patternfly-css icon indicating copy to clipboard operation
patternfly-css copied to clipboard
verified publisher icon patternfly

[Snyk] Security upgrade browser-sync from 2.18.13 to 2.26.6

Open mtho11 opened this issue 3 years ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
low severity 461/1000
Why? Recently disclosed, Has a fix available, CVSS 3.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-DEBUG-3227433		 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: browser-sync The new version differs by 209 commits.
  • 0b3d98b v2.26.6
  • fdfc681 tests: add e2e tests to package.json
  • c56cfd9 Merge pull request #1698 from emeitch/fix_deprecated_header
  • 2fd598f Merge pull request #1690 from XhmikosR/xmr-ci
  • 841ccd5 Merge pull request #1694 from coliff/patch-1
  • 209c9c1 Merge pull request #1697 from gaards/update-localtunnel
  • 87bee4b Use getHeaders or _headers
  • 77abfd3 Update localtunnel
  • 1f073f9 Remove gittip from README (service closed down)
  • 51792b1 AppVeyor tweaks.
  • 9c9d71a CI: Add Node.js 12 and 10.
  • 6dd2d56 v2.26.5
  • 62007c8 SyntaxError in micromatch when starting browser-sync - fixes #1682
  • 47a4d1b v2.26.4
  • 05a58db deps: fixes #1677 #1671 #1659 #1648
  • 35035df deps: removed nodemon since it includes flat-stream (security)
  • 1b2eab5 Merge pull request #1634 from mxschmitt/patch-1
  • e35e5dc fix(ui): updated dead links and moved to https
  • 85c4ba7 examples: server + proxy
  • 924d5e7 v2.26.3
  • d60cd91 fix: application/wasm support in Chrome - fixes #1598
  • f95dd7a v2.26.2
  • 9f3fea4 deps: npm audit fixes across all packages - fixes #1618
  • cf7cb3e v2.26.1

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

mtho11 avatar Jan 10 '23 11:01 mtho11