New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade node-notifier from 4.6.1 to 5.0.0 #43

Open

DarkCipherNinja wants to merge 1 commit into master from snyk-fix-a90ab2e34b93e1417ac7a66462f90fa0

Owner

DarkCipherNinja commented Nov 29, 2023

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- AhMyth-Server/app/node_modules/gulp-notify/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342073	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342082	Yes	Proof of Concept
	520/1000 Why? Has a fix available, CVSS 5.9	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-584281	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: node-notifier

The new version differs by 63 commits.

14b4725 Removes WIP flag for v5. It's here 🎉
8010548 v5.0.0
60053e5 Adds linting as prestep for tests
b62fd0b Fixes linting issues
a0d78bb Removes travis tests for older versions of Node to support jest
810b2e9 Changes mocha and should to jest for testing
5e39a90 Fixes linting issues
aeaedd3 Fixes formatting of all files
29fe519 Adds new toaster options to changelog
77c84b5 Removes docs on cli
993229a Adds example gif
776a424 Changes resolution for windows image
a5c4e2d Updates windows image example
58e3043 Updates docs for toasters
9667d26 Adds icon to toaster example
9e1b99a Adds ability to close toasters
cc1f223 Adds support for all toaster flags
ec8826a Fixes sound false case for toasters
6501e36 Fixes issue with sound bool opt for toasters
ed9f690 Fixes sound override for cross platform
4698b9a Fixes output for new toaster vendor
3a999bf Fixes windows integration with new toaster vendor
49d09a4 Fixes tests on windows
0cbaa92 Adds note on wait for notification center

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)


          fix: AhMyth-Server/app/node_modules/gulp-notify/package.json to reduc…

dc5682c

…e vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MARKED-2342073
- https://snyk.io/vuln/SNYK-JS-MARKED-2342082
- https://snyk.io/vuln/SNYK-JS-MARKED-584281

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet