angular-seed-express icon indicating copy to clipboard operation
angular-seed-express copied to clipboard
verified publisher icon vyakymenko

[Snyk] Security upgrade pm2 from 4.3.0 to 4.5.0

Open vyakymenko opened this issue 2 years ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
low severity 506/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 3.7		 Regular Expression Denial of Service (ReDoS)
npm:debug:20170905		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: pm2 The new version differs by 58 commits.
  • 49f1871 [email protected]
  • 3e004dc add udp client/server example + fix typo
  • 310d68d [email protected] - testing phase
  • 7f11906 Merge pull request #4681 from guard43ru/development
  • 108ddea Merge pull request #4741 from getsnoopy/fix-unit-test-script
  • c4929d1 Merge pull request #4762 from ffflorian/patch-1
  • b3b4c9a allow to pass --install to force yarn install on tarball install
  • 39286ab Merge pull request #4767 from ykolbin/fix_tarball_module_name_v2
  • 70715ae Merge pull request #4782 from mbrooks/master
  • 6ed7ae2 Merge pull request #4790 from sbleon/fix-e2e-test-path
  • 3e9b398 Merge pull request #4791 from sbleon/fix-namespace-cli-option
  • f578221 Merge pull request #4808 from typhonius/am-grammar-update
  • ff1e2f1 Merge pull request #4841 from web-native/development
  • b797970 Merge pull request #4846 from QS20199/fix/creating-log-folder-in-sync-mode-2
  • 918a41e upgrade dependencies
  • e3583a1 fix: remote tarball install
  • a83a3ba fix: creating-log-folder-in-sync-mode
  • 3ab9b67 fix: add test for creating-log-folder-in-sync-mode
  • 1cb0427 Update ProcessContainerFork.js
  • 14871cd [email protected]
  • 1ec91cc Small grammar fix and addition of units to output.
  • 74c03ac Use opts.namespace if it was passed in. Previously, it was ignored.
  • 15f777d Fix e2e test paths in CONTRIBUTING doc
  • 08ae19e Prevent reloadLogs command from hanging

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

vyakymenko avatar Dec 06 '23 14:12 vyakymenko