[Snyk] Upgrade portfinder from 1.0.25 to 1.0.28 #1

snyk-bot · 2021-04-20T22:12:23Z

Snyk has created this PR to upgrade portfinder from 1.0.25 to 1.0.28.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 3 versions ahead of your current version.
The recommended version was released 9 months ago, on 2020-07-29.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-AJV-584908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Denial of Service (DoS) SNYK-JS-HTTPPROXY-569139	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: portfinder

1.0.28 - 2020-07-29
Fix #108 - Bumping up mkdirp version to 0.5.5 (contributed by @ LostInBrittany)
1.0.27 - 2020-07-20
No content.
1.0.26 - 2020-04-28
No content.
1.0.25 - 2019-10-15
No content.

from portfinder GitHub release notes

Commit messages

Package name: portfinder

8895293 1.0.28
6fbe05e Merge pull request fixes --ssl --cert and --key options http-party/http-server#109 from LostInBrittany/master
a4e3b2f Fix Add command alias 'hs' http-party/http-server#108 - Bumping up mkdirp version to 0.5.5
170ac7f 1.0.27
05a96d4 Merge pull request Could you please add alias "http-server" to "hs" ? http-party/http-server#107 from http-party/dependabot/npm_and_yarn/lodash-4.17.19
9c99b9e Bump lodash from 4.17.15 to 4.17.19
3709e43 1.0.26
e40deb2 Merge pull request 404.html served with 200 status code http-party/http-server#101 from msbit/mkdirp-0.5.5
891ba80 mkdirp: 0.5.5
cd08663 Merge pull request Added support for the extended options for SSL, as mentioned in the --help text. http-party/http-server#96 from kwiatkk1/repo_url_links_updated
479a8e2 Version 0.7.1 and 0.7.0 is not working on Windows 7 64 http-party/http-server#94: update links after repo moved to a new org

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade portfinder from 1.0.25 to 1.0.28. See this package in npm: https://www.npmjs.com/package/portfinder See this project in Snyk: https://app.snyk.io/org/j-vin-b8w/project/8bf3e05d-bba2-44ee-800a-eb3adfa30a10?utm_source=github&utm_medium=upgrade-pr

atomist bot added auto-branch-delete:on-close Delete branch when pull request gets closed auto-merge-method:merge Auto-merge with merge commit auto-merge:on-bpr-success Auto-merge on passed branch protection rule labels Apr 20, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Snyk] Upgrade portfinder from 1.0.25 to 1.0.28 #1

[Snyk] Upgrade portfinder from 1.0.25 to 1.0.28 #1

Uh oh!

snyk-bot commented Apr 20, 2021

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

[Snyk] Upgrade portfinder from 1.0.25 to 1.0.28 #1

Are you sure you want to change the base?

[Snyk] Upgrade portfinder from 1.0.25 to 1.0.28 #1

Uh oh!

Conversation

snyk-bot commented Apr 20, 2021

Snyk has created this PR to upgrade portfinder from 1.0.25 to 1.0.28.

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants