[Snyk] Upgrade mocha from 10.3.0 to 10.7.0 #10
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade mocha from 10.3.0 to 10.7.0. See this package in npm: mocha See this project in Snyk: https://app.snyk.io/org/hashim21223445/project/543b602b-7a0f-494e-9c69-555edfc5bc04?utm_source=github&utm_medium=referral&page=upgrade-pr
|
Review changes with SemanticDiff. Analyzed 1 of 1 files.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade mocha from 10.3.0 to 10.7.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 7 versions ahead of your current version.
The recommended version was released on 21 days ago.
Issues fixed by the recommended upgrade:
SNYK-JS-SOCKETIO-7278048
SNYK-JS-IP-6240864
SNYK-JS-SOCKETIOPARSER-5596892
SNYK-JS-TAR-1536528
SNYK-JS-TAR-1536531
SNYK-JS-TAR-1579147
SNYK-JS-ENGINEIO-5496331
SNYK-JS-ES5EXT-6095076
SNYK-JS-TAR-1579152
SNYK-JS-TAR-1579155
SNYK-JS-WS-7266574
SNYK-JS-WS-7266574
SNYK-JS-TAR-6476909
SNYK-JS-TAR-6476909
SNYK-JS-EXPRESS-6474509
SNYK-JS-TAR-1536758
Release notes
Package name: mocha
-
10.7.0 - 2024-07-20
- feat: add option to not fail on failing test suite by @ ilgonmic in #4771
- @ ilgonmic made their first contribution in #4771
-
10.6.1 - 2024-07-20
- fix: do not exit when only unref'd timer is present in test code by @ boneskull in #3825
- fix: support canonical module by @ JacobLey in #5040
-
10.6.0 - 2024-07-02
- feat: allow ^ versions for character encoding packages by @ JoshuaKGoldberg in #5150
- feat: allow ^ versions for yargs packages by @ JoshuaKGoldberg in #5152
- feat: allow ^ versions for file matching packages by @ JoshuaKGoldberg in #5151
- feat: allow ^ versions for data serialization packages by @ JoshuaKGoldberg in #5153
- feat: allow ^ versions for miscellaneous packages by @ JoshuaKGoldberg in #5154
-
10.5.2 - 2024-06-26
- fix: better tracking of seen objects in error serialization by @ sam-super in #5032
- @ sam-super made their first contribution in #5032
-
10.5.1 - 2024-06-25
- fix: Add error handling for nonexistent file case with --file option by @ khoaHyh in #5086
- @ khoaHyh made their first contribution in #5086
-
10.5.0 - 2024-06-24
- #5015 feat: use <progress> and <svg> for browser progress indicator instead of <canvas> (@ yourWaifu)
- #5143 feat: allow using any 3.x chokidar dependencies (@ simhnna)
- #4835 feat: add MOCHA_OPTIONS env variable (@ icholy)
- #5107 fix: include stack in browser uncaught error reporting (@ JoshuaKGoldberg)
- #5110 chore: switch two-column list styles to be opt-in (@ marjys)
- #5135 chore: fix some typos in comments (@ StevenMia)
- #5130 chore: rename 'master' to 'main' in docs and tooling (@ JoshuaKGoldberg)
-
10.4.0 - 2024-03-26
- #4829 feat: include
- #4985 feat: add file path to xunit reporter (@ bmish)
- #5074 fix: harden error handling in
- #5077 chore: add mtfoley/pr-compliance-action (@ JoshuaKGoldberg)
- #5060 chore: migrate ESLint config to flat config (@ JoshuaKGoldberg)
- #5095 chore: revert #5069 to restore Netlify builds (@ voxpelli)
- #5097 docs: add sponsored to sponsorship link rels (@ JoshuaKGoldberg)
- #5093 chore: add 'status: in triage' label to issue templates and docs (@ JoshuaKGoldberg)
- #5083 docs: fix CHANGELOG.md headings to start with a root-level h1 (@ JoshuaKGoldberg)
- #5100 chore: fix header generation and production build crashes (@ JoshuaKGoldberg)
- #5104 chore: bump ESLint ecmaVersion to 2020 (@ JoshuaKGoldberg)
- #5116 fix: eleventy template builds crash with 'unexpected token at ": string, msg..."' (@ LcsK)
- #4869 docs: fix documentation concerning glob expansion on UNIX (@ binki)
- #5122 test: fix xunit integration test (@ voxpelli)
- #5123 chore: activate dependabot for workflows (@ voxpelli)
- #5125 build(deps): bump the github-actions group with 2 updates (@ dependabot)
-
10.3.0 - 2024-02-08
- Fix deprecated warn gh actions by @ outsideris in #4962
- fix #4837 Update glob due to vulnerability in dep by @ jb2311 in #4970
- Add Node v19 to test matrix by @ juergba in #4974
- chore: fix the ci by @ Uzlopak in #5020
- update can-i-use by @ Uzlopak in #5021
- chore: remove uuid dev dependency by @ Uzlopak in #5022
- chore: remove nanoid as dependency by @ Uzlopak in #5024
- chore: remove touch as dev dependency by @ Uzlopak in #5023
- chore: remove stale workflow by @ JoshuaKGoldberg in #5029
- docs: fix fragment ID for yargs' "extends" documentation by @ Spencer-Doak in #4918
- docs: use mocha.js instead of mocha in the example run by @ nikolas in #4927
- docs: fix jsdoc return type of
- docs: overhaul contributing and maintenance docs for end-of-year 2023 by @ JoshuaKGoldberg in #5038
- docs: touchups to labels and a template title post-revamp by @ JoshuaKGoldberg in #5050
- fix: add alt text to Built with Netlify badge by @ JoshuaKGoldberg in #5068
- chore: inline nyan reporter's write function by @ JoshuaKGoldberg in #5056
- chore: remove unnecessary canvas dependency by @ JoshuaKGoldberg in #5069
- @ jb2311 made their first contribution in #4970
- @ Uzlopak made their first contribution in #5020
- @ Spencer-Doak made their first contribution in #4918
- @ nikolas made their first contribution in #4927
- @ F3n67u made their first contribution in #4886
from mocha GitHub release notesWhat's Changed
New Contributors
Full Changelog: v10.6.1...v10.7.0
What's Changed
Full Changelog: v10.6.0...v10.6.1
What's Changed
Full Changelog: v10.5.2...v10.6.0
What's Changed
New Contributors
Full Changelog: v10.5.1...v10.5.2
What's Changed
New Contributors
Full Changelog: v10.5.0...v10.5.1
🎉 Enhancements
🐛 Fixes
🔩 Other
10.4.0 / 2024-03-26
🎉 Enhancements
.causestacks in the error stack traces (@ voxpelli)🐛 Fixes
lib/cli/run.js(@ stalet)🔩 Other
This is a stable release equivalent to v10.3.0-preminor.0.
What's Changed
titlePathmethod by @ F3n67u in #4886New Contributors
Full Changelog: v10.2.0...v10.3.0
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"mocha","from":"10.3.0","to":"10.7.0"}],"env":"prod","hasFixes":true,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":[{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-SOCKETIO-7278048","issue_id":"SNYK-JS-SOCKETIO-7278048","priority_score":124,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00045},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Jun 20 2024 06:22:00 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.06},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Uncaught Exception"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-IP-6240864","issue_id":"SNYK-JS-IP-6240864","priority_score":221,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"low"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00084},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Feb 11 2024 07:37:52 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":7.84},{"name":"likelihood","value":2.81},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Server-side Request Forgery (SSRF)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-SOCKETIOPARSER-5596892","issue_id":"SNYK-JS-SOCKETIOPARSER-5596892","priority_score":114,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00252},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed May 24 2023 07:39:19 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":1.9},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1536528","issue_id":"SNYK-JS-TAR-1536528","priority_score":95,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"none"},{"name":"scope","value":"changed"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"local"},{"name":"epss","value":0.00689},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Aug 04 2021 07:24:54 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":9.6},{"name":"likelihood","value":0.984},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Arbitrary File Overwrite"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1536531","issue_id":"SNYK-JS-TAR-1536531","priority_score":95,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"none"},{"name":"scope","value":"changed"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"local"},{"name":"epss","value":0.00689},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Aug 04 2021 07:24:55 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":9.6},{"name":"likelihood","value":0.984},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Arbitrary File Overwrite"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1579147","issue_id":"SNYK-JS-TAR-1579147","priority_score":97,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"low"},{"name":"scope","value":"changed"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"local"},{"name":"epss","value":0.0013},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Sep 01 2021 07:55:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":9.95},{"name":"likelihood","value":0.97},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Arbitrary File Write"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-ENGINEIO-5496331","issue_id":"SNYK-JS-ENGINEIO-5496331","priority_score":114,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00192},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu May 04 2023 07:20:58 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":1.9},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Uncaught Exception"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ES5EXT-6095076","issue_id":"SNYK-JS-ES5EXT-6095076","priority_score":169,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00045},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Feb 28 2024 16:39:56 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.81},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1579152","issue_id":"SNYK-JS-TAR-1579152","priority_score":97,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"low"},{"name":"scope","value":"changed"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"local"},{"name":"epss","value":0.0013},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Sep 01 2021 07:55:12 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":9.95},{"name":"likelihood","value":0.97},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Arbitrary File Write"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1579155","issue_id":"SNYK-JS-TAR-1579155","priority_score":97,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"low"},{"name":"scope","value":"changed"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"local"},{"name":"epss","value":0.0007},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Sep 01 2021 07:55:11 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":9.95},{"name":"likelihood","value":0.968},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Arbitrary File Write"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-WS-7266574","issue_id":"SNYK-JS-WS-7266574","priority_score":169,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00044},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Jun 17 2024 14:34:03 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.81},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-WS-7266574","issue_id":"SNYK-JS-WS-7266574","priority_score":169,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00044},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Jun 17 2024 14:34:03 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.81},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-TAR-6476909","issue_id":"SNYK-JS-TAR-6476909","priority_score":142,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00045},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Mar 22 2024 12:56:33 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.36},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-TAR-6476909","issue_id":"SNYK-JS-TAR-6476909","priority_score":142,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00045},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Mar 22 2024 12:56:33 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.36},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-EXPRESS-6474509","issue_id":"SNYK-JS-EXPRESS-6474509","priority_score":98,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"none"},{"name":"scope","value":"changed"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00044},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Mar 26 2024 07:34:23 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":false},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":4.54},{"name":"likelihood","value":2.15},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Open Redirect"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1536758","issue_id":"SNYK-JS-TAR-1536758","priority_score":40,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"unproven"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01055},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Aug 05 2021 14:33:10 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":1.69},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Regular Expression Denial of Service (ReDoS)"}],"prId":"a6d64ed3-b62a-454b-82d0-51739800dad0","prPublicId":"a6d64ed3-b62a-454b-82d0-51739800dad0","packageManager":"npm","priorityScoreList":[124,221,114,95,95,97,114,169,97,97,169,142,98,40],"projectPublicId":"543b602b-7a0f-494e-9c69-555edfc5bc04","projectUrl":"https://app.snyk.io/org/hashim21223445/project/543b602b-7a0f-494e-9c69-555edfc5bc04?utm_source=github&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["priorityScore"],"type":"auto","upgrade":["SNYK-JS-SOCKETIO-7278048","SNYK-JS-IP-6240864","SNYK-JS-SOCKETIOPARSER-5596892","SNYK-JS-TAR-1536528","SNYK-JS-TAR-1536531","SNYK-JS-TAR-1579147","SNYK-JS-ENGINEIO-5496331","SNYK-JS-ES5EXT-6095076","SNYK-JS-TAR-1579152","SNYK-JS-TAR-1579155","SNYK-JS-WS-7266574","SNYK-JS-WS-7266574","SNYK-JS-TAR-6476909","SNYK-JS-TAR-6476909","SNYK-JS-EXPRESS-6474509","SNYK-JS-TAR-1536758"],"upgradeInfo":{"versionsDiff":7,"publishedDate":"2024-07-20T19:45:56.910Z"},"vulns":["SNYK-JS-SOCKETIO-7278048","SNYK-JS-IP-6240864","SNYK-JS-SOCKETIOPARSER-5596892","SNYK-JS-TAR-1536528","SNYK-JS-TAR-1536531","SNYK-JS-TAR-1579147","SNYK-JS-ENGINEIO-5496331","SNYK-JS-ES5EXT-6095076","SNYK-JS-TAR-1579152","SNYK-JS-TAR-1579155","SNYK-JS-WS-7266574","SNYK-JS-WS-7266574","SNYK-JS-TAR-6476909","SNYK-JS-TAR-6476909","SNYK-JS-EXPRESS-6474509","SNYK-JS-TAR-1536758"]}'