[Snyk] Fix for 1 vulnerabilities

[aliscco]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • test/fixtures/qs-package/node_modules/request/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: istanbul

The new version differs by 72 commits.

• 89e338f 0.4.5
• 7efe4dc update changelog, contributors
• da79378 Merge pull request [Snyk] Security upgrade actionpack from 4.2.5 to 4.2.5 #673 from popomore/swap-fileset-for-glob
• 58f4c90 swap fileset for glob
• fef889b Merge pull request [Snyk] Security upgrade qs from 0.6.6 to 6.0.4 #657 from djorg83/master
• 91bb666 log filename when file fails to parse using esprima
• 5dbd62c 0.4.4
• 5642fb4 Update changelog, contributors
• f4195bb Merge pull request [Snyk] Fix for 13 vulnerabilities #507 from Victorystick/es-modules-support
• c521035 Merge pull request [Snyk] Security upgrade jinja2 from 2.7.2 to 2.11.3 #628 from inversion/use-tmp-dir
• 66fffdc Merge pull request [Snyk] Security upgrade npm from 2.15.12 to 7.21.0 #597 from JamesMGreene/patch-1
• dfcab10 Merge pull request [Snyk] Security upgrade django from 1.6.1 to 1.8.16 #627 from a0viedo/patch-1
• abec3ae Merge pull request [Snyk] Security upgrade @google-cloud/profiler from 2.0.2 to 4.1.3 #625 from ChALkeR/tmpdir
• a9aaf53 tmp dir setting was being ignored in TmpStore
• 522f465 link build badge to master branch
• 0b5e80d use os.tmpdir() instead of os.tmpDir()
• 5069661 Set "medium" coverage CSS color scheme to yellow
• 0e8c350 Merge pull request [Snyk] Fix for 10 vulnerabilities #587 from clickthisnick/chore-remove-trailing-spaces
• fc3ba35 0.4.3
• b3de106 Update changelog, contributors
• bb5b6e1 Merge pull request [Snyk] Fix for 4 vulnerabilities #579 from jtangelder/fix-colors
• 0411600 return plain string when an invalid clazz is given
• a556a5e Merge pull request [Snyk] Fix for 10 vulnerabilities #552 from abejfehr/patch-1
• 369ed49 Merge pull request [Snyk] Security upgrade rack-protection from 1.5.3 to 1.5.3 #545 from pra85/patch-1

See the full diff

Package name: karma

The new version differs by 88 commits.

• 2c9be5a chore: release v0.13.0
• c658c9d chore: update contributors
• ecee70a Merge branch 'canary'
• 7685484 chore: Update dependencies
• c25c91c chore: release v0.13.0-rc.9
• a4b5cdd feat(logger): Add date/time stamp to log output
• 6a9df4a Updated example to have comment about libraries
• 7ed6be7 docs(readme): All support goes to gitter and the mailing list
• bcce563 Merge pull request [Snyk] Fix for 26 vulnerabilities #1491 from Dignifiedquire/terinjokes-fix-http-proxy
• 4a59443 feat(logger): Add date/time stamp to log output
• 04f408f Merge branch 'fix-http-proxy' of https://github.com/terinjokes/karma into terinjokes-fix-http-proxy
• 0ce9df6 Merge branch 'canary' of github.com:karma-runner/karma into canary
• e364149 Merge pull request [Snyk] Security upgrade aiohttp from 2.2.2 to 3.8.6 #1485 from Dignifiedquire/server-api
• 4d1fa24 chore: release v0.13.0-rc.8
• 3019c0c Merge pull request [Snyk] Security upgrade eslint from 2.13.1 to 4.5.0 #1487 from KJTsanaktsidis/canary
• 32eec8d fix(web-server): Correctly update filesPromise on files updated
• 68b5208 chore: release v0.13.0-rc.7
• 82cbbad feat(server): improve public api
• 48e3000 chore: Code cleanup and linting fixes
• 7e37a23 Merge pull request [Snyk] Security upgrade certifi from 2019.3.9 to 2023.7.22 #1442 from tailsu/sd/context-json
• 31494cb Merge pull request [Snyk] Security upgrade django from 2.0.1 to 3.2.23 #1471 from Dignifiedquire/glob-sync
• b16e6e2 Merge pull request [Snyk] Security upgrade sanitize from 4.6.2 to 4.6.3 #1481 from Dignifiedquire/1106-stringify-dom-elements
• 1f73be4 fix(client): serialise DOM objects
• 211939f Merge pull request [Snyk] Security upgrade django from 1.6.1 to 3.2.23 #1472 from anshbansal/patch-1

See the full diff

Package name: karma-browserify

The new version differs by 50 commits.

• 9081a68 chore(project): release v5.0.0
• 3417225 chore(project): add browserify 13 compatibility
• 47b8a43 docs(README): document browserify and watchify dependencies
• ffd145c chore(bro): make watchify an optional dependency
• 84138e2 chore(example): add explicit browserify/watchify versions
• b9ad424 chore(travis): test against stable Node.JS
• 6d91d86 chore(deps): depend on browserify + watchify as peer dependencies
• 1537cd7 Add missing dev dependencies
• 13e74e2 chore(deps): bump dependencies to latest version(s)
• ace2dfb feat(bro): throw bundle error in client
• 5efa3dc chore(project): release v4.4.2
• f4a69fb chore(project): update lodash dependency
• 0cc922f chore(project): release v4.4.1
• 248fc74 fix(preprocessor): resolve path to tmp for preprocessor
• 656840c chore(project): release v4.4.0
• cc93a51 Merge pull request [Snyk] Security upgrade tap from 11.1.3 to 15.0.0 #148 from pmowrer/dont-watchify-when-autoWatch-false
• 6ac1dc0 Don't apply watchify unless autoWatch=true
• a315e36 Add failing test for singleRun creating watchers
• fba4512 Bump tsify to fix "Cannot find module 'typescript/bin/lib.d.ts'"
• e730464 Clean up after test runners
• c32def3 Use "browserify-related" instead of "Bro related"
• a37579d chore(project): release v4.3.0
• aa8557e docs(example): upgrade to karma-browserify@4
• 2995f52 test(integration): increase timeouts

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.