Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade puppeteer-core from 14.4.1 to 19.7.3 #300

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade puppeteer-core from 14.4.1 to 19.7.3 #300

wants to merge 1 commit into from

Conversation

nexus-uw
Copy link
Contributor

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 661/1000
Why? Recently disclosed, Has a fix available, CVSS 7.5		 Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: puppeteer-core The new version differs by 250 commits.
  • 101fcb9 chore: release main (#9789)
  • ca797ad chore: fix pre-release
  • 0df369a chore: fix husky
  • 22e4cc3 chore: fix pre-release workflow (#9788)
  • baf51bc chore: use prerelease for browser (#9786)
  • 364b23f fix: update dependencies (#9781)
  • 299d444 chore: remove pre-push and pre-commit (#9777)
  • 813882d chore: update glob (#9776)
  • 04247a4 feat: browsers: recognize chromium as a valid browser (#9760)
  • 6777604 chore: fix analyzer yarn installs (#9778)
  • 2123f80 chore: remove rimraf (#9775)
  • 8bf9718 chore(deps): Bump yargs from 17.7.0 to 17.7.1 (#9752)
  • f84873c chore: support commas in P selectors (#9769)
  • 62d5f39 chore(deps): Bump @ angular-devkit/schematics from 15.2.0 to 15.2.1 (#9773)
  • 3a4e726 chore: fix Browsers failing tests (#9768)
  • 2922611 chore(deps): Bump @ angular-devkit/core from 15.2.0 to 15.2.1 (#9761)
  • f68e046 chore(deps): Bump cosmiconfig from 8.0.0 to 8.1.0 (#9751)
  • d3b25df chore: update test expectation data for Firefox for 19.7.2 downstream sync (#9756)
  • f887292 chore: add more debugging info on Debug Runs (#9754)
  • 004a99a chore: implement simple BiDi ElementHandle (#9753)
  • 232873a chore: fix Mocha test runner suggestion when hooks fail (#9750)
  • 4a365a4 chore: extract BiDi context to allow emitting only to it (#9742)
  • ed1bb7c chore(deps): Bump @ angular-devkit/schematics from 15.1.6 to 15.2.0 (#9748)
  • 4ddf63d chore(deps): Bump @ angular-devkit/core from 15.1.6 to 15.2.0 (#9749)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
馃 View latest project report

馃洜 Adjust project settings

馃摎 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

馃 Learn about vulnerability in an interactive lesson of Snyk Learn.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@nexus-uw @snyk-bot