Skip to content
This repository has been archived by the owner on Mar 14, 2024. It is now read-only.

[Snyk] Upgrade mocha from 3.5.3 to 10.1.0 #38

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade mocha from 3.5.3 to 10.1.0 #38

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

@snyk-bot snyk-bot commented Nov 13, 2022
edited by ghost
Loading

Snyk has created this PR to upgrade mocha from 3.5.3 to 10.1.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

  • The recommended version is 59 versions ahead of your current version.
  • The recommended version was released a month ago, on 2022-10-15.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Arbitrary Code Injection
npm:growl:20160721		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
npm:diff:20180305		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
npm:diff:20180305		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-610226		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-1023599		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Arbitrary File Write
SNYK-JS-TAR-1579155		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Arbitrary File Write
SNYK-JS-TAR-1579152		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Arbitrary File Write
SNYK-JS-TAR-1579147		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Arbitrary File Overwrite
SNYK-JS-TAR-1536531		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Arbitrary File Overwrite
SNYK-JS-TAR-1536528		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Prototype Pollution
SNYK-JS-SETVALUE-450213		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Prototype Pollution
SNYK-JS-SETVALUE-1540541		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Prototype Pollution
SNYK-JS-SETVALUE-450213		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Prototype Pollution
SNYK-JS-SETVALUE-1540541		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Prototype Pollution
SNYK-JS-MIXINDEEP-450212		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-608086		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-567746		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-450202		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Command Injection
SNYK-JS-LODASH-1040724		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Prototype Pollution
SNYK-JS-JSONSCHEMA-1920922		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Prototype Pollution
SNYK-JS-INI-1048974		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Cryptographic Issues
SNYK-JS-ELLIPTIC-571484		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Prototype Pollution
SNYK-JS-CACHEDPATHRELATIVE-2342653		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Prototype Pollution
SNYK-JS-AJV-584908		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ACORN-559469		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ACORN-559469		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Arbitrary Code Injection
SNYK-JS-UNDERSCORE-1080984		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-1072471		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHPARSE-1077067		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept
Timing Attack
SNYK-JS-ELLIPTIC-511941		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Cryptographic Issues
SNYK-JS-ELLIPTIC-1064899		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
npm:debug:20170905		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-TAR-1536758		 704/1000
Why? Has a fix available, CVSS 9.8		 No Known Exploit
Validation Bypass
SNYK-JS-KINDOF-537849		 704/1000
Why? Has a fix available, CVSS 9.8		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: mocha
  • 10.1.0 - 2022-10-15

    10.1.0 / 2022-10-16

    🎉 Enhancements

    🔩 Other

  • 10.0.0 - 2022-05-01

    10.0.0 / 2022-05-01

    💥 Breaking Changes

    🔩 Other

    Also thanks to @ ea2305 and @ SukkaW for improvements to our documentation.

  • 9.2.2 - 2022-03-11

    9.2.2 / 2022-03-11

    Please also note our announcements.

    🐛 Fixes

    🔩 Other

  • 9.2.1 - 2022-02-19

    9.2.1 / 2022-02-19

    Please also note our announcements.

    🐛 Fixes

    • #4832: Loading of config files throws wrong error (@ juergba)

    • #4799: Reporter: configurable maxDiffSize reporter-option (@ norla)

  • 9.2.0 - 2022-01-24

    9.2.0 / 2022-01-24

    Please also note our announcements.

    🎉 Enhancements

    🔩 Other

  • 9.1.4 - 2022-01-14

    9.1.4 / 2022-01-14

    Please also note our announcements.

    🐛 Fixes

    🔩 Other

  • 9.1.3 - 2021-10-15

    9.1.3 / 2021-10-15

    Please also note our announcements.

    🐛 Fixes

    🔩 Other

  • 9.1.2 - 2021-09-25

    9.1.2 / 2021-09-25

    Please also note our announcements.

    🐛 Fixes

    🔩 Other

  • 9.1.1 - 2021-08-28

    9.1.1 / 2021-08-28

    Please also note our announcements.

    🐛 Fixes

  • 9.1.0 - 2021-08-20

    9.1.0 / 2021-08-20

    Please also note our announcements.

    🎉 Enhancements

  • 9.0.3 - 2021-07-25
  • 9.0.2 - 2021-07-03
  • 9.0.1 - 2021-06-18
  • 9.0.0 - 2021-06-07
  • 8.4.0 - 2021-05-07
  • 8.3.2 - 2021-03-12
  • 8.3.1 - 2021-03-06
  • 8.3.0 - 2021-02-11
  • 8.2.1 - 2020-11-02
  • 8.2.0 - 2020-10-16
  • 8.1.3 - 2020-08-28
  • 8.1.2 - 2020-08-25
  • 8.1.1 - 2020-08-04
  • 8.1.0 - 2020-07-30
  • 8.0.1 - 2020-06-10
  • 8.0.0 - 2020-06-10
  • 7.2.0 - 2020-05-23
  • 7.1.2 - 2020-04-26
  • 7.1.1 - 2020-03-18
  • 7.1.0 - 2020-02-26
  • 7.0.1 - 2020-01-26
  • 7.0.0 - 2020-01-04
  • 7.0.0-esm1 - 2020-01-12
  • 6.2.3 - 2020-03-25
  • 6.2.2 - 2019-10-18
  • 6.2.1 - 2019-09-29
  • 6.2.0 - 2019-07-18
  • 6.1.4 - 2019-04-18
  • 6.1.3 - 2019-04-12
  • 6.1.2 - 2019-04-08
  • 6.1.1 - 2019-04-07
  • 6.1.0 - 2019-04-07
  • 6.0.2 - 2019-02-25
  • 6.0.1 - 2019-02-21
  • 6.0.0 - 2019-02-18
  • 6.0.0-1 - 2019-01-02
  • 6.0.0-0 - 2019-01-01
  • 5.2.0 - 2018-05-18
  • 5.1.1 - 2018-04-18
  • 5.1.0 - 2018-04-12
  • 5.0.5 - 2018-03-23
  • 5.0.4 - 2018-03-07
  • 5.0.3 - 2018-03-07
  • 5.0.2 - 2018-03-06
  • 5.0.1 - 2018-02-13
  • 5.0.0 - 2018-01-18
  • 4.1.0 - 2017-12-29
  • 4.0.1 - 2017-10-06
  • 4.0.0 - 2017-10-03
  • 3.5.3 - 2017-09-11
from mocha GitHub release notes
Commit messages
Package name: mocha
  • 5f96d51 build(v10.1.0): release
  • ed74f16 build(v10.1.0): update CHANGELOG
  • 51d4746 chore(devDeps): update 'ESLint' to v8 (#4926)
  • 4e06a6f fix(browser): increase contrast for replay buttons (#4912)
  • 41567df Support prefers-color-scheme: dark (#4896)
  • 61b4b92 fix the regular expression for function `clean` in `utils.js` (#4770)
  • 77c18d2 chore: use standard 'Promise.allSettled' instead of polyfill (#4905)
  • 84b2f84 chore(ci): upgrade GH actions to latest versions (#4899)
  • 023f548 build(v10.0.0): release
  • 62b1566 build(v10.0.0): update CHANGELOG
  • fbe7a24 chore: update dependencies (#4878)
  • 2b98521 docs: replace 'git.io' short links (#4877) [ci skip]
  • 007fa65 chore(ci): add Node v18 to test matrix (#4876)
  • f6695f0 chore(esm): remove code for Node v12 (#4874)
  • 59f6192 chore(ci): conditionally skip 'push' event (#4872)
  • b863359 docs: fix 'fgrep' url (#4873)
  • baaa41a chore(ci): ignore changes to docs files (#4871)
  • ac81cc5 refactor!: drop support of 'growl' notification (#4866)
  • 3946453 chore(deps)!: upgrade 'minimatch' (#4865)
  • 592905b refactor!: rename 'bin/mocha' to 'bin/mocha.js' (#4863)
  • b7b849b refactor!: remove deprecated Runner signature (#4861)
  • 0608fa3 chore(site): fix supporters' download (#4859)
  • 785aeb1 chore(test): drop AMD/'requirejs' (#4857)
  • ed640c4 chore(devDeps): upgrade 'coffee-script' (#4856)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Mention [stepsize] in a comment if you'd like to report some technical debt. See examples here.

@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot