Title: [Snyk] Security upgrade express from 4.17.1 to 4.19.2 by MelnikovAG · Pull Request #5 · MelnikovAG/https-localhost · GitHub
Open Graph Title: [Snyk] Security upgrade express from 4.17.1 to 4.19.2 by MelnikovAG · Pull Request #5 · MelnikovAG/https-localhost
X Title: [Snyk] Security upgrade express from 4.17.1 to 4.19.2 by MelnikovAG · Pull Request #5 · MelnikovAG/https-localhost
Description: This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. Changes included in this PR Changes to the following files to upgrade the vulnerable dependencies to a fixed version: package.json package-lock.json Vulnerabilities that will be fixed With an upgrade: Severity Priority Score (*) Issue Breaking Change Exploit Maturity 591/1000 Why? Recently disclosed, Has a fix available, CVSS 6.1 Open Redirect SNYK-JS-EXPRESS-6474509 No No Known Exploit (*) Note that the real score may have changed since the PR was raised. Commit messages Package name: express The new version differs by 250 commits. b28db2c 4.19.2 0b74695 Improved fix for open redirect allow list bypass 4f0f6cc 4.19.1 a003cfa Allow passing non-strings to res.location with new encoding handling checks fixes #5554 #5555 a1fa90f fixed un-edited version in history.md for 4.19.0 11f2b1d build: fix build due to inconsistent supertest behavior in older versions 084e365 4.19.0 0867302 Prevent open redirect allow list bypass due to encodeurl 567c9c6 Add note on how to update docs for new release (#5541) 69a4cf2 deps: cookie@0.6.0 4ee853e docs: loosen TC activity rules 414854b docs: nominating @ wesleytodd to be project captian 06c6b88 docs: update release date 1b51eda 4.18.3 b625132 build: pin Node 21.x to minor e3eca80 build: pin Node 21.x to minor 23b44b3 build: support Node.js 21.6.2 b9fea12 build: support Node.js 21.x in appveyor c259c34 build: support Node.js 21.x fdeb1d3 build: support Node.js 20.x in appveyor 734b281 build: support Node.js 20.x 0e3ab6e examples: improve view count in cookie-sessions 59af63a build: Node.js@18.19 e720c5a docs: add documentation for benchmarks See the full diff Check the changes in this PR to ensure they won't cause issues with your project. Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: 🧐 View latest project report 🛠 Adjust project settings 📚 Read more about Snyk's upgrade and patch logic Learn how to fix vulnerabilities with free interactive lessons: 🦉 Open Redirect
Open Graph Description: This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. Changes inc...
X Description: This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. Changes inc...
Opengraph URL: https://github.com/MelnikovAG/https-localhost/pull/5
X: @github
Domain: github.com
| route-pattern | /:user_id/:repository/pull/:id/files(.:format) |
| route-controller | pull_requests |
| route-action | files |
| fetch-nonce | v2:25eded8a-5e91-785a-06f2-714a301b6c0e |
| current-catalog-service-hash | ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b |
| request-id | A0D4:218918:4BA06:63355:6A52B783 |
| html-safe-nonce | c6fada8c4d805823fd074f82b6de3806482f0bb42c13ec633ca0f7d51dadd787 |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJBMEQ0OjIxODkxODo0QkEwNjo2MzM1NTo2QTUyQjc4MyIsInZpc2l0b3JfaWQiOiI4Mzg1ODQ2MDQ1NzU0NzAxNjk5IiwicmVnaW9uX2VkZ2UiOiJpYWQiLCJyZWdpb25fcmVuZGVyIjoiaWFkIn0= |
| visitor-hmac | f9afda8e357a8fd1a7520bb7c1ba05b6a3474c9c8dd25d22ff68b3a26451e71c |
| hovercard-subject-tag | pull_request:1792274283 |
| github-keyboard-shortcuts | repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/MelnikovAG/https-localhost/pull/5/files |
| twitter:image | https://avatars.githubusercontent.com/u/35483392?s=400&v=4 |
| twitter:card | summary_large_image |
| og:image | https://avatars.githubusercontent.com/u/35483392?s=400&v=4 |
| og:image:alt | This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. Changes inc... |
| og:site_name | GitHub |
| og:type | object |
| hostname | github.com |
| expected-hostname | github.com |
| None | b9a586c06a05a7a86fc7e3f4dbd03e42f6869085879aa184aa6369456dbd50fb |
| turbo-cache-control | no-preview |
| diff-view | unified |
| go-import | github.com/MelnikovAG/https-localhost git https://github.com/MelnikovAG/https-localhost.git |
| octolytics-dimension-user_id | 35483392 |
| octolytics-dimension-user_login | MelnikovAG |
| octolytics-dimension-repository_id | 405227915 |
| octolytics-dimension-repository_nwo | MelnikovAG/https-localhost |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | true |
| octolytics-dimension-repository_parent_id | 142558583 |
| octolytics-dimension-repository_parent_nwo | daquinoaldo/https-localhost |
| octolytics-dimension-repository_network_root_id | 142558583 |
| octolytics-dimension-repository_network_root_nwo | daquinoaldo/https-localhost |
| turbo-body-classes | logged-out env-production page-responsive full-width |
| disable-turbo | true |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 07a982c1d40157c619b364352b704c3ce66bb332 |
| ui-target | canary-1 |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width