René's URL Explorer Experiment

Title: [Snyk] Security upgrade protobufjs from 6.11.3 to 7.2.4 by gladguy · Pull Request #8 · gladguy/Zilliqa-JavaScript-Library · GitHub

Open Graph Title: [Snyk] Security upgrade protobufjs from 6.11.3 to 7.2.4 by gladguy · Pull Request #8 · gladguy/Zilliqa-JavaScript-Library

X Title: [Snyk] Security upgrade protobufjs from 6.11.3 to 7.2.4 by gladguy · Pull Request #8 · gladguy/Zilliqa-JavaScript-Library

Description: This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. Changes included in this PR Changes to the following files to upgrade the vulnerable dependencies to a fixed version: packages/zilliqa-js-proto/package.json Vulnerabilities that will be fixed With an upgrade: Severity Priority Score (*) Issue Breaking Change Exploit Maturity 823/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 8.6 Prototype Pollution SNYK-JS-PROTOBUFJS-5756498 Yes Proof of Concept (*) Note that the real score may have changed since the PR was raised. Commit messages Package name: protobufjs The new version differs by 72 commits. 42e5a9c chore: release master (#1900) e66379f fix: do not let setProperty change the prototype (#1899) 56b1e64 chore: release master (#1879) 8817ee6 fix: type names can be split into multiple tokens (#1877) e721d04 chore: release master (#1867) 14f0536 fix: do not allow to extend same field twice to prevent the error (#1784) 644d588 chore: release master (#1865) e42eea4 fix(cli): fix relative path to Google pb files (#1859) dce9a2e fix: use bundled filename to fix common pb includes (#1860) 64e8936 fix: use ES5 style function syntax (#1830) 4489fa7 Revert "fix: error should be thrown (#1817)" (#1864) 0099ddc chore: release master (#1852) 32f2d6a feat(cli): generate static files at the granularity of proto messages (#1840) ea7b9a6 build(deps): bump decode-uri-component from 0.2.0 to 0.2.2 (#1837) e7a3489 fix: error should be thrown (#1817) 82f55e6 build(deps): bump json5 from 2.2.1 to 2.2.3 (#1848) 57fe6f5 chore(deps): update dependency jsdoc to v4 (#1833) d026849 chore: release master (#1813) 119d90a fix(types): nested object can be a oneof (#1812) 67fe592 Update CDN (RawGit EOL) (#1806) 6254efb chore: release master (#1804) 7c27b5a fix: add import long to the generated .d.ts (#1802) 7120e93 fix: generate valid js code for aliased enum values (#1801) 48457c4 chore: release master (#1772) See the full diff Check the changes in this PR to ensure they won't cause issues with your project. Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: 🧐 View latest project report 🛠 Adjust project settings 📚 Read more about Snyk's upgrade and patch logic Learn how to fix vulnerabilities with free interactive lessons: 🦉 Prototype Pollution

Open Graph Description: This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. Changes inc...

X Description: This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. Changes inc...

Opengraph URL: https://github.com/gladguy/Zilliqa-JavaScript-Library/pull/8

X: @github

direct link

Domain: patch-diff.githubusercontent.com

Links:

Viewport: width=device-width