[Snyk] Fix for 5 vulnerabilities #117

snyk-bot · 2021-04-27T01:17:19Z

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json

Priority Score (*)	Issue	Breaking Change	Exploit Maturity
551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-REDIS-1255645	Yes	No Known Exploit
551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090599	Yes	No Known Exploit
551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090600	Yes	No Known Exploit
551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090601	Yes	No Known Exploit
551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090602	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @loopback/rest

The new version differs by 250 commits.

020ed59 chore: publish release
a87c1ec chore(example-validation-app): fix project config for publish
f6fa213 chore: publish release
5417ed5 fix(repository-json-schema): fix schema generation for model inheritance
01571a3 chore: update dependency helmet to ^3.22.0
f3a857e chore: update dependency oas-validator to v4
560b3c3 chore: update dependency swagger2openapi to v6
a440ae2 feat(rest): add info spec enhancer to build `info` for OpenAPI spec from application metadata
5b20c98 chore: update dependency prettier to ^2.0.2
8d6b1e3 chore: update CODEOWNERS for validation-app
36a70b3 fix(cli): add validation-app to example cli
df0e186 fix(docs): add validation-app to example list
d8156b0 chore: reformat code using prettier@2.0.0
3dc8248 chore: set arrowParens option of prettier to 'avoid' for backward compatibility
3d7bea1 test(build): update tests to use the correct prettier options
65bdee7 feat: update dependency prettier to v2
b241eba chore: update typescript-eslint monorepo to ^2.25.0
192563a feat(core): add more flavors of @ extensions decorator
ede4bbd fix(rest): allow async custom keyword by setting {$async: true} to referenced schemas
854ce9a fix(boot): fix resolution of package.json for application metadata
413bc1b chore: update dependency @ types/express-serve-static-core to ^4.17.3
c7a5cf7 chore: update package locks file
f0f1709 feat(example-validation-app): add validation example
048c609 chore: update dependency swagger2openapi to ^5.4.0

Package name: redis

The new version differs by 142 commits.

fc28860 Bump version to 3.1.1 (#1597)
2d11b6d fix #1569 - improve monitor_regex (#1595)
7e77de8 Add Chat (#1594)
5d3e995 Merge branch 'master' of https://github.com/NodeRedis/node-redis
b797cf2 add user to README.md
79f34c2 Bump version to 3.1.0 (#1590)
7fdc54e fix for 428e1c8a7b2322c2650294638cb1663ac5692728 - fix auth retry when redis is in loading state
09f0fe8 "fix" tests
428e1c8 Add support for Redis 6 `auth pass [user]` (#1508)
bb208d0 Add codeclimate badge (#1572)
47e2e38 Exclude examples from deepsource (#1579)
fbca5cd Upgrade node and dependencies (#1578)
2188744 Create codeql-analysis.yml (#1577)
32861b5 Create .deepsource.toml (#1574)
2a34d41 Add LGTM badge (#1571)
69b7094 Workflows fixes (#1570)
49c4131 Merge pull request #1531 from marnikvde/improve-docs
3c8ff5c Merge branch 'master' into improve-docs
685a72d Merge pull request #1277 from dcharbonnier/patch-1
055f5c5 Merge branch 'master' into patch-1
c78b6d5 Merge pull request #1527 from heynikhil/patch-1
53f1468 Merge branch 'master' into patch-1
232f191 Merge pull request #1563 from lebseu/patch-1
e4cb073 Update README.md