Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade objection from 0.2.8 to 0.5.4 #46

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade objection from 0.2.8 to 0.5.4 #46

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link
Contributor

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 479/1000
Why? Has a fix available, CVSS 5.3		 Buffer Overflow
npm:validator:20160218		 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: objection The new version differs by 212 commits.
  • 883a440 v0.5.4
  • 8a4fd0f bugfix: afterGet was not called for nested models in eager query. fixes #165
  • 35ccbfc perf test updates
  • 1b5a221 add updateAndFetch + patchAndFetch instance query methods. fixes #139
  • d961e58 bugfix: update model in instance.query().update operation. fixes #158
  • 1a005f0 bugfix: insertWithRelated now works with additionalProperties = false in jsonSchema. fixes #125, fixes #95
  • d4fa164 small performance fix
  • bdfbac8 more tests for hiddenData
  • d85bd0c hiddenData is not inherited anymore
  • 27e4fcb avoid using _.omit since it returns prototype props now
  • 4724f79 use delete instead of setting to undefined when removing a property
  • 7117bf9 ES6 promise compatibility fixes
  • f8ffdd2 v0.5.2
  • 5122741 Merge pull request #154 from fl0w/master
  • 0aff178 knex: update dependency, fixes #153
  • 0d79cab use correct query builder in eager filters. fixes #135
  • ca23ae1 add gitter badge to doc
  • fbb290d fix doc typo
  • efb60a5 v0.5.1
  • ef8dbf7 afterGet hook. fixes #138
  • 1027cb9 v0.5.0
  • 86d55d9 update examples for objection 0.5.0
  • 6ca624e minor fixes
  • e8e4acd Merge pull request #148 from gitter-badger/gitter-badge

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

@snyk-bot
fix: package.json to reduce vulnerabilities
091e4ca 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/npm:validator:20160218
@coveralls
Copy link

Coverage Status

Coverage remained the same at 79.618% when pulling 091e4ca on snyk-fix-0f98b6d2403bbe2aa765ad574a3cdb5a into c5f2c66 on master.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@snyk-bot @coveralls