[Snyk] Upgrade ajv from 6.5.2 to 6.12.6

[snyk-bot]

Snyk has created this PR to upgrade ajv from 6.5.2 to 6.12.6.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 23 versions ahead of your current version.
• The recommended version was released a year ago, on 2020-10-10.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-AJV-584908	619/1000 Why? Has a fix available, CVSS 8.1	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: ajv

• 6.12.6 - 2020-10-10
  

  Fix performance issue of "url" format.

• 6.12.5 - 2020-09-13
  

  Fix uri scheme validation (@ ChALkeR).
  Fix boolean schemas with strictKeywords option (#1270)

• 6.12.4 - 2020-08-15
  

  Fix: coercion of one-item arrays to scalar that should fail validation (failing example).

• 6.12.3 - 2020-07-04
  

  Pass schema object to processCode function
  Option for strictNumbers (@ issacgerges, #1128)
  Fixed vulnerability related to untrusted schemas (CVE-2020-15366)

• 6.12.2 - 2020-04-19
  

  Removed post-install script

• 6.12.1 - 2020-04-18
  

  Docs and dependency updates

• 6.12.0 - 2020-02-22
  

  Improved hostname validation (@ sambauers, #1143)
  Option keywords to add custom keywords (@ franciscomorais, #1137)
  Types fixes (@ boenrobot, @ MattiAstedrone)
  Docs:

  • error logging example (@ RadiationSickness)
  • TypeScript usage notes (@ thetric)
• 6.11.0 - 2020-01-18
• 6.10.2 - 2019-07-14
• 6.10.1 - 2019-07-06
• 6.10.0 - 2019-03-03
• 6.9.2 - 2019-02-22
• 6.9.1 - 2019-02-10
• 6.9.0 - 2019-02-09
• 6.8.1 - 2019-02-02
• 6.8.0 - 2019-02-02
• 6.7.0 - 2019-01-13
• 6.6.2 - 2018-12-16
• 6.6.1 - 2018-11-29
• 6.6.0 - 2018-11-29
• 6.5.5 - 2018-11-04
• 6.5.4 - 2018-09-23
• 6.5.3 - 2018-08-17
• 6.5.2 - 2018-06-30

from ajv GitHub release notes

Commit messages

Package name: ajv

• fe59143 6.12.6
• d580d3e Merge pull request #1298 from ajv-validator/fix-url
• fd36389 fix: regular expression for "url" format
• 490e34c docs: link to v7-beta branch
• 9cd93a1 docs: note about v7 in readme
• 877d286 Merge pull request #1262 from b4h0-c4t/refactor-opt-object-type
• f1c8e45 6.12.5
• 764035e Merge branch 'ChALkeR-chalker/fix-comma'
• 3798160 Merge branch 'chalker/fix-comma' of git://github.com/ChALkeR/ajv into ChALkeR-chalker/fix-comma
• a3c7eba Merge branch 'refactor-opt-object-type' of github.com:b4h0-c4t/ajv into refactor-opt-object-type
• 9963331 change _opts type to Options.
• 03e14cc Merge branch 'master' into refactor-opt-object-type
• 236328e add _opts property in Ajv.Ajv
• 7402f98 fix: boolean schemas with strictKeywords option
• cf88d1d 6.12.4
• 161670b docs: readme links
• b4568b4 docs: MOSS grant
• 73f612f fix: coercion of array to scalar that should fail validation
• d4d1a13 test: failing coercion tests with option coerceTypes: array
• 981317c Fix uri scheme validation
• a1ebd03 Merge branch 'rgeerts-improved_language'
• bf63684 allowed unknown formats
• c34840c improved language to be more inclusive for less privileged populations
• 521c3a5 6.12.3

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs