has a fix available, CVSS 7.3
SNYK-JS-ELECTRON-2434822
Why? Has a fix available, CVSS 6.8
SNYK-JS-ELECTRON-2434824
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-2774694
Why? Has a fix available, CVSS 6.3
SNYK-JS-ELECTRON-2803052
Why? Has a fix available, CVSS 4.3
SNYK-JS-ELECTRON-2803053
Why? Has a fix available, CVSS 7.3
SNYK-JS-ELECTRON-2806357
Why? Has a fix available, CVSS 7.3
SNYK-JS-ELECTRON-2806730
Why? Has a fix available, CVSS 5.6
SNYK-JS-ELECTRON-2807802
Why? Has a fix available, CVSS 7.3
SNYK-JS-ELECTRON-2807803
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-2807804
Why? Has a fix available, CVSS 8.1
SNYK-JS-ELECTRON-2807809
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-2808872
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-2808873
Why? Has a fix available, CVSS 7.3
SNYK-JS-ELECTRON-2808874
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-2812497
Why? Has a fix available, CVSS 5.6
SNYK-JS-ELECTRON-2812499
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-2824110
Why? Has a fix available, CVSS 7.3
SNYK-JS-ELECTRON-2838863
Why? Has a fix available, CVSS 6.6
SNYK-JS-ELECTRON-2869408
Why? Has a fix available, CVSS 5.5
SNYK-JS-ELECTRON-2869410
Why? Has a fix available, CVSS 8.8
SNYK-JS-ELECTRON-2870632
Why? Has a fix available, CVSS 6.5
SNYK-JS-ELECTRON-2932172
Why?
SNYK-JS-ELECTRON-2934721
Why?
SNYK-JS-ELECTRON-2946881
Why?
SNYK-JS-ELECTRON-2946891
Why?
SNYK-JS-ELECTRON-2961655
Why?
SNYK-JS-ELECTRON-2977510
Why?
SNYK-JS-ELECTRON-2977512
Why?
SNYK-JS-ELECTRON-2978483
Why?
SNYK-JS-ELECTRON-2978519
Why?
SNYK-JS-GOT-2932019
Why?
SNYK-JS-NANOID-2332193
Why?
SNYK-JS-NTHCHECK-1586032
Why?
SNYK-JS-SEMVERREGEX-1584358
Why?
SNYK-JS-SEMVERREGEX-1585624
Why?
SNYK-JS-SEMVERREGEX-2824151
Why?
SNYK-JS-TAR-1536528
Why?
SNYK-JS-TAR-1536531
Why?
SNYK-JS-TAR-1536758
Why?
SNYK-JS-TAR-1579147
Why?
SNYK-JS-TAR-1579152
Why?
SNYK-JS-TAR-1579155
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: @svgr/cli
The new version differs by 74 commits.dhtclient
profile ipfs/ipfs-desktop#619)See the full diff
Package name: got
The new version differs by 10 commits.See the full diff
Package name: mocha
The new version differs by 95 commits.See the full diff
Package name: semver-regex
The new version differs by 3 commits.See the full diff
Package name: tar
The new version differs by 33 commits.See the full diff
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Open Redirect
🦉 Arbitrary File Overwrite
🦉 Arbitrary File Overwrite
🦉 More lessons are available in Snyk Learn