Skip to content

Commit

Permalink
[Snyk] Security upgrade c8 from 8.0.1 to 9.0.0 (#117)
Browse files Browse the repository at this point in the history 
<p>This PR was automatically created by Snyk using the credentials of a
real user.</p><br /><h3>Snyk has created this PR to fix one or more
vulnerable packages in the `npm` dependencies of this project.</h3>



#### Changes included in this PR

- Changes to the following files to upgrade the vulnerable dependencies
to a fixed version:
    - package.json
    - package-lock.json



#### Vulnerabilities that will be fixed
##### With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit
Maturity

:-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------
![medium
severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png
"medium severity") | **631/1000** <br/> **Why?** Proof of Concept
exploit, Has a fix available, CVSS 6.2 | Missing Release of Resource
after Effective Lifetime
<br/>[SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116)
| Yes | Proof of Concept

(*) Note that the real score may have changed since the PR was raised.





<details>
  <summary><b>Commit messages</b></summary>
  </br>
  <details>
    <summary>Package name: <b>c8</b></summary>
    The new version differs by 6 commits.</br>
    <ul>
<li><a
href="https://snyk.io/redirect/github/bcoe/c8/commit/128bee23366cb35106f5e163e99ca2ab33dafba6">128bee2</a>
chore(main): release 9.0.0 (#510)</li>
<li><a
href="https://snyk.io/redirect/github/bcoe/c8/commit/8724c706ef7a21877e6dad1185f09dce11ddd0d2">8724c70</a>
chore(deps): update dependency @ types/node to v20 (#496)</li>
<li><a
href="https://snyk.io/redirect/github/bcoe/c8/commit/66705b59557ba1e48b63172e99ef4ceb34ac1711">66705b5</a>
chore(deps): update dependency typescript to v5 (#458)</li>
<li><a
href="https://snyk.io/redirect/github/bcoe/c8/commit/b46b6401274488db5b1027a78090257095ae4f72">b46b640</a>
feat(deps): update foreground-child to promise API (#512)</li>
<li><a
href="https://snyk.io/redirect/github/bcoe/c8/commit/ef672da08d8e078bf49ea73631fb46eabf8a5dae">ef672da</a>
test: fix snapshot (#511)</li>
<li><a
href="https://snyk.io/redirect/github/bcoe/c8/commit/2cdc86bd0ac67ecf0f700212dc5f8a830ff9164f">2cdc86b</a>
chore(deps): Remove rimraf (#509)</li>
    </ul>

<a
href="https://snyk.io/redirect/github/bcoe/c8/compare/a13584d5be5259ebb6a00455d352c3e8b16006de...128bee23366cb35106f5e163e99ca2ab33dafba6">See
the full diff</a>
  </details>
</details>






Check the changes in this PR to ensure they won't cause issues with your
project.



------------



**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open fix PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI2MWMyZTAyZi05NGE1LTQ4NGEtOWQwZi1lOTc1YzExNzk3ZDUiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjYxYzJlMDJmLTk0YTUtNDg0YS05ZDBmLWU5NzVjMTE3OTdkNSJ9fQ=="
width="0" height="0"/>
🧐 [View latest project
report](https://app.snyk.io/org/jlenon7/project/97097eb1-6953-4d11-a9f3-958b2ecba250?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;fix-pr)

🛠 [Adjust project
settings](https://app.snyk.io/org/jlenon7/project/97097eb1-6953-4d11-a9f3-958b2ecba250?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;fix-pr/settings)

📚 [Read more about Snyk's upgrade and patch
logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities)

[//]: #
(snyk:metadata:{"prId":"61c2e02f-94a5-484a-9d0f-e975c11797d5","prPublicId":"61c2e02f-94a5-484a-9d0f-e975c11797d5","dependencies":[{"name":"c8","from":"8.0.1","to":"9.0.0"}],"packageManager":"npm","projectPublicId":"97097eb1-6953-4d11-a9f3-958b2ecba250","projectUrl":"https://app.snyk.io/org/jlenon7/project/97097eb1-6953-4d11-a9f3-958b2ecba250?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-INFLIGHT-6095116"],"upgrade":["SNYK-JS-INFLIGHT-6095116"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["updated-fix-title","priorityScore"],"priorityScoreList":[631],"remediationStrategy":"vuln"})

---

**Learn how to fix vulnerabilities with free interactive lessons:**

🦉 [Learn about vulnerability in an interactive lesson of Snyk
Learn.](https://learn.snyk.io/?loc&#x3D;fix-pr)

Co-authored-by: snyk-bot <[email protected]>
  • Loading branch information
@jlenon7 @snyk-bot
jlenon7 and snyk-bot authored Jan 6, 2024
1 parent acbeb68 commit bb3c5a3
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 49 deletions.
62 changes: 14 additions & 48 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@
"@japa/assert": "^2.1.0",
"@japa/runner": "^3.1.1",
"@types/sinon": "^10.0.20",
"c8": "^8.0.1",
"c8": "^9.0.0",
"sinon": "^15.1.0"
},
"devDependencies": {
Expand Down

0 comments on commit bb3c5a3

Please sign in to comment.