[Snyk] Upgrade joi from 17.4.2 to 17.9.2

[Braineanear]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade joi from 17.4.2 to 17.9.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 17 versions ahead of your current version.
• The recommended version was released 4 months ago, on 2023-04-24.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Poisoning SNYK-JS-QS-3153490	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOMENT-2944238	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MONGOOSE-2961688	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MONGOOSE-5777721	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-SIMPLEGET-2361683	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430339	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Poisoning SNYK-JS-QS-3153490	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Directory Traversal SNYK-JS-MOMENT-2440688	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Information Exposure SNYK-JS-NODEFETCH-2342118	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Open Redirect SNYK-JS-NODEFORGE-2330875	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-NODEFORGE-2331908	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SIDEWAYFORMULA-3317169	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-XML2JS-5414874	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430337	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430341	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-JSON5-3182856	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: joi

• 17.9.2 - 2023-04-24
  

  17.9.2

• 17.9.1 - 2023-03-21
  

  17.9.1

• 17.9.0 - 2023-03-20
  

  17.9.0

• 17.8.4 - 2023-03-14
  

  17.8.4

• 17.8.3 - 2023-02-21
  

  17.8.3

• 17.8.2 - 2023-02-21
  

  17.8.2

• 17.8.1 - 2023-02-19
  

  17.8.1

• 17.8.0 - 2023-02-19
  

  17.8.0

• 17.7.1 - 2023-02-10
  

  17.7.1

• 17.7.0 - 2022-11-01
  

  17.7.0

• 17.6.4 - 2022-10-22
• 17.6.3 - 2022-10-11
• 17.6.2 - 2022-09-29
• 17.6.1 - 2022-09-22
• 17.6.0 - 2022-01-26
• 17.5.0 - 2021-12-02
• 17.4.3 - 2021-12-01
• 17.4.2 - 2021-08-01

from joi GitHub release notes

Commit messages

Package name: joi

• c19ae3d 17.9.2
• 2333984 Merge pull request #2945 from hapijs/fix/memory-leak
• 751000d fix: commit states to avoid memory leak
• cc11f8d 17.9.1
• 99cf8eb Merge pull request #2932 from hapijs/fix/warnings-externals-mismatches
• e64375a fix: do not trigger warnings and externals on arrays and alternatives mismatches
• 0fdab3a 17.9.0
• 7b24729 Merge pull request #2931 from hapijs/feat/external-helpers
• e52a362 feat: improve external helpers
• c191b99 17.8.4
• ab91092 Merge pull request #2928 from hapijs/fix/validation-warning-types
• 6b530c8 fix: validation warning types
• 227e761 Merge pull request #2923 from hapijs/chore/docs
• b0d8df8 chore: fix wrong usage of Joi.expression
• ff3e5fc 17.8.3
• ade2748 Merge pull request #2919 from hapijs/chore/revert-17.8
• 09cbaaa chore: revert 17.8.x line
• 04751f1 17.8.2
• d49e029 Merge pull request #2916 from hapijs/fix/email-options
• 245e0c9 fix: properly transform domain
• cc88b68 17.8.1
• 67b0923 Merge pull request #2910 from hapijs/fix/optional-chaining
• 5036947 fix: transpile optional chaining
• 79a2af4 17.8.0

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs