[Snyk] Upgrade netlify from 4.3.0 to 4.9.0 #29

snyk-bot · 2021-07-14T06:12:13Z

Snyk has created this PR to upgrade netlify from 4.3.0 to 4.9.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 20 versions ahead of your current version.
The recommended version was released 9 months ago, on 2020-10-21.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Prototype Pollution SNYK-JS-INI-1048974	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-HANDLEBARS-534988	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Arbitrary Code Execution SNYK-JS-HANDLEBARS-534478	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Prototype Pollution SNYK-JS-AWSSDK-1059424	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Prototype Pollution SNYK-JS-PATHVAL-596926	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Denial of Service SNYK-JS-NODEFETCH-674311	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Denial of Service (DoS) SNYK-JS-HTTPPROXY-569139	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-FLAT-596927	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Prototype Pollution SNYK-JS-DOTPROP-543489	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: netlify

4.9.0 - 2020-10-21
Merged
- align js-client upload limits with api ones #181
- chore(deps): update dependency eslint-config-prettier to v6.13.0 #180
- chore(deps): update babel monorepo #179
- fix(deps): update dependency @ netlify/open-api to v0.18.1 #174
- fix(deps): update dependency hasha to v5.2.2 #175
Commits
- test: update snapshots 6046ded
- align client limits with api ones 0b3b799
4.8.0 - 2020-10-08
Merged
- Small improvement of the test logic #172
- Retry on ETIMEDOUT timeout #171
Commits
- Add retries on timeout eb39b8f
4.7.0 - 2020-10-07
Merged
- fix(deps): update dependency @ netlify/open-api to ^0.18.0 #169
- chore(deps): update dependency gh-release to v4.0.3 #168
Commits
- test: update snapshots 256c6b2
4.6.0 - 2020-09-28
Merged
- fix(deps): update dependency @ netlify/open-api to v0.16.1 #164
- fix(deps): update dependency hasha to v5.2.1 #165
- chore(deps): update dependency eslint-plugin-import to v2.22.1 #163
- chore(deps): update dependency eslint-config-prettier to v6.12.0 #162
Commits
- Fix test snapshots 62d29a8
4.5.2 - 2020-09-24
Merged
- fix(deploy): don't hang when there are no files to deploy #161
- chore(deps): update dependency webpack to v4.44.2 #160
- chore(deps): update dependency gh-release to v4.0.2 #159
- chore(deps): update dependency auto-changelog to v2.2.1 #158
4.5.1 - 2020-09-17
Commits
- Fix linting 4bfb908
4.4.0 - 2020-09-17
Merged
- Update syncFileLimit to 100 #153
- chore(deps): update dependency gh-release to v4 #152
- chore(deps): update dependency husky to v4.3.0 #151
- chore(deps): lock file maintenance #148
4.3.13 - 2020-09-01
Merged
- chore(deps): lock file maintenance #145
- Runs Node 14 in CI #143
Commits
- zip-it-and-ship-it 1.3.12 21df6d0
4.3.12 - 2020-08-24
Merged
- chore(deps): lock file maintenance #142
- fix(deps): update dependency @ netlify/open-api to ^0.16.0 #140
- chore(deps): update dependency @ babel/core to v7.11.4 #139
- fix(deps): update dependency clean-deep to v3.4.0 #141
- chore(deps): lock file maintenance #137
Commits
- Fix test snapshots 9df510c
4.3.11 - 2020-08-10
4.3.10 - 2020-08-04
4.3.9 - 2020-08-03
4.3.8 - 2020-07-30
4.3.7 - 2020-07-27
4.3.6 - 2020-07-21
4.3.5 - 2020-06-29
4.3.4 - 2020-06-29
4.3.3 - 2020-06-23
4.3.2 - 2020-06-22
4.3.1 - 2020-06-10
4.3.0 - 2020-06-02

from netlify GitHub release notes

Commit messages

Package name: netlify

0978d50 4.9.0
fc80518 Merge pull request Rename status to info and add a netlify status command netlify/cli#181 from netlify/ingrid/align-client-limits-with-api-ones
0b3b799 align client limits with api ones
9d0e387 Merge pull request "Error: Not Found" on netlify deploy netlify/cli#180 from netlify/renovate/eslint-config-prettier-6.x-lockfile
3d57055 Merge pull request Creating a deploy should run the command from netlify.toml netlify/cli#179 from netlify/renovate/babel-monorepo
2e3f518 chore(deps): update dependency eslint-config-prettier to v6.13.0
3a55f99 chore(deps): update babel monorepo
9915239 Merge pull request Handle logged out users with grace netlify/cli#174 from netlify/renovate/netlify-open-api-0.x-lockfile
6046ded test: update snapshots
eea0970 fix(deps): update dependency @ netlify/open-api to v0.18.1
1a43b47 Merge pull request simple command to trigger build netlify/cli#175 from netlify/renovate/hasha-5.x-lockfile
aa6b9c7 fix(deps): update dependency hasha to v5.2.2
2b90af2 4.8.0
0810142 Merge pull request Allow users to set the login url in the auth flow netlify/cli#172 from netlify/chore/improve-test-id
9bcfcce Small improvement of the test logic
496193e Merge pull request Update CLI prompts for more consistent style netlify/cli#171 from netlify/feat/add-retry-on-timeout
eb39b8f Add retries on timeout
00b3e93 4.7.0
9a7b56f Merge pull request Output and feedback enhancements netlify/cli#169 from netlify/renovate/netlify-open-api-0.x
256c6b2 test: update snapshots
b9e9af0 fix(deps): update dependency @ netlify/open-api to ^0.18.0
8c54433 Merge pull request Update ESLint plugin netlify/cli#168 from netlify/renovate/gh-release-4.x-lockfile
f03fb84 chore(deps): update dependency gh-release to v4.0.3
39055e2 4.6.0

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade netlify from 4.3.0 to 4.9.0. See this package in npm: https://www.npmjs.com/package/netlify See this project in Snyk: https://app.snyk.io/org/hafixo/project/8c113c33-5ae1-4654-b7ce-9d9a473dbe1b?utm_source=github&utm_medium=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade netlify from 4.3.0 to 4.9.0 #29

[Snyk] Upgrade netlify from 4.3.0 to 4.9.0 #29

snyk-bot commented Jul 14, 2021

Merged

Commits

Merged

Commits

Merged

Commits

Merged

Commits

Merged

Commits

Merged

Merged

Commits

Merged

Commits

[Snyk] Upgrade netlify from 4.3.0 to 4.9.0 #29

Are you sure you want to change the base?

[Snyk] Upgrade netlify from 4.3.0 to 4.9.0 #29

Conversation

snyk-bot commented Jul 14, 2021

Snyk has created this PR to upgrade netlify from 4.3.0 to 4.9.0.

Merged

Commits

Merged

Commits

Merged

Commits

Merged

Commits

Merged

Commits

Merged

Merged

Commits

Merged

Commits