-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Snyk] Upgrade cookie from 0.5.0 to 0.7.2 #131
base: main
Are you sure you want to change the base?
Conversation
Snyk has created this PR to upgrade cookie from 0.5.0 to 0.7.2. See this package in npm: cookie See this project in Snyk: https://app.snyk.io/org/sammytezzy/project/d44a33bd-57c9-417a-aad9-c6257f92658a?utm_source=github&utm_medium=referral&page=upgrade-pr
Run & review this pull request in StackBlitz Codeflow. |
Reviewer's Guide by SourceryThis PR upgrades the cookie package from version 0.5.0 to 0.7.2 to address a medium severity Cross-site Scripting (XSS) vulnerability. The upgrade spans 4 versions and includes performance improvements, bug fixes, and new features. No diagrams generated as the changes look simple and do not need a visual representation. File-Level Changes
Tips and commandsInteracting with Sourcery
Customizing Your ExperienceAccess your dashboard to:
Getting Help
|
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We have skipped reviewing this pull request. Here's why:
- It seems to have been created by a bot ('[Snyk]' found in title). We assume it knows what it's doing!
- We don't review packaging changes - Let us know if you'd like us to change this.
Snyk has created this PR to upgrade cookie from 0.5.0 to 0.7.2.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 4 versions ahead of your current version.
The recommended version was released on a month ago.
Issues fixed by the recommended upgrade:
SNYK-JS-COOKIE-8163060
Release notes
Package name: cookie
Fixed
hasOwnProperty
(#177) bc38ffdv0.7.1...v0.7.2
Fixed
serialize
without options, useobj.hasOwnProperty
when parsing (#172)v0.7.0...v0.7.1
main
topackage.json
for rspack (#166 by @ proudparrot2)v0.6.0...v0.7.0
partitioned
optionpriority
optionexpires
option to reject invalid datesImportant
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
Summary by Sourcery
Enhancements: