[Snyk] Fix for 1 vulnerabilities by Centaurioun · Pull Request #425 · Centaurioun/tutorials

Centaurioun · 2023-01-10T08:33:45Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- json-modules/json/src/main/webapp/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	461/1000 Why? Recently disclosed, Has a fix available, CVSS 3.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-DEBUG-3227433	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: jsonforms

The new version differs by 28 commits.

b24bfc9 Release 0.0.20
e54235a Bump version number to 0.0.20
91ab904 Update Deployment with Bootstrap Release and Build Information
6bb7856 Merge pull request Restyle [Snyk] Security upgrade com.h2database:h2 from 1.4.200 to 2.1.210 #277 from eneufeld/feat_tutorialfixes_160615
2e09d8a fixed example and improved recursion check
7879372 added keys to exclude when converting date
665b6cd fixed date time
bd586e1 Merge pull request [Snyk] Security upgrade karma from 1.7.1 to 5.0.8 #269 from eneufeld/feat_jsonRefs
caa1ff0 added suggested improvements by edgar
a1e93a9 added resolvement of schema using jsonrefs
106889b Merge pull request Restyle [Snyk] Security upgrade io.quarkus:quarkus-core-deployment from 1.0.0.Final to 1.6.0.Final #268 from eneufeld/feat_bootstrap
8a0c899 Merge pull request [Snyk] Fix for 1 vulnerabilities #270 from sdirix/update-release-readme
55d1517 Bump version number to 0.0.19
f2871dc Add release LICENSE information
fac6d04 Update Readme with current Deployment information
7ba13cb fixed issues from review
37a7f7d fixed tests
504c4fa reverted build script changes
82b4144 pulled out css into separate file
a372801 unified treemasterdetail
a451822 unified datetime
0785b0e fixed date time
f30dcfd fixed treemasterdetail
d647244 fixed remaining issues with directives

See the full diff

Package name: typings

The new version differs by 80 commits.

5e53b08 v0.7.0
d269438 Merge pull request [Snyk] Security upgrade com.thoughtworks.xstream:xstream from 1.4.9 to 1.4.20 #295 from typings/typings-core
fcbd3ce Rewrite `typings` to use `typings-core`
f4d4b77 Merge pull request Restyle [Snyk] Security upgrade browser-sync from 2.24.6 to 2.26.14 #286 from typings/unional-patch-1
5ab7562 Update comment about npm run bootstrap
8e256ca v0.6.10
36c876b Merge pull request [Snyk] Security upgrade browser-sync from 2.24.6 to 2.26.14 #285 from typings/greenkeeper-popsicle-4.0.0
bb0a9dd chore(package): update popsicle to version 4.0.0
5a352db Merge pull request [Snyk] Security upgrade @angular-devkit/build-angular from 0.6.8 to 0.1100.0 #279 from unional/tslint-semicolon
b28fd25 Enforce ASI
e770a76 v0.6.9
1cb1556 Improve command line messaging around stripped references
f7190bb Merge pull request Restyle [Snyk] Security upgrade io.leangen.graphql:graphql-spqr-spring-boot-starter from 0.0.6 to 0.0.7 #273 from typings/ts-module-augmentation
1e9648f Enable TypeScript 1.8+ module augmentation
9486c1f Merge pull request [Snyk] Security upgrade com.amazonaws:aws-java-sdk-core from 1.12.331 to 1.12.368 #233 from unional/Add-typings-example
4fd311c Merge pull request [Snyk] Security upgrade karma from 1.4.1 to 2.0.0 #266 from typings/greenkeeper-typescript-1.8.7
54377c1 chore(package): update typescript to version 1.8.7
c0c17cf Merge pull request Restyle [Snyk] Security upgrade org.kie:kie-ci from 7.4.1.Final to 7.32.0.k20191220 #265 from typings/greenkeeper-typescript-1.8.6
300bfd8 chore(package): update typescript to version 1.8.6
886e3b0 Merge pull request [Snyk] Security upgrade generator-jhipster from 4.0.8 to 7.9.0 #253 from unional/patch-1
54b398e Refactor gitter-image and gitter-url
724417e Add gitter badge
fc9ef47 Remove TODOs
aee25b2 Fix typo

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

…bilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DEBUG-3227433

…0 to 1.7.0 (#1142) * fix: json-modules/json/src/main/webapp/package.json to reduce vulnerabilities (#425) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DEBUG-3227433 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * ci(Mergify): configuration update (#443) Signed-off-by: null <null> Signed-off-by: null <null> * [Snyk] Security upgrade org.apache.kafka:kafka-streams from 3.3.1 to 3.4.0 (#622) * fix: libraries-data/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEKAFKA-3317161 * Restyled by whitespace (#623) Co-authored-by: Restyled.io <commits@restyled.io> --------- Co-authored-by: restyled-io[bot] <32688539+restyled-io[bot]@users.noreply.github.com> Co-authored-by: Restyled.io <commits@restyled.io> * fix: spring-boot-modules/spring-boot-swagger-2/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-3369852 --------- Signed-off-by: null <null> Co-authored-by: Centaurioun <86323645+Centaurioun@users.noreply.github.com> Co-authored-by: restyled-io[bot] <32688539+restyled-io[bot]@users.noreply.github.com> Co-authored-by: Restyled.io <commits@restyled.io>

…-binder-kinesis from 2.0.2.RELEASE to 2.0.3.RELEASE (#1140) * fix: json-modules/json/src/main/webapp/package.json to reduce vulnerabilities (#425) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DEBUG-3227433 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * ci(Mergify): configuration update (#443) Signed-off-by: null <null> Signed-off-by: null <null> * [Snyk] Security upgrade org.apache.kafka:kafka-streams from 3.3.1 to 3.4.0 (#622) * fix: libraries-data/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEKAFKA-3317161 * Restyled by whitespace (#623) Co-authored-by: Restyled.io <commits@restyled.io> --------- Co-authored-by: restyled-io[bot] <32688539+restyled-io[bot]@users.noreply.github.com> Co-authored-by: Restyled.io <commits@restyled.io> * fix: spring-cloud-modules/spring-cloud-stream/spring-cloud-stream-kinesis/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORKCLOUD-2436645 * Restyled by whitespace (#1141) Co-authored-by: Restyled.io <commits@restyled.io> * Restyled by jq * Update .mergify.yml --------- Signed-off-by: null <null> Co-authored-by: Centaurioun <86323645+Centaurioun@users.noreply.github.com> Co-authored-by: restyled-io[bot] <32688539+restyled-io[bot]@users.noreply.github.com> Co-authored-by: Restyled.io <commits@restyled.io> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

) * fix: json-modules/json/src/main/webapp/package.json to reduce vulnerabilities (#425) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DEBUG-3227433 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * ci(Mergify): configuration update (#443) Signed-off-by: null <null> Signed-off-by: null <null> * [Snyk] Security upgrade org.apache.kafka:kafka-streams from 3.3.1 to 3.4.0 (#622) * fix: libraries-data/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEKAFKA-3317161 * Restyled by whitespace (#623) Co-authored-by: Restyled.io <commits@restyled.io> --------- Co-authored-by: restyled-io[bot] <32688539+restyled-io[bot]@users.noreply.github.com> Co-authored-by: Restyled.io <commits@restyled.io> * fix: logging-modules/log4j2/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMH2DATABASE-1769238 - https://snyk.io/vuln/SNYK-JAVA-COMH2DATABASE-2331071 * Restyled by whitespace (#1133) Co-authored-by: Restyled.io <commits@restyled.io> --------- Signed-off-by: null <null> Co-authored-by: Centaurioun <86323645+Centaurioun@users.noreply.github.com> Co-authored-by: restyled-io[bot] <32688539+restyled-io[bot]@users.noreply.github.com> Co-authored-by: Restyled.io <commits@restyled.io>

* fix: json-modules/json/src/main/webapp/package.json to reduce vulnerabilities (#425) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DEBUG-3227433 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * ci(Mergify): configuration update (#443) Signed-off-by: null <null> Signed-off-by: null <null> * [Snyk] Security upgrade org.apache.kafka:kafka-streams from 3.3.1 to 3.4.0 (#622) * fix: libraries-data/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEKAFKA-3317161 * Restyled by whitespace (#623) Co-authored-by: Restyled.io <commits@restyled.io> --------- Co-authored-by: restyled-io[bot] <32688539+restyled-io[bot]@users.noreply.github.com> Co-authored-by: Restyled.io <commits@restyled.io> * fix: jhipster-modules/jhipster-uaa/gateway/package.json & jhipster-modules/jhipster-uaa/gateway/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-GENERATORJHIPSTER-466980 --------- Signed-off-by: null <null> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Snyk bot <github+bot@snyk.io> Co-authored-by: restyled-io[bot] <32688539+restyled-io[bot]@users.noreply.github.com> Co-authored-by: Restyled.io <commits@restyled.io>

* fix: json-modules/json/src/main/webapp/package.json to reduce vulnerabilities (#425) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DEBUG-3227433 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * ci(Mergify): configuration update (#443) Signed-off-by: null <null> Signed-off-by: null <null> * [Snyk] Security upgrade org.apache.kafka:kafka-streams from 3.3.1 to 3.4.0 (#622) * fix: libraries-data/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEKAFKA-3317161 * Restyled by whitespace (#623) Co-authored-by: Restyled.io <commits@restyled.io> --------- Co-authored-by: restyled-io[bot] <32688539+restyled-io[bot]@users.noreply.github.com> Co-authored-by: Restyled.io <commits@restyled.io> * fix: spring-security-modules/spring-security-web-persistent-login/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORKSECURITY-2833359 * Restyled by whitespace * Restyled by jq --------- Signed-off-by: null <null> Co-authored-by: Centaurioun <86323645+Centaurioun@users.noreply.github.com> Co-authored-by: restyled-io[bot] <32688539+restyled-io[bot]@users.noreply.github.com> Co-authored-by: Restyled.io <commits@restyled.io> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

fix: json-modules/json/src/main/webapp/package.json to reduce vulnera…

b1191cf

…bilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DEBUG-3227433

restyled-io bot mentioned this pull request Jan 10, 2023

Restyle [Snyk] Fix for 1 vulnerabilities #426

Closed

Centaurioun merged commit af59c74 into master Jan 11, 2023

snyk-bot mentioned this pull request Jan 21, 2023

[Snyk] Fix for 1 vulnerabilities #522

Closed

Centaurioun mentioned this pull request Jan 30, 2023

[Snyk] Security upgrade webpack-cli from 2.1.3 to 3.0.0 #573

Closed

Centaurioun mentioned this pull request Apr 10, 2023

[Snyk] Fix for 1 vulnerabilities #270

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Fix for 1 vulnerabilities#425

[Snyk] Fix for 1 vulnerabilities#425
Centaurioun merged 1 commit intomasterfrom
snyk-fix-fd05b32fecc024e72c315d04452f4235

Centaurioun commented Jan 10, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

Centaurioun commented Jan 10, 2023

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants