Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade: , , jsonwebtoken, lru-cache, gcf-utils, , , , , , , c8, gts, mocha, nock, sinon, smee-client, typescript #520

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

WontonSam
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

Name Versions Released on

@types/node
from 18.11.18 to 22.5.2 | 289 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 21 days ago
on 2024-09-01
@octokit/types
from 8.1.0 to 13.5.0 | 39 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 5 months ago
on 2024-04-29
jsonwebtoken
from 9.0.0 to 9.0.2 | 2 versions ahead of your current version | a year ago
on 2023-08-30
lru-cache
from 7.14.1 to 11.0.0 | 39 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 2 months ago
on 2024-07-08
gcf-utils
from 14.4.6 to 15.0.1 | 2 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-09-26
@google-automations/bot-config-utils
from 6.1.3 to 7.0.0 | 1 version ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-09-18
@google-automations/datastore-lock
from 4.1.0 to 5.0.0 | 1 version ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-09-18
@google-automations/label-utils
from 3.0.2 to 4.0.0 | 1 version ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-09-18
@octokit/webhooks
from 10.6.0 to 13.3.0 | 62 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 2 months ago
on 2024-07-15
@types/mocha
from 10.0.1 to 10.0.7 | 6 versions ahead of your current version | 3 months ago
on 2024-06-22
@types/sinon
from 10.0.13 to 17.0.3 | 11 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 8 months ago
on 2024-01-10
c8
from 7.14.0 to 10.1.2 | 8 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 3 months ago
on 2024-06-13
gts
from 4.0.1 to 5.3.1 | 10 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 3 months ago
on 2024-06-11
mocha
from 10.2.0 to 10.7.3 | 10 versions ahead of your current version | a month ago
on 2024-08-09
nock
from 13.3.0 to 13.5.5 | 15 versions ahead of your current version | a month ago
on 2024-08-20
sinon
from 15.0.1 to 18.0.0 | 16 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 4 months ago
on 2024-05-15
smee-client
from 1.2.3 to 2.0.3 | 6 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a month ago
on 2024-08-15
typescript
from 4.9.4 to 5.5.4 | 596 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 2 months ago
on 2024-07-22

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Uncontrolled resource consumption
SNYK-JS-BRACES-6838727
109 Proof of Concept
high severity Infinite loop
SNYK-JS-MARKDOWNIT-6483324
109 Proof of Concept
high severity Inefficient Regular Expression Complexity
SNYK-JS-MICROMATCH-6838728
109 No Known Exploit
high severity Improper Handling of Exceptional Conditions
SNYK-JS-OCTOKITWEBHOOKS-6129527
109 No Known Exploit
high severity Improper Handling of Exceptional Conditions
SNYK-JS-OCTOKITWEBHOOKS-6129527
109 No Known Exploit
high severity Improper Handling of Exceptional Conditions
SNYK-JS-PROBOT-6129524
109 No Known Exploit
medium severity Cross-site Scripting (XSS)
SNYK-JS-SERIALIZEJAVASCRIPT-6147607
109 Proof of Concept
medium severity Open Redirect
SNYK-JS-EXPRESS-6474509
109 No Known Exploit
medium severity Uncontrolled Resource Consumption
SNYK-JS-GRPCGRPCJS-7242922
109 No Known Exploit
Release notes
Package name: @types/node
  • 22.5.2 - 2024-09-01
  • 22.5.1 - 2024-08-28
  • 22.5.0 - 2024-08-21
  • 22.4.2 - 2024-08-21
  • 22.4.1 - 2024-08-19
  • 22.4.0 - 2024-08-16
  • 22.3.0 - 2024-08-14
  • 22.2.0 - 2024-08-09
  • 22.1.0 - 2024-08-02
  • 22.0.3 - 2024-08-02
  • 22.0.2 - 2024-07-31
  • 22.0.1 - 2024-07-31
  • 22.0.0 - 2024-07-28
  • 20.16.5 - 2024-09-04
  • 20.16.4 - 2024-09-04
  • 20.16.3 - 2024-09-01
  • 20.16.2 - 2024-08-28
  • 20.16.1 - 2024-08-19
  • 20.16.0 - 2024-08-18
  • 20.15.0 - 2024-08-16
  • 20.14.15 - 2024-08-09
  • 20.14.14 - 2024-08-02
  • 20.14.13 - 2024-07-28
  • 20.14.12 - 2024-07-23
  • 20.14.11 - 2024-07-16
  • 20.14.10 - 2024-07-05
  • 20.14.9 - 2024-06-25
  • 20.14.8 - 2024-06-22
  • 20.14.7 - 2024-06-20
  • 20.14.6 - 2024-06-19
  • 20.14.5 - 2024-06-18
  • 20.14.4 - 2024-06-17
  • 20.14.3 - 2024-06-17
  • 20.14.2 - 2024-06-05
  • 20.14.1 - 2024-06-03
  • 20.14.0 - 2024-06-02
  • 20.13.0 - 2024-05-31
  • 20.12.14 - 2024-05-31
  • 20.12.13 - 2024-05-29
  • 20.12.12 - 2024-05-14
  • 20.12.11 - 2024-05-08
  • 20.12.10 - 2024-05-06
  • 20.12.9 - 2024-05-06
  • 20.12.8 - 2024-05-01
  • 20.12.7 - 2024-04-09
  • 20.12.6 - 2024-04-09
  • 20.12.5 - 2024-04-05
  • 20.12.4 - 2024-04-03
  • 20.12.3 - 2024-04-02
  • 20.12.2 - 2024-03-30
  • 20.12.1 - 2024-03-30
  • 20.12.0 - 2024-03-30
  • 20.11.30 - 2024-03-19
  • 20.11.29 - 2024-03-18
  • 20.11.28 - 2024-03-15
  • 20.11.27 - 2024-03-13
  • 20.11.26 - 2024-03-11
  • 20.11.25 - 2024-03-06
  • 20.11.24 - 2024-02-29
  • 20.11.23 - 2024-02-29
  • 20.11.22 - 2024-02-28
  • 20.11.21 - 2024-02-27
  • 20.11.20 - 2024-02-22
  • 20.11.19 - 2024-02-15
  • 20.11.18 - 2024-02-15
  • 20.11.17 - 2024-02-08
  • 20.11.16 - 2024-02-01
  • 20.11.15 - 2024-02-01
  • 20.11.14 - 2024-01-31
  • 20.11.13 - 2024-01-30
  • 20.11.12 - 2024-01-30
  • 20.11.11 - 2024-01-30
  • 20.11.10 - 2024-01-28
  • 20.11.9 - 2024-01-28
  • 20.11.8 - 2024-01-27
  • 20.11.7 - 2024-01-26
  • 20.11.6 - 2024-01-24
  • 20.11.5 - 2024-01-17
  • 20.11.4 - 2024-01-16
  • 20.11.3 - 2024-01-15
  • 20.11.2 - 2024-01-15
  • 20.11.1 - 2024-01-15
  • 20.11.0 - 2024-01-11
  • 20.10.8 - 2024-01-09
  • 20.10.7 - 2024-01-07
  • 20.10.6 - 2023-12-30
  • 20.10.5 - 2023-12-17
  • 20.10.4 - 2023-12-07
  • 20.10.3 - 2023-12-03
  • 20.10.2 - 2023-12-01
  • 20.10.1 - 2023-11-29
  • 20.10.0 - 2023-11-24
  • 20.9.5 - 2023-11-23
  • 20.9.4 - 2023-11-22
  • 20.9.3 - 2023-11-21
  • 20.9.2 - 2023-11-18
  • 20.9.1 - 2023-11-16
  • 20.9.0 - 2023-11-07
  • 20.8.10 - 2023-10-31
  • 20.8.9 - 2023-10-25
  • 20.8.8 - 2023-10-24
  • 20.8.7 - 2023-10-18
  • 20.8.6 - 2023-10-13
  • 20.8.5 - 2023-10-12
  • 20.8.4 - 2023-10-09
  • 20.8.3 - 2023-10-06
  • 20.8.2 - 2023-10-02
  • 20.8.1 - 2023-10-02
  • 20.8.0 - 2023-09-30
  • 20.7.2 - 2023-09-29
  • 20.7.1 - 2023-09-27
  • 20.7.0 - 2023-09-25
  • 20.6.5 - 2023-09-24
  • 20.6.4 - 2023-09-23
  • 20.6.3 - 2023-09-20
  • 20.6.2 - 2023-09-16
  • 20.6.1 - 2023-09-15
  • 20.6.0 - 2023-09-08
  • 20.5.9 - 2023-09-02
  • 20.5.8 - 2023-09-01
  • 20.5.7 - 2023-08-28
  • 20.5.6 - 2023-08-24
  • 20.5.5 - 2023-08-24
  • 20.5.4 - 2023-08-23
  • 20.5.3 - 2023-08-22
  • 20.5.2 - 2023-08-22
  • 20.5.1 - 2023-08-18
  • 20.5.0 - 2023-08-13
  • 20.4.10 - 2023-08-11
  • 20.4.9 - 2023-08-08
  • 20.4.8 - 2023-08-05
  • 20.4.7 - 2023-08-04
  • 20.4.6 - 2023-08-02
  • 20.4.5 - 2023-07-25
  • 20.4.4 - 2023-07-22
  • 20.4.3 - 2023-07-21
  • 20.4.2 - 2023-07-12
  • 20.4.1 - 2023-07-07
  • 20.4.0 - 2023-07-05
  • 20.3.3 - 2023-06-30
  • 20.3.2 - 2023-06-26
  • 20.3.1 - 2023-06-13
  • 20.3.0 - 2023-06-10
  • 20.2.6 - 2023-06-10
  • 20.2.5 - 2023-05-26
  • 20.2.4 - 2023-05-25
  • 20.2.3 - 2023-05-21
  • 20.2.2 - 2023-05-21
  • 20.2.1 - 2023-05-18
  • 20.2.0 - 2023-05-17
  • 20.1.7 - 2023-05-16
  • 20.1.6 - 2023-05-16
  • 20.1.5 - 2023-05-16
  • 20.1.4 - 2023-05-13
  • 20.1.3 - 2023-05-11
  • 20.1.2 - 2023-05-10
  • 20.1.1 - 2023-05-08
  • 20.1.0 - 2023-05-05
  • 20.0.0 - 2023-05-05
  • 18.19.50 - 2024-09-04
  • 18.19.49 - 2024-09-04
  • 18.19.48 - 2024-09-01
  • 18.19.47 - 2024-08-28
  • 18.19.46 - 2024-08-26
  • 18.19.45 - 2024-08-19
  • 18.19.44 - 2024-08-09
  • 18.19.43 - 2024-08-02
  • 18.19.42 - 2024-07-23
  • 18.19.41 - 2024-07-18
  • 18.19.40 - 2024-07-16
  • 18.19.39 - 2024-06-22
  • 18.19.38 - 2024-06-20
  • 18.19.37 - 2024-06-19
  • 18.19.36 - 2024-06-17
  • 18.19.35 - 2024-06-17
  • 18.19.34 - 2024-06-03
  • 18.19.33 - 2024-05-08
  • 18.19.32 - 2024-05-06
  • 18.19.31 - 2024-04-09
  • 18.19.30 - 2024-04-05
  • 18.19.29 - 2024-04-02
  • 18.19.28 - 2024-03-30
  • 18.19.27 - 2024-03-30
  • 18.19.26 - 2024-03-19
  • 18.19.25 - 2024-03-18
  • 18.19.24 - 2024-03-13
  • 18.19.23 - 2024-03-11
  • 18.19.22 - 2024-03-06
  • 18.19.21 - 2024-02-29
  • 18.19.20 - 2024-02-28
  • 18.19.19 - 2024-02-27
  • 18.19.18 - 2024-02-22
  • 18.19.17 - 2024-02-15
  • 18.19.16 - 2024-02-15
  • 18.19.15 - 2024-02-08
  • 18.19.14 - 2024-02-01
  • 18.19.13 - 2024-02-01
  • 18.19.12 - 2024-01-31
  • 18.19.11 - 2024-01-30
  • 18.19.10 - 2024-01-26
  • 18.19.9 - 2024-01-24
  • 18.19.8 - 2024-01-17
  • 18.19.7 - 2024-01-15
  • 18.19.6 - 2024-01-09
  • 18.19.5 - 2024-01-07
  • 18.19.4 - 2023-12-30
  • 18.19.3 - 2023-12-07
  • 18.19.2 - 2023-12-03
  • 18.19.1 - 2023-12-01
  • 18.19.0 - 2023-11-30
  • 18.18.14 - 2023-11-29
  • 18.18.13 - 2023-11-23
  • 18.18.12 - 2023-11-22
  • 18.18.11 - 2023-11-21
  • 18.18.10 - 2023-11-18
  • 18.18.9 - 2023-11-07
  • 18.18.8 - 2023-10-31
  • 18.18.7 - 2023-10-25
  • 18.18.6 - 2023-10-18
  • 18.18.5 - 2023-10-12
  • 18.18.4 - 2023-10-06
  • 18.18.3 - 2023-10-02
  • 18.18.2 - 2023-10-02
  • 18.18.1 - 2023-09-29
  • 18.18.0 - 2023-09-25
  • 18.17.19 - 2023-09-23
  • 18.17.18 - 2023-09-20
  • 18.17.17 - 2023-09-16
  • 18.17.16 - 2023-09-15
  • 18.17.15 - 2023-09-08
  • 18.17.14 - 2023-09-02
  • 18.17.13 - 2023-09-01
  • 18.17.12 - 2023-08-28
  • 18.17.11 - 2023-08-24
  • 18.17.10 - 2023-08-24
  • 18.17.9 - 2023-08-23
  • 18.17.8 - 2023-08-22
  • 18.17.7 - 2023-08-22
  • 18.17.6 - 2023-08-18
  • 18.17.5 - 2023-08-11
  • 18.17.4 - 2023-08-08
  • 18.17.3 - 2023-08-05
  • 18.17.2 - 2023-08-04
  • 18.17.1 - 2023-07-25
  • 18.17.0 - 2023-07-22
  • 18.16.20 - 2023-07-21
  • 18.16.19 - 2023-06-30
  • 18.16.18 - 2023-06-13
  • 18.16.17 - 2023-06-10
  • 18.16.16 - 2023-05-26
  • 18.16.15 - 2023-05-25
  • 18.16.14 - 2023-05-21
  • 18.16.13 - 2023-05-18
  • 18.16.12 - 2023-05-16
  • 18.16.11 - 2023-05-16
  • 18.16.10 - 2023-05-16
  • 18.16.9 - 2023-05-13
  • 18.16.8 - 2023-05-11
  • 18.16.7 - 2023-05-10
  • 18.16.6 - 2023-05-08
  • 18.16.5 - 2023-05-05
  • 18.16.4 - 2023-05-05
  • 18.16.3 - 2023-04-29
  • 18.16.2 - 2023-04-27
  • 18.16.1 - 2023-04-25
  • 18.16.0 - 2023-04-23
  • 18.15.13 - 2023-04-21
  • 18.15.12 - 2023-04-19
  • 18.15.11 - 2023-03-28
  • 18.15.10 - 2023-03-25
  • 18.15.9 - 2023-03-25
  • 18.15.8 - 2023-03-24
  • 18.15.7 - 2023-03-24
  • 18.15.6 - 2023-03-23
  • 18.15.5 - 2023-03-20
  • 18.15.4 - 2023-03-20
  • 18.15.3 - 2023-03-14
  • 18.15.2 - 2023-03-13
  • 18.15.1 - 2023-03-13
  • 18.15.0 - 2023-03-09
  • 18.14.6 - 2023-03-03
  • 18.14.5 - 2023-03-03
  • 18.14.4 - 2023-03-02
  • 18.14.3 - 2023-03-02
  • 18.14.2 - 2023-02-26
  • 18.14.1 - 2023-02-23
  • 18.14.0 - 2023-02-17
  • 18.13.0 - 2023-02-07
  • 18.11.19 - 2023-02-04
  • 18.11.18 - 2022-12-26
from @types/node GitHub release notes
Package name: @octokit/types
  • 13.5.0 - 2024-04-29

    13.5.0 (2024-04-29)

    Features

    • add Copilot operations, bump openapi-types version (#638) (69c7f34)
  • 13.4.1 - 2024-04-15

    13.4.1 (2024-04-15)

    Bug Fixes

    • openapi-types and openapi-version minor bumps (#633) (fa8e2bb)
  • 13.4.0 - 2024-04-09

    13.4.0 (2024-04-09)

    Features

    • updates @ octokit/openapi-types to v22.0.1 (#631) (73f3c21)
  • 13.3.0 - 2024-04-09

    13.3.0 (2024-04-09)

    Features

    • add redirect option in RequestRequestOptions (#630) (9c58158)
  • 13.2.0 - 2024-04-08

    13.2.0 (2024-04-08)

    Features

    • Updates @ octokit/openapi-types to 22.0.0 (which had breaking changes). BREAKING CHANGES: Renames [repository-rule-params-code-scanning-threshold to repository-rule-params-code-scanning-tool, security_alerts to security_alerts_threshold], renames fields[repository-rule-params-code-scanning-threshold.alerts to repository-rule-params-code-scanning-tool.alerts_threshold, repository-rule-params-code-scanning-threshold.security_alerts to repository-rule-params-code-scanning-tool.security_alerts_threshold] (#629) (d32a77f)
    • updates @ octokit/openapi-types to v21.2.0 (#627) (a5bfb8f)
  • 13.1.0 - 2024-04-04

    13.1.0 (2024-04-04)

    Features

  • 13.0.0 - 2024-04-02

    13.0.0 (2024-04-02)

    Features

    • Updates openapi-types to v21.0.0 (which had breaking changes), BREAKING CHANGE: Updates multiple endpoints to use owner + repo in place of repository_id (#625) (ad024fe)

    BREAKING CHANGES

    • Updates multiple endpoints to use owner + repo in place of repository_id
  • 12.6.0 - 2024-02-22

    12.6.0 (2024-02-22)

    Features

  • 12.5.0 - 2024-02-15

    12.5.0 (2024-02-15)

    Features

  • 12.4.0 - 2023-12-04

    12.4.0 (2023-12-04)

    Features

    • permissions.organization_custom_properties (#598) (ff98468)
  • 12.3.0 - 2023-11-12
  • 12.2.0 - 2023-11-07
  • 12.1.1 - 2023-10-25
  • 12.1.0 - 2023-10-24
  • 12.0.1 - 2023-10-24
  • 12.0.0 - 2023-09-23
  • 11.1.0 - 2023-07-10
  • 11.0.0 - 2023-07-07
  • 10.1.0-beta.1 - 2023-06-30
  • 10.0.0 - 2023-06-13
  • 10.0.0-beta.2 - 2023-06-12
  • 10.0.0-beta.1 - 2023-05-26
  • 9.3.2 - 2023-06-13
  • 9.3.1 - 2023-06-10
  • 9.3.0 - 2023-06-09
  • 9.3.0-beta.1 - 2023-05-25
  • 9.2.3 - 2023-05-19
  • 9.2.2 - 2023-05-11
  • 9.2.1 - 2023-05-05
  • 9.2.0 - 2023-04-28
  • 9.1.4 - 2023-04-27
  • 9.1.3 - 2023-04-27
  • 9.1.2 - 2023-04-21
  • 9.1.1 - 2023-04-20
  • 9.1.0 - 2023-04-19
  • 9.0.0 - 2023-01-20
  • 8.2.1 - 2023-01-20
  • 8.2.0 - 2023-01-20
  • 8.1.1 - 2023-01-13
  • 8.1.0 - 2023-01-11
from @octokit/types GitHub release notes
Package name: jsonwebtoken
  • 9.0.2 - 2023-08-30

    Release 9.0.2 (#935)

  • 9.0.1 - 2023-07-05

    Updating package version to 9.0.1 (#920)

  • 9.0.0 - 2022-12-21
    • Check if node version supports asymmetricKeyDetails

    • Validate algorithms for ec key type

    • Rename variable

    • Rename function

    • Add early return for symmetric keys

    • Validate algorithm for RSA key type

    • Validate algorithm for RSA-PSS key type

    • Check key types for EdDSA algorithm

    • Rename function

    • Move validateKey function to module

    • Convert arrow to function notation

    • Validate key in verify function

    • Simplify if

    • Convert if to switch..case

    • Guard against empty key in validation

    • Remove empty line

    • Add lib to check modulus length

    • Add modulus length checks

    • Validate mgf1HashAlgorithm and saltLength

    • Check node version before using key details API

    • Use built-in modulus length getter

    • Fix Node version validations

    • Remove duplicate validateKey

    • Add periods to error messages

    • Fix validation in verify function

    • Make asymmetric key validation the latest validation step

    • Change key curve validation

    • Remove support for ES256K

    • Fix old test that was using wrong key types to sign tokens

    • Enable RSA-PSS for old Node versions

    • Add specific RSA-PSS validations on Node 16 LTS+

    • Improve error message

    • Simplify key validation code

    • Fix typo

    • Improve error message

    • Change var to const in test

    • Change const to let to avoid reassigning problem

    • Improve error message

    • Test incorrect private key type

    • Rename invalid to unsupported

    • Test verifying of jwt token with unsupported key

    • Test invalid private key type

    • Change order of object parameters

    • Move validation test to separate file

    • Move all validation tests to separate file

    • Add prime256v1 ec key

    • Remove modulus length check

    • WIP: Add EC key validation tests

    • Fix node version checks

    • Fix error message check on test

    • Add successful tests for EC curve check

    • Remove only from describe

    • Remove only

    • Remove duplicate block of code

    • Move variable to a different scope and make it const

    • Convert allowed curves to object for faster lookup

    • Rename variable

    • Change variable assignment order

    • Remove unused object properties

    • Test RSA-PSS happy path and wrong length

    • Add missing tests

    • Pass validation if no algorithm has been provided

    • Test validation of invalid salt length

    • Test error when signing token with invalid key

    • Change var to const/let in verify tests

    • Test verifying token with invalid key

    • Improve test error messages

    • Add parameter to skip private key validation

    • Replace DSA key with a 4096 bit long key

    • Test allowInvalidPrivateKeys in key signing

    • Improve test message

    • Rename variable

    • Add key validation flag tests

    • Fix variable name in Readme

    • Change private to public dsa key in verify

    • Rename flag

    • Run EC validation tests conditionally

    • Fix tests in old node versions

    • Ignore block of code from test coverage

    • Separate EC validations tests into two different ones

    • Add comment

    • Wrap switch in if instead of having an early return

    • Remove unsupported algorithms from asymmetric key validation

    • Rename option to allowInvalidAsymmetricKeyTypes and improve Readme

    • 9.0.0

    • adding migration notes to readme

    • adding changelog for version 9.0.0

    Co-authored-by: julienwoll julien.wollscheid@auth0.com

from jsonwebtoken GitHub release notes
Package name: lru-cache
  • 11.0.0 - 2024-07-08

    11.0.0

  • 10.4.3 - 2024-07-09
  • 10.4.2 - 2024-07-09
  • 10.4.1 - 2024-07-08

    10.4.1

  • 10.4.0 - 2024-07-08

    10.4.0

  • 10.3.1 - 2024-07-06

    10.3.1

  • 10.3.0 - 2024-06-28

    10.3.0

  • 10.2.2 - 2024-04-28

    10.2.2

  • 10.2.1 - 2024-04-25

    10.2.1

  • 10.2.0 - 2024-01-25

    10.2.0

  • 10.1.0 - 2023-11-22

    10.1.0

  • 10.0.3 - 2023-11-19

    10.0.3

  • 10.0.2 - 2023-11-10
  • 10.0.1 - 2023-08-10
  • 10.0.0 - 2023-06-15
  • 9.1.2 - 2023-06-01
  • 9.1.1 - 2023-04-23
  • 9.1.0 - 2023-04-18
  • 9.0.3 - 2023-04-14
  • 9.0.2 - 2023-04-13
  • 9.0.1 - 2023-04-10
  • 9.0.0 - 2023-04-09
  • 8.0.5 - 2023-04-05
  • 8.0.4 - 2023-03-17
  • 8.0.3 - 2023-03-15
  • 8.0.2 - 2023-03-15
  • 8.0.1 - 2023-03-15
  • 8.0.0 - 2023-03-12
  • 7.18.3 - 2023-03-05
  • 7.18.2 - 2023-03-05
  • 7.18.1 - 2023-03-01
  • 7.18.0 - 2023-03-01
  • 7.17.2 - 2023-03-01
  • 7.17.1 - 2023-03-01
  • 7.17.0 - 2023-02-22
  • 7.16.2 - 2023-02-21
  • 7.16.1 - 2023-02-17
  • 7.16.0 - 2023-02-16
  • 7.15.0 - 2023-02-16
  • 7.14.1 - 2022-11-02
from lru-cache GitHub release notes
Package name: gcf-utils
  • 15.0.1 - 2023-09-26

    15.0.1 (2023-09-26)

    Bug Fixes

    • getAuthenticatedOctokit is a standalone method (#5235) (0f95e5a)
  • 15.0.0 - 2023-09-15
  • 14.4.6 - 2023-01-12
from gcf-utils GitHub release notes
Package name: @google-automations/bot-config-utils
  • 7.0.0 - 2023-09-18
  • 6.1.3 - 2023-01-10
from @google-automations/bot-config-utils GitHub release notes
Package name: @google-automations/datastore-lock
  • 5.0.0 - 2023-09-18
  • 4.1.0 - 2023-05-17
from @google-automations/datastore-lock GitHub release notes
Package name: @google-automations/label-utils
  • 4.0.0 - 2023-09-18

    4.0.0 (2024-09-06)

    ⚠ BREAKING CHANGES

    • deps: update gcf-utils to v16 (#5464)

    Bug Fixes

  • 3.0.2 - 2023-01-10
from @google-automations/label-utils GitHub release notes
Package name: @octokit/webhooks
  • 13.3.0 - 2024-07-15

    13.3.0 (2024-07-15)

    Features

  • 13.2.8 - 2024-07-10

    13.2.8 (2024-07-10)

    Bug Fixes

    • types: webhooks payload type updates via @ octokit/openapi-webhooks-types (#1032) (836a8bb)
  • 13.2.7 - 2024-05-06

    13.2.7 (2024-05-06)

    Bug Fixes

    • explicitly check that request.body is a string (#1010) (c9b988d)
  • 13.2.6 - 2024-04-25

    13.2.6 (2024-04-25)

    Bug Fixes

    • types: type updates from @ octokit/openapi-webhooks-types v8.2.1 (#1008) (88595a9)
  • 13.2.5 - 2024-04-23

    13.2.5 (2024-04-23)

    Bug Fixes

    • types: upgrade @ octokit/openapi-webhooks-types to v8.2.0 (#1006) (ee06df5)
  • 13.2.4 - 2024-04-19

    13.2.4 (2024-04-19)

    Bug Fixes

  • 13.2.3 - 2024-04-13

    13.2.3 (2024-04-13)

    Bug Fixes

    • types: update @ octokit/openapi-types to v8.1.1 - No relevant changes (#1002) (9635fd9)
  • 13.2.2 - 2024-04-05

    13.2.2 (2024-04-05)

    Bug Fixes

    • types: updates to custom_property.created event types (#998) (fdfd062)
  • 13.2.1 - 2024-04-03

    13.2.1 (2024-04-03)

    Bug Fixes

    • types: update from @ octokit/openapi-webhook-types (#996) (d160d2b)
  • 13.2.0 - 2024-04-03

    13.2.0 (2024-04-03)

    Features

  • 13.1.1 - 2024-03-12
  • 13.1.0 - 2024-03-02
  • 13.0.2 - 2024-02-27
  • 13.0.1 - 2024-02-24
  • 13.0.0 - 2024-02-24
  • 13.0.0-beta.6 - 2024-02-24
  • 13.0.0-beta.5 - 2024-02-24
  • 13.0.0-beta.4 - 2024-02-17
  • 13.0.0-beta.3 - 2024-02-17
  • 13.0.0-beta.2 - 2024-02-14
  • 13.0.0-beta.1 - 2024-02-11
  • 12.2.0 - 2024-03-24
  • 12.2.0-beta.1 - 2024-02-11
  • 12.1.2 - 2024-02-17
  • 12.1.1 - 2024-02-15
  • 12.1.0 - 2024-02-05
  • 12.0.11 - 2024-01-05
  • 12.0.10 - 2023-12-04
  • 12.0.9 - 2023-12-04
  • 12.0.8 - 2023-11-22
  • 12.0.7 - 2023-11-18
  • 12.0.6 - 2023-11-16
  • 12.0.5 - 2023-11-16
  • 12.0.4 - 2023-11-14
  • 12.0.3 - 2023-07-07
  • 12.0.2 - 2023-06-30
  • 12.0.1 - 2023-06-12
  • 12.0.0 - 2023-06-12
  • 11.1.2 - 2023-11-14
  • 11.1.1 - 2023-06-07
  • 11.1.0 - 2023-05-28
  • 11.0.0 - 2023-04-14
  • 11.0.0-beta.10 - 2023-04-14
  • 11.0.0-beta.9 - 2023-04-12
  • 11.0.0-beta.8 - 2023-04-12
  • 11.0.0-beta.7 - 2023-01-24
  • 11.0.0-beta.6 - 2023-01-12
  • 11.0.0-beta.5 - 2023-01-10
  • 11.0.0-beta.4 - 2023-01-08
  • 11.0.0-beta.3 - 2023-01-08
  • 11.0.0-beta.2 - 2022-10-03
  • 11.0.0-beta.1 - 2022-09-12
  • 10.9.2 - 2023-11-14
  • 10.9.1 - 2023-04-12
  • 10.9.0 - 2023-04-11
  • 10.8.0 - 2023-04-10
  • 10.7.3 - 2023-04-07
  • 10.7.2 - 2023-04-07
  • 10.7.1 - 2023-04-06
  • 10.7.0 - 2023-01-18
  • 10.6.2 - 2023-01-17
  • 10.6.1 - 2023-01-14
  • 10.6.0 - 2023-01-12
from @octokit/webhooks GitHub release notes
Package name: @types/mocha
  • 10.0.7 - 2024-06-22
  • 10.0.6 - 2023-11-22
  • 10.0.5 - 2023-11-21
  • 10.0.4 - 2023-11-07
  • 10.0.3 - 2023-10-18
  • 10.0.2 - 2023-09-27
  • 10.0.1 - 2022-11-28
from @types/mocha GitHub release notes
Package name: @types/sinon
  • 17.0.3 - 2024-01-10
  • 17.0.2 - 2023-11-21
  • 17.0.1 - 2023-11-07
  • 17.0.0 - 2023-11-03
  • 10.0.20 - 2023-10-18
  • 10.0.19 - 2023-10-06
  • 10.0.18 - 2023-10-02
  • 10.0.17 - 2023-09-25
  • 10.0.16 - 2023-08-01
  • 10.0.15 - 2023-05-14
  • 10.0.14 - 2023-04-17
  • 10.0.13 - 2022-07-20
from @types/sinon GitHub release notes
Package name: c8
  • 10.1.2 - 2024-06-13

    10.1.2 (2024-06-13)

    Bug Fixes

    • deps: make monocart-coverage-reports an optional with meta defined (3b91fda)
  • 10.1.1 - 2024-06-11

    10.1.1 (2024-06-11)

    Bug Fixes

    • stop installing monocart-coverage-reports (#535) (13979a7)
  • 10.1.0 - 2024-06-11

    10.1.0 (2024-06-11)

    Features

  • 10.0.0 - 2024-06-10

    10.0.0 (2024-06-10)

    ⚠ BREAKING CHANGES

    • deps: Node 18 is now the minimum supported Node.js version

    Bug Fixes

    • deps: update test-exclude with new glob / minimatch (#531) (e33cf30)
  • 9.1.0 - 2024-01-12

    9.1.0 (2024-01-11)

    Features

    • support passing reporter options from config (#459) (88db5db)

    Bug Fixes

    • refactor: remove stale check for createDynamicModule (5e18365)
  • 9.0.0 - 2024-01-03

    9.0.0 (2024-01-03)

    ⚠ BREAKING CHANGES

    • build: minimum Node.js version is now 14.14.0

    Features

    • build: minimum Node.js version is now 14.14.0 (2cdc86b)
    • deps: update foreground-child to promise API (#512) (b46b640)
    • deps: use Node.js built in rm (2cdc86b)
  • 8.0.1 - 2023-07-25

    8.0.1 (2023-07-25)

    Bug Fixes

  • 8.0.0 - 2023-06-13

    8.0.0 (2023-06-05)

    ⚠ BREAKING CHANGES

    • dropped Node 10 support (#475)

    Miscellaneous Chores

  • 7.14.0 - 2023-05-28

    7.14.0 (2023-05-26)

    Features

    • added a new CLI arg --merge-async to asynchronously and incrementally merge process coverage files to avoid OOM due to heap exhaustion (#469) (45f2f84)
from c8 GitHub release notes
Package name: gts
  • 5.3.1 - 2024-06-11

    5.3.1 (2024-04-10)

    Bug Fixes

    • deps: replace dependency eslint-plugin-node with eslint-plugin-n (#865) (efbe3a8)
    • deps: update dependency eslint to v8.57.0 (#833) (0c0a45c)
    • deps: update dependency prettier to v3.2.5 (#846) (7e60e38)

    Performance Improvements

    • Supercharge Performance & Efficiency: Leveraging Promise.all for Resource-Friendly Tasks 🚤 (#838) (7424fe1)
  • 5.3.0 - 2024-03-22

    5.3.0 (2024-03-21)

    Features

    Bug Fixes

    • deps: update dependency eslint to v8.51.0 (#812) (

Snyk has created this PR to upgrade:
  - @types/node from 18.11.18 to 22.5.2.
    See this package in npm: https://www.npmjs.com/package/@types/node
  - @octokit/types from 8.1.0 to 13.5.0.
    See this package in npm: https://www.npmjs.com/package/@octokit/types
  - jsonwebtoken from 9.0.0 to 9.0.2.
    See this package in npm: https://www.npmjs.com/package/jsonwebtoken
  - lru-cache from 7.14.1 to 11.0.0.
    See this package in npm: https://www.npmjs.com/package/lru-cache
  - gcf-utils from 14.4.6 to 15.0.1.
    See this package in npm: https://www.npmjs.com/package/gcf-utils
  - @google-automations/bot-config-utils from 6.1.3 to 7.0.0.
    See this package in npm: https://www.npmjs.com/package/@google-automations/bot-config-utils
  - @google-automations/datastore-lock from 4.1.0 to 5.0.0.
    See this package in npm: https://www.npmjs.com/package/@google-automations/datastore-lock
  - @google-automations/label-utils from 3.0.2 to 4.0.0.
    See this package in npm: https://www.npmjs.com/package/@google-automations/label-utils
  - @octokit/webhooks from 10.6.0 to 13.3.0.
    See this package in npm: https://www.npmjs.com/package/@octokit/webhooks
  - @types/mocha from 10.0.1 to 10.0.7.
    See this package in npm: https://www.npmjs.com/package/@types/mocha
  - @types/sinon from 10.0.13 to 17.0.3.
    See this package in npm: https://www.npmjs.com/package/@types/sinon
  - c8 from 7.14.0 to 10.1.2.
    See this package in npm: https://www.npmjs.com/package/c8
  - gts from 4.0.1 to 5.3.1.
    See this package in npm: https://www.npmjs.com/package/gts
  - mocha from 10.2.0 to 10.7.3.
    See this package in npm: https://www.npmjs.com/package/mocha
  - nock from 13.3.0 to 13.5.5.
    See this package in npm: https://www.npmjs.com/package/nock
  - sinon from 15.0.1 to 18.0.0.
    See this package in npm: https://www.npmjs.com/package/sinon
  - smee-client from 1.2.3 to 2.0.3.
    See this package in npm: https://www.npmjs.com/package/smee-client
  - typescript from 4.9.4 to 5.5.4.
    See this package in npm: https://www.npmjs.com/package/typescript

See this project in Snyk:
https://app.snyk.io/org/cachiman/project/2309214f-6bf3-4d5b-a632-390d9897e44b?utm_source=github&utm_medium=referral&page=upgrade-pr
Copy link

google-cla bot commented Sep 22, 2024

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Security finding in c8 versions 6, 7, and 8
2 participants