[Snyk] Upgrade: cookie-parser, exceljs, express, express-validator, node-fetch, https-localhost, nodemailer, hypersign-auth-js-sdk, mongoose, url-parse, web3 #1979
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade:
- cookie-parser from 1.4.5 to 1.4.6.
See this package in npm: https://www.npmjs.com/package/cookie-parser
- exceljs from 4.2.1 to 4.4.0.
See this package in npm: https://www.npmjs.com/package/exceljs
- express from 4.17.1 to 4.19.2.
See this package in npm: https://www.npmjs.com/package/express
- express-validator from 6.12.0 to 6.15.0.
See this package in npm: https://www.npmjs.com/package/express-validator
- node-fetch from 2.6.1 to 2.7.0.
See this package in npm: https://www.npmjs.com/package/node-fetch
- https-localhost from 4.6.5 to 4.7.1.
See this package in npm: https://www.npmjs.com/package/https-localhost
- nodemailer from 6.6.2 to 6.9.14.
See this package in npm: https://www.npmjs.com/package/nodemailer
- hypersign-auth-js-sdk from 2.0.4 to 2.0.8.
See this package in npm: https://www.npmjs.com/package/hypersign-auth-js-sdk
- mongoose from 5.12.14 to 5.13.22.
See this package in npm: https://www.npmjs.com/package/mongoose
- url-parse from 1.5.1 to 1.5.10.
See this package in npm: https://www.npmjs.com/package/url-parse
- web3 from 1.3.6 to 1.10.4.
See this package in npm: https://www.npmjs.com/package/web3
See this project in Snyk:
https://app.snyk.io/org/vishwas1/project/2720c8e6-f642-42c7-953d-4401e8d2c85f?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade multiple dependencies.
👯 The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
cookie-parser
from 1.4.5 to 1.4.6 | 1 version ahead of your current version | 3 years ago
on 2021-11-16
exceljs
from 4.2.1 to 4.4.0 | 2 versions ahead of your current version | a year ago
on 2023-10-19
express
from 4.17.1 to 4.19.2 | 9 versions ahead of your current version | 5 months ago
on 2024-03-25
express-validator
from 6.12.0 to 6.15.0 | 8 versions ahead of your current version | 2 years ago
on 2023-02-16
node-fetch
from 2.6.1 to 2.7.0 | 13 versions ahead of your current version | a year ago
on 2023-08-23
https-localhost
from 4.6.5 to 4.7.1 | 2 versions ahead of your current version | 3 years ago
on 2022-02-16
nodemailer
from 6.6.2 to 6.9.14 | 28 versions ahead of your current version | 3 months ago
on 2024-06-19
hypersign-auth-js-sdk
from 2.0.4 to 2.0.8 | 4 versions ahead of your current version | 3 years ago
on 2021-10-10
mongoose
from 5.12.14 to 5.13.22 | 24 versions ahead of your current version | 8 months ago
on 2024-01-02
url-parse
from 1.5.1 to 1.5.10 | 9 versions ahead of your current version | 3 years ago
on 2022-02-22
web3
from 1.3.6 to 1.10.4 | 50 versions ahead of your current version | 7 months ago
on 2024-02-05
Issues fixed by the recommended upgrade:
SNYK-JS-MONGOOSE-2961688
SNYK-JS-MONGOOSE-5777721
SNYK-JS-TAR-1579147
SNYK-JS-TAR-1579152
SNYK-JS-TAR-1579155
SNYK-JS-DECODEURICOMPONENT-3149970
SNYK-JS-URLPARSE-2407770
SNYK-JS-SIMPLEGET-2361683
SNYK-JS-TAR-1536528
SNYK-JS-TAR-1536531
SNYK-JS-BROWSERIFYSIGN-6037026
SNYK-JS-JSZIP-1251497
SNYK-JS-JSZIP-3188562
SNYK-JS-MPATH-1577289
SNYK-JS-NODEFETCH-2342118
SNYK-JS-UGLIFYJS-1727251
SNYK-JS-URLPARSE-1533425
SNYK-JS-URLPARSE-2401205
SNYK-JS-URLPARSE-2407759
SNYK-JS-GOT-2932019
SNYK-JS-GOT-2932019
SNYK-JS-MONGODB-5871303
SNYK-JS-NODEMAILER-6219989
SNYK-JS-URLPARSE-2412697
SNYK-JS-VALIDATOR-1090600
SNYK-JS-EXPRESS-6474509
SNYK-JS-COOKIEJAR-3149984
SNYK-JS-TAR-1536758
Release notes
Package name: cookie-parser
-
1.4.6 - 2021-11-16
- deps: cookie@0.4.1
-
1.4.5 - 2020-03-15
- deps: cookie@0.4.0
from cookie-parser GitHub release notesPackage name: exceljs
-
4.4.0 - 2023-10-19
- fix: styles rendering in case when "numFmt" is present in conditional formatting rules (resolves #1814) by @ andreykrupskii in #1815
- inlineStr cell type support #1575 by @ drdmitry in #1576
- Fix parsing of boolean attributes by @ bno1 in #1849
- add optional custom auto-filter to table by @ thambley in #1670
- Deep copy inherited style by @ ikzhr in #1850
- Upgrade actions/cache and actions/setup-node by @ cclauss in #1846
- Check object keys in isEqual by @ bno1 in #1831
- Add v17 to testing workflow by @ Siemienik in #1856
- Upgrade jszip to its latest version to date. This version does not have any vulnerability found by Snyk so far by @ ValerioSevilla in #1895
- Update README.md by @ xjrcode in #1677
- (docs): set prototype of RegExp correctly. by @ joeldenning in #1700
- Added timeouts to github actions by @ alexbjorlig in #1733
- fix issue 1676 by @ skypesky in #1701
- #2237 : Update CI Tests, Drop support for Node v8 by @ Siemienik in #2242
- Fix types for getWorksheet() by @ hfhchan-plb in #2223
- add characters cannot be used for worksheet name by @ tkm-kj in #2126
- Fix issue #1753 Reject promise when workbook reader is writing to temporary file stream and error occurs by @ pauliusg in #1756
- README.md to have correct link for Streaming XLSX by @ wulfsolter in #2186
- Added a polyfill of promise.finally to support lower versions of Firefox. by @ DemoJj in #1982
- Fix read this.worksheet before assign it by @ ZyqGitHub1 in #1934
- chore: upgrade jszip to ^3.10.1 by @ jarrod-cocoon in #2211
- fixed spelling error in README.md file by @ HugoP27 in #2208
- fix: Fix xlsx.writeFile() not catching error when error occurs by @ zurmokeeper in #2244
- Improve worksheets' naming validation logic. by @ Siemienik in #2257
- fix issue 2125 - spliceRows remove last row by @ babu-ch in #2140
- fix: fix the loss of column attributes due to incorrect column order by @ cpaiyueyue in #2222
- Fix: Sheet Properties Types by @ albeniraouf in #2327
- Use node 18 LTS for tsc, and benchmark. Add node 20. to test matrix. … by @ Siemienik in #2354
- Add missing tooltip attribute to CellHyperlinkValue index.d.ts by @ NiklasPor in #2350
- Increase resilience to generating large workbooks by @ hfhchan-plb in #2320
- repair all 'c2fo.io' links ('c2fo.github.io') by @ justintunev7 in #2324
- fix: fix type definitions about last column, formula values and protection by @ gltjk in #2309
- fix: add spinCount field for WorksheetProtection type by @ damingerdai in #2284
- Add type definition for WorksheetModel.merges by @ ytjmt in #2281
- 1842: New xlsx option for ignoring certain nodes for improved performance by @ hofnarwillie in #2132
- Update changelog: v4.4.0 preparations by @ Siemienik in #2555
- @ andreykrupskii made their first contribution in #1815
- @ drdmitry made their first contribution in #1576
- @ bno1 made their first contribution in #1849
- @ ikzhr made their first contribution in #1850
- @ cclauss made their first contribution in #1846
- @ ValerioSevilla made their first contribution in #1895
- @ xjrcode made their first contribution in #1677
- @ joeldenning made their first contribution in #1700
- @ hfhchan-plb made their first contribution in #2223
- @ tkm-kj made their first contribution in #2126
- @ pauliusg made their first contribution in #1756
- @ DemoJj made their first contribution in #1982
- @ ZyqGitHub1 made their first contribution in #1934
- @ jarrod-cocoon made their first contribution in #2211
- @ HugoP27 made their first contribution in #2208
- @ zurmokeeper made their first contribution in #2244
- @ babu-ch made their first contribution in #2140
- @ cpaiyueyue made their first contribution in #2222
- @ albeniraouf made their first contribution in #2327
- @ NiklasPor made their first contribution in #2350
- @ justintunev7 made their first contribution in #2324
- @ gltjk made their first contribution in #2309
- @ damingerdai made their first contribution in #2284
- @ ytjmt made their first contribution in #2281
- @ hofnarwillie made their first contribution in #2132
-
4.3.0 - 2021-08-21
-
4.2.1 - 2021-03-09
from exceljs GitHub release notesDear ExcelJS Enthusiasts,
Your commitment and insights have paved the way for this remarkable release. A deep thank you to every contributor and user! Let's keep the momentum going: join our thriving Discord community and be a part of shaping ExcelJS's next chapter.
Dive in, experiment with the new features, and share your experiences. Your feedback drives us forward.
Together, we innovate. 🚀
Changelog Highlights:
New Contributors
Full Changelog: v4.3.0...v4.4.0
#2351
4.3.0
4.2.1
Package name: express
What's Changed
Full Changelog: 4.19.0...4.19.1
What's Changed
New Contributors
Full Changelog: 4.18.3...4.19.0
Main Changes
Other Changes