[Snyk] Upgrade local-web-server from 4.2.1 to 5.3.1 #6
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade local-web-server from 4.2.1 to 5.3.1. See this package in npm: https://www.npmjs.com/package/local-web-server See this project in Snyk: https://app.snyk.io/org/gr00nd/project/6fec4c4f-aca1-4a26-a2f0-b1ef41a5ffbe?utm_source=github&utm_medium=referral&page=upgrade-pr
Review or Edit in CodeSandboxOpen the branch in Web Editor • VS Code • Insiders |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade local-web-server from 4.2.1 to 5.3.1.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Warning: This is a major version upgrade, and may be a breaking change.
The recommended version fixes:
SNYK-JS-KOACORS-6117545
Why? Confidentiality impact: None, Integrity impact: High, Availability impact: None, Scope: Changed, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00043, Social Trends: No, Days since published: 55, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 6.65, Likelihood: 2.06, Score Version: V5
SNYK-JS-QS-3153490
Why? Confidentiality impact: None, Integrity impact: High, Availability impact: None, Scope: Changed, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00043, Social Trends: No, Days since published: 55, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 6.65, Likelihood: 2.06, Score Version: V5
SNYK-JS-SEMVER-3247795
Why? Confidentiality impact: None, Integrity impact: High, Availability impact: None, Scope: Changed, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00043, Social Trends: No, Days since published: 55, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 6.65, Likelihood: 2.06, Score Version: V5
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: local-web-server
-
5.3.1 - 2024-01-08
-
5.3.0 - 2023-02-07
- Added support for Private Network Access. To enable, set the
-
5.2.1 - 2022-05-28
-
5.2.0 - 2022-03-13
-
5.1.1 - 2021-08-25
-
5.1.0 - 2021-08-06
- Support extended back to Node.js v12.20
- This is because support for
-
5.0.0 - 2021-07-06
- Dropped support for Node.js < v14
- Dropped support for CommonJS in general
- Dropped support for plugin prefixes
- Previously, you could omit the
- Several of the API methods have changed from sync to async, most importantly the
- The default config file
- All source code converted from CommonJS to ECMAScript modules.
- All dependencies upgraded.
- If you previously used shortened plugin names (e.g.
- If you launch a server using Lws.create you must now
- Lws can now only be used programmatically from ECMAScript modules - you must use
-
5.0.0-0 - 2021-06-09
-
4.2.1 - 2020-06-11
from local-web-server GitHub release notes5.3.1
New features since v5.2.1
--cors.private-network-accessflag.5.2.1
5.2.0
5.1.1
New features since v5.0.0
exports, conditional exports and exports patterns have been retro-fitted back to v12 (see the Package module history)Upgrade notes
Users of Node.js v12.20 and above may now use local-web-server (previously, you needed a minimum of node v14). There are no further changes.
This is a refresher release - there are no functional or behavioural changes to the web server itself.
Breaking changes since v4.2.1
lws-in plugin names, (i.e. you could use--stack staticinstead of--stack lws-static). This was ambigious and introduced the risk of incorrectly loading a module namedstatic, if it existed.Lws.createmethod. You now need toawaitthe result.New feature
lws.config.jsmay now also be namedlws.config.mjsorlws.config.cjsif preferred.Other improvements
Upgrade notes
--stack static) please use the full name (e.g.--stack lws-static)awaitthe result.importto load the library.5.0.0-0
4.2.1
Commit messages
Package name: local-web-server
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs