René's URL Explorer Experiment


Title: [Snyk] Security upgrade node-gyp from 3.6.2 to 10.0.0 by jmatsushita · Pull Request #24 · contentascode/nodegit · GitHub

Open Graph Title: [Snyk] Security upgrade node-gyp from 3.6.2 to 10.0.0 by jmatsushita · Pull Request #24 · contentascode/nodegit

X Title: [Snyk] Security upgrade node-gyp from 3.6.2 to 10.0.0 by jmatsushita · Pull Request #24 · contentascode/nodegit

Description: This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. Changes included in this PR Changes to the following files to upgrade the vulnerable dependencies to a fixed version: package.json package-lock.json Vulnerabilities that will be fixed With an upgrade: Severity Priority Score (*) Issue Breaking Change Exploit Maturity 696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908 Yes Proof of Concept (*) Note that the real score may have changed since the PR was raised. Commit messages Package name: node-gyp The new version differs by 250 commits. 9acb4c7 chore: release 10.0.0 3032e10 chore: run tests after release please PR 864a979 feat!: use .npmignore file to limit which files are published (#2921) 4e493d4 chore: misc testing fixes (#2930) d52997e feat: convert internal classes from util.inherits to classes 355622f feat: convert all internal functions to async/await 1b3bd34 feat!: drop node 14 support (#2929) e388255 deps: which@4.0.0 (#2928) 059bb6f deps: make-fetch-happen@13.0.0 (#2927) 4bef1ec deps: glob@10.3.10 (#2926) 21a7249 chore: add check engines script to CI (#2922) 707927c feat(gyp): update gyp to v0.16.1 (#2923) d644ce4 docs: update applicable GitHub links from master to main (#2843) 4a50fe3 chore: empty commit to add changelog entries from #2770 26683e9 chore: GitHub Workflows security hardening (#2740) 91fd8ff Python lint: ruff --format is now --output-format b3d41ae doc: Add note about Python symlinks (PR 2362) to CHANGELOG.md for 9.1.0 (#2783) 5746691 test: update expired certs (#2908) d3615c6 Fix incorrect Xcode casing in README (#2896) bb93b94 docs: README.md Do not hardcode the supported versions of Python (#2880) 0f1f667 fix: create Python symlink only during builds, and clean it up after (#2721) 445c28f test: increase mocha timeout (#2887) 1bfb083 Fix Python lint error by using an f-string (#2886) c9caa2e docs: Update windows installation instructions in README.md (#2882) See the full diff Check the changes in this PR to ensure they won't cause issues with your project. Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: 🧐 View latest project report 🛠 Adjust project settings 📚 Read more about Snyk's upgrade and patch logic Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation. Learn how to fix vulnerabilities with free interactive lessons: 🦉 Regular Expression Denial of Service (ReDoS)

Open Graph Description: This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. Changes inc...

X Description: This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. Changes inc...

Opengraph URL: https://github.com/contentascode/nodegit/pull/24

X: @github

direct link

Domain: github.com

route-pattern/:user_id/:repository/pull/:id/files(.:format)
route-controllerpull_requests
route-actionfiles
fetch-noncev2:da88042e-8965-2363-0834-d90512b22ea4
current-catalog-service-hashae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b
request-idA034:2E118D:1F28B0F:290DD2A:6A5C94D6
html-safe-nonceda341ef80d7418655ba867fa90c69864a503ff861568845f276baf0615247eba
visitor-payloadeyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJBMDM0OjJFMTE4RDoxRjI4QjBGOjI5MEREMkE6NkE1Qzk0RDYiLCJ2aXNpdG9yX2lkIjoiNzExNTg1ODQyNTc0MjY2MDgyMiIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9
visitor-hmace49d9a92aae0a6562326a0a263150ed5be3d625dbedb340da9dbf9096fdba2c0
hovercard-subject-tagpull_request:1880843108
github-keyboard-shortcutsrepository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot
google-site-verificationApib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-urlhttps://collector.github.com/github/collect
analytics-location///pull_requests/show/files
fb:app_id1401488693436528
apple-itunes-appapp-id=1477376905, app-argument=https://github.com/contentascode/nodegit/pull/24/files
twitter:imagehttps://avatars.githubusercontent.com/u/356097?s=400&v=4
twitter:cardsummary_large_image
og:imagehttps://avatars.githubusercontent.com/u/356097?s=400&v=4
og:image:altThis PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. Changes inc...
og:site_nameGitHub
og:typeobject
hostnamegithub.com
expected-hostnamegithub.com
None5290d7e14309ad1e76106a9c4237bd1041517e83ea182c8ab756752cb0c6940b
turbo-cache-controlno-preview
diff-viewunified
go-importgithub.com/contentascode/nodegit git https://github.com/contentascode/nodegit.git
octolytics-dimension-user_id17619610
octolytics-dimension-user_logincontentascode
octolytics-dimension-repository_id146910390
octolytics-dimension-repository_nwocontentascode/nodegit
octolytics-dimension-repository_publictrue
octolytics-dimension-repository_is_forktrue
octolytics-dimension-repository_parent_id122874686
octolytics-dimension-repository_parent_nwoCroydon/nodegit
octolytics-dimension-repository_network_root_id1383170
octolytics-dimension-repository_network_root_nwonodegit/nodegit
turbo-body-classeslogged-out env-production page-responsive full-width
disable-turbotrue
browser-stats-urlhttps://api.github.com/_private/browser/stats
browser-errors-urlhttps://api.github.com/_private/browser/errors
release9c975978430e9ad293956f2bbdaf153b1bd84a99
ui-targetfull
theme-color#1e2327
color-schemelight dark

Links:

Skip to contenthttps://github.com/contentascode/nodegit/pull/24/files#start-of-content
https://github.com/
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fcontentascode%2Fnodegit%2Fpull%2F24%2Ffiles
GitHub CopilotWrite better code with AIhttps://github.com/features/copilot
GitHub Copilot appDirect agents from issue to mergehttps://github.com/features/ai/github-app
MCP RegistryNewIntegrate external toolshttps://github.com/mcp
ActionsAutomate any workflowhttps://github.com/features/actions
CodespacesInstant dev environmentshttps://github.com/features/codespaces
IssuesPlan and track workhttps://github.com/features/issues
Code ReviewManage code changeshttps://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilitieshttps://github.com/security/advanced-security
Code securitySecure your code as you buildhttps://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they starthttps://github.com/security/advanced-security/secret-protection
Why GitHubhttps://github.com/why-github
Documentationhttps://docs.github.com
Bloghttps://github.blog
Changeloghttps://github.blog/changelog
Marketplacehttps://github.com/marketplace
View all featureshttps://github.com/features
Enterpriseshttps://github.com/enterprise
Small and medium teamshttps://github.com/team
Startupshttps://github.com/enterprise/startups
Nonprofitshttps://github.com/solutions/industry/nonprofits
App Modernizationhttps://github.com/solutions/use-case/app-modernization
DevSecOpshttps://github.com/solutions/use-case/devsecops
DevOpshttps://github.com/solutions/use-case/devops
CI/CDhttps://github.com/solutions/use-case/ci-cd
View all use caseshttps://github.com/solutions/use-case
Healthcarehttps://github.com/solutions/industry/healthcare
Financial serviceshttps://github.com/solutions/industry/financial-services
Manufacturinghttps://github.com/solutions/industry/manufacturing
Governmenthttps://github.com/solutions/industry/government
View all industrieshttps://github.com/solutions/industry
View all solutionshttps://github.com/solutions
AIhttps://github.com/resources/articles?topic=ai
Software Developmenthttps://github.com/resources/articles?topic=software-development
DevOpshttps://github.com/resources/articles?topic=devops
Securityhttps://github.com/resources/articles?topic=security
View all topicshttps://github.com/resources/articles
Customer storieshttps://github.com/customer-stories
Events & webinarshttps://github.com/resources/events
Ebooks & reportshttps://github.com/resources/whitepapers
Business insightshttps://github.com/solutions/executive-insights
GitHub Skillshttps://skills.github.com
Documentationhttps://docs.github.com
Customer supporthttps://support.github.com
Community forumhttps://github.com/orgs/community/discussions
Trust centerhttps://github.com/trust-center
Partnershttps://github.com/partners
View all resourceshttps://github.com/resources
GitHub SponsorsFund open source developershttps://github.com/open-source/sponsors
Security Labhttps://securitylab.github.com
Maintainer Communityhttps://maintainers.github.com
Acceleratorhttps://github.com/open-source/accelerator
GitHub Starshttps://stars.github.com
Archive Programhttps://archiveprogram.github.com
Topicshttps://github.com/topics
Trendinghttps://github.com/trending
Collectionshttps://github.com/collections
Enterprise platformAI-powered developer platformhttps://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security featureshttps://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI featureshttps://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 supporthttps://github.com/enterprise/premium-support
Pricinghttps://github.com/pricing
Search syntax tipshttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentationhttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fcontentascode%2Fnodegit%2Fpull%2F24%2Ffiles
Sign up https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fpull_requests%2Fshow%2Ffiles&source=header-repo&source_repo=contentascode%2Fnodegit
Reloadhttps://github.com/contentascode/nodegit/pull/24/files
Reloadhttps://github.com/contentascode/nodegit/pull/24/files
Reloadhttps://github.com/contentascode/nodegit/pull/24/files
Please reload this pagehttps://github.com/contentascode/nodegit/pull/24/files
contentascode https://github.com/contentascode
nodegithttps://github.com/contentascode/nodegit
Croydon/nodegithttps://github.com/Croydon/nodegit
Notifications https://github.com/login?return_to=%2Fcontentascode%2Fnodegit
Fork 0 https://github.com/login?return_to=%2Fcontentascode%2Fnodegit
Star 0 https://github.com/login?return_to=%2Fcontentascode%2Fnodegit
Code https://github.com/contentascode/nodegit
Pull requests 34 https://github.com/contentascode/nodegit/pulls
Actions https://github.com/contentascode/nodegit/actions
Projects https://github.com/contentascode/nodegit/projects
Security and quality 0 https://github.com/contentascode/nodegit/security
Insights https://github.com/contentascode/nodegit/pulse
Code https://github.com/contentascode/nodegit
Pull requests https://github.com/contentascode/nodegit/pulls
Actions https://github.com/contentascode/nodegit/actions
Projects https://github.com/contentascode/nodegit/projects
Security and quality https://github.com/contentascode/nodegit/security
Insights https://github.com/contentascode/nodegit/pulse
Sign up for GitHub https://github.com/signup?return_to=%2Fcontentascode%2Fnodegit%2Fissues%2Fnew%2Fchoose
terms of servicehttps://docs.github.com/terms
privacy statementhttps://docs.github.com/privacy
Sign inhttps://github.com/login?return_to=%2Fcontentascode%2Fnodegit%2Fissues%2Fnew%2Fchoose
jmatsushitahttps://github.com/jmatsushita
masterhttps://github.com/contentascode/nodegit/tree/master
snyk-fix-8028e9f6dae9e6fb9f919e099ad72ec0https://github.com/contentascode/nodegit/tree/snyk-fix-8028e9f6dae9e6fb9f919e099ad72ec0
Conversation 0 https://github.com/contentascode/nodegit/pull/24
Commits 1 https://github.com/contentascode/nodegit/pull/24/commits
Checks 0 https://github.com/contentascode/nodegit/pull/24/checks
Files changed https://github.com/contentascode/nodegit/pull/24/files
Please reload this pagehttps://github.com/contentascode/nodegit/pull/24/files
[Snyk] Security upgrade node-gyp from 3.6.2 to 10.0.0 https://github.com/contentascode/nodegit/pull/24/files#top
Show all changes 1 commit https://github.com/contentascode/nodegit/pull/24/files
736fba9 fix: package.json & package-lock.json to reduce vulnerabilities snyk-bot May 21, 2024 https://github.com/contentascode/nodegit/pull/24/commits/736fba928d96e7fe0f83dd6ec0f3e08e5f7ff822
Clear filters https://github.com/contentascode/nodegit/pull/24/files
Please reload this pagehttps://github.com/contentascode/nodegit/pull/24/files
Please reload this pagehttps://github.com/contentascode/nodegit/pull/24/files
package-lock.json https://github.com/contentascode/nodegit/pull/24/files#diff-053150b640a7ce75eff69d1a22cae7f0f94ad64ce9a855db544dda0929316519
package.json https://github.com/contentascode/nodegit/pull/24/files#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519
Please reload this pagehttps://github.com/contentascode/nodegit/pull/24/files
https://github.com
Termshttps://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacyhttps://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Securityhttps://github.com/security
Statushttps://www.githubstatus.com/
Communityhttps://github.community/
Docshttps://docs.github.com/
Contacthttps://support.github.com?tags=dotcom-footer

Viewport: width=device-width


URLs of crawlers that visited me.