New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade yup from 0.27.0 to 0.32.11 #180

Open

rc042 wants to merge 1 commit into master from snyk-upgrade-a1fa0421c0cec26ceb15cdcced11e9ab

Owner

rc042 commented Nov 23, 2023

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade yup from 0.27.0 to 0.32.11.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 25 versions ahead of your current version.
The recommended version was released 2 years ago, on 2021-10-12.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-PROPERTYEXPR-598800	597/1000 Why? Proof of Concept exploit, CVSS 9.8	Proof of Concept
	Command Injection SNYK-JS-LODASHES-2434284	597/1000 Why? Proof of Concept exploit, CVSS 9.8	Proof of Concept
	Prototype Pollution SNYK-JS-LODASHES-2434285	597/1000 Why? Proof of Concept exploit, CVSS 9.8	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	597/1000 Why? Proof of Concept exploit, CVSS 9.8	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	597/1000 Why? Proof of Concept exploit, CVSS 9.8	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-608086	597/1000 Why? Proof of Concept exploit, CVSS 9.8	Proof of Concept
	Prototype Pollution SNYK-JS-LODASHES-2434283	597/1000 Why? Proof of Concept exploit, CVSS 9.8	Proof of Concept
	Prototype Pollution SNYK-JS-YUP-2420835	597/1000 Why? Proof of Concept exploit, CVSS 9.8	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASHES-2434289	597/1000 Why? Proof of Concept exploit, CVSS 9.8	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	597/1000 Why? Proof of Concept exploit, CVSS 9.8	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: yup

0.32.11 - 2021-10-12
v0.32.11
0.32.10 - 2021-10-11
v0.32.10
0.32.9 - 2021-02-17
v0.32.9
0.32.8 - 2020-12-10
0.32.8
0.32.7 - 2020-12-10
0.32.7
0.32.6 - 2020-12-08
v0.32.6
0.32.5 - 2020-12-07
v0.32.5
0.32.4 - 2020-12-07
0.32.3 - 2020-12-07
0.32.2 - 2020-12-07
0.32.1 - 2020-12-04
0.32.0 - 2020-12-03
0.31.1 - 2020-12-01
0.31.0 - 2020-11-23
0.30.0 - 2020-11-19
0.29.3 - 2020-08-04
0.29.2 - 2020-07-27
0.29.1 - 2020-05-27
0.29.0 - 2020-05-19
0.28.5 - 2020-04-30
0.28.4 - 2020-04-20
0.28.3 - 2020-03-06
0.28.2 - 2020-03-05
0.28.1 - 2020-01-28
0.28.0 - 2019-12-16
0.27.0 - 2019-03-14

from yup GitHub release notes

Commit messages

Package name: yup

d072af3 Publish v0.32.11
2015c0f fix: dep ranges
846161e Publish v0.32.10
1d767b4 chore: fix ts compilation
2778b88 Merge pull request Cannot acknowlegde services with IE < 9 centreon/centreon-archived#1483 from jquense/bug-bash
4bdc4e4 chore: bump deps and clean up tooling
5334349 fix: carry over excluded edges when concating objects
f3056f2 fix: missing transforms on concat
03584f6 feat: add resolved to params (Connector Configuration centreon/centreon-archived#1437)
7842afb fix: oneOf, notOneOf swallowing multiple errors (probleme de conversion d'heritage sur template avec surchage centreon/centreon-archived#1434)
7576cd8 feat: add types to setLocale (Limite de taille pour la recherche LDAP centreon/centreon-archived#1427)
eab974f Update typescript.md
877f777 chore(deps): update dependency lint-staged to v11 (can't export new hosts and services in configuration files (centengine) centreon/centreon-archived#1359)
94cfd11 feat: allows custom types to be passed to avoid cast to ObjectSchema (Redémarrage distant de centcore et centstorage centreon/centreon-archived#1358)
70d0b67 fix: update lodash/lodash-es to fix CVEs flagged in 4.17.20 (Problem with metrics name with dot in Virtual metric centreon/centreon-archived#1334)
acbb8b4 fix(utils): use named functions for default exports (ACL and Host Groups centreon/centreon-archived#1329)
5eda549 fix: prevent unhandled Promise rejection when returning rejected Promise inside test function (wrong path in process-service-perfdata plugin centreon/centreon-archived#1327)
91ace1e fix: SchemaOf<>'s treatment of Date objects. (Improving the management of special characters centreon/centreon-archived#1305)
0fca0a4 docs: clarify wording
4c17508 fix: fix the typo for the array length validation (Request-URI Too Large - "The requested URL's exceeds the capacity limit of the server" centreon/centreon-archived#1287)
bbd44d0 chore(deps): update dependency husky to v5 (centstorage and backslash issue centreon/centreon-archived#1251)
357ffa4 docs: Fix typo (Downtime could move with host centreon/centreon-archived#1272)
4a0870c Publish v0.32.9
1aba3b8 chore: clean up

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs


          fix: upgrade yup from 0.27.0 to 0.32.11

a4685ba

Snyk has created this PR to upgrade yup from 0.27.0 to 0.32.11.

See this package in npm:
https://www.npmjs.com/package/yup

See this project in Snyk:
https://app.snyk.io/org/reedcrif/project/e1b6cf74-359a-4c02-9c79-4a7e9ec24592?utm_source=github&utm_medium=referral&page=upgrade-pr

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment