Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade: , , , jsonwebtoken, lru-cache, probot, gcf-utils, , , , , , c8, gts, mocha, nock, sinon, typescript #517

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

WontonSam
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

Name Versions Released on

@types/node
from 18.11.18 to 22.5.1 | 288 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 25 days ago
on 2024-08-28
@octokit/openapi-types
from 14.0.0 to 22.2.0 | 23 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 5 months ago
on 2024-04-29
@octokit/types
from 8.1.0 to 13.5.0 | 39 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 5 months ago
on 2024-04-29
jsonwebtoken
from 9.0.0 to 9.0.2 | 2 versions ahead of your current version | a year ago
on 2023-08-30
lru-cache
from 7.14.1 to 11.0.0 | 39 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 2 months ago
on 2024-07-08
probot
from 12.2.9 to 13.3.7 | 37 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 2 months ago
on 2024-08-06
gcf-utils
from 14.4.6 to 15.0.1 | 2 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-09-26
@google-automations/bot-config-utils
from 6.1.3 to 7.0.0 | 1 version ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-09-18
@google-automations/datastore-lock
from 4.1.0 to 5.0.0 | 1 version ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-09-18
@google-automations/label-utils
from 3.0.2 to 4.0.0 | 1 version ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-09-18
@types/mocha
from 10.0.1 to 10.0.7 | 6 versions ahead of your current version | 3 months ago
on 2024-06-22
@types/sinon
from 10.0.13 to 17.0.3 | 11 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 8 months ago
on 2024-01-10
c8
from 7.14.0 to 10.1.2 | 8 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 3 months ago
on 2024-06-13
gts
from 4.0.1 to 5.3.1 | 10 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 3 months ago
on 2024-06-11
mocha
from 10.2.0 to 10.7.3 | 10 versions ahead of your current version | a month ago
on 2024-08-09
nock
from 13.3.0 to 13.5.5 | 15 versions ahead of your current version | a month ago
on 2024-08-20
sinon
from 15.0.1 to 18.0.0 | 16 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 4 months ago
on 2024-05-15
typescript
from 4.9.4 to 5.5.4 | 596 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 2 months ago
on 2024-07-22

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Improper Handling of Exceptional Conditions
SNYK-JS-PROBOT-6129524
67 No Known Exploit
high severity Asymmetric Resource Consumption (Amplification)
SNYK-JS-BODYPARSER-7926860
67 No Known Exploit
high severity Uncontrolled resource consumption
SNYK-JS-BRACES-6838727
67 Proof of Concept
high severity Infinite loop
SNYK-JS-MARKDOWNIT-6483324
67 Proof of Concept
high severity Inefficient Regular Expression Complexity
SNYK-JS-MICROMATCH-6838728
67 No Known Exploit
high severity Improper Handling of Exceptional Conditions
SNYK-JS-OCTOKITWEBHOOKS-6129527
67 No Known Exploit
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHTOREGEXP-7925106
67 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHTOREGEXP-7925106
67 Proof of Concept
medium severity Cross-site Scripting (XSS)
SNYK-JS-SERIALIZEJAVASCRIPT-6147607
67 Proof of Concept
medium severity Open Redirect
SNYK-JS-EXPRESS-6474509
67 No Known Exploit
medium severity Cross-site Scripting
SNYK-JS-EXPRESS-7926867
67 No Known Exploit
medium severity Uncontrolled Resource Consumption
SNYK-JS-GRPCGRPCJS-7242922
67 No Known Exploit
low severity Cross-site Scripting
SNYK-JS-SEND-7926862
67 No Known Exploit
low severity Cross-site Scripting
SNYK-JS-SERVESTATIC-7926865
67 No Known Exploit
Release notes
Package name: @types/node
  • 22.5.1 - 2024-08-28
  • 22.5.0 - 2024-08-21
  • 22.4.2 - 2024-08-21
  • 22.4.1 - 2024-08-19
  • 22.4.0 - 2024-08-16
  • 22.3.0 - 2024-08-14
  • 22.2.0 - 2024-08-09
  • 22.1.0 - 2024-08-02
  • 22.0.3 - 2024-08-02
  • 22.0.2 - 2024-07-31
  • 22.0.1 - 2024-07-31
  • 22.0.0 - 2024-07-28
  • 20.16.5 - 2024-09-04
  • 20.16.4 - 2024-09-04
  • 20.16.3 - 2024-09-01
  • 20.16.2 - 2024-08-28
  • 20.16.1 - 2024-08-19
  • 20.16.0 - 2024-08-18
  • 20.15.0 - 2024-08-16
  • 20.14.15 - 2024-08-09
  • 20.14.14 - 2024-08-02
  • 20.14.13 - 2024-07-28
  • 20.14.12 - 2024-07-23
  • 20.14.11 - 2024-07-16
  • 20.14.10 - 2024-07-05
  • 20.14.9 - 2024-06-25
  • 20.14.8 - 2024-06-22
  • 20.14.7 - 2024-06-20
  • 20.14.6 - 2024-06-19
  • 20.14.5 - 2024-06-18
  • 20.14.4 - 2024-06-17
  • 20.14.3 - 2024-06-17
  • 20.14.2 - 2024-06-05
  • 20.14.1 - 2024-06-03
  • 20.14.0 - 2024-06-02
  • 20.13.0 - 2024-05-31
  • 20.12.14 - 2024-05-31
  • 20.12.13 - 2024-05-29
  • 20.12.12 - 2024-05-14
  • 20.12.11 - 2024-05-08
  • 20.12.10 - 2024-05-06
  • 20.12.9 - 2024-05-06
  • 20.12.8 - 2024-05-01
  • 20.12.7 - 2024-04-09
  • 20.12.6 - 2024-04-09
  • 20.12.5 - 2024-04-05
  • 20.12.4 - 2024-04-03
  • 20.12.3 - 2024-04-02
  • 20.12.2 - 2024-03-30
  • 20.12.1 - 2024-03-30
  • 20.12.0 - 2024-03-30
  • 20.11.30 - 2024-03-19
  • 20.11.29 - 2024-03-18
  • 20.11.28 - 2024-03-15
  • 20.11.27 - 2024-03-13
  • 20.11.26 - 2024-03-11
  • 20.11.25 - 2024-03-06
  • 20.11.24 - 2024-02-29
  • 20.11.23 - 2024-02-29
  • 20.11.22 - 2024-02-28
  • 20.11.21 - 2024-02-27
  • 20.11.20 - 2024-02-22
  • 20.11.19 - 2024-02-15
  • 20.11.18 - 2024-02-15
  • 20.11.17 - 2024-02-08
  • 20.11.16 - 2024-02-01
  • 20.11.15 - 2024-02-01
  • 20.11.14 - 2024-01-31
  • 20.11.13 - 2024-01-30
  • 20.11.12 - 2024-01-30
  • 20.11.11 - 2024-01-30
  • 20.11.10 - 2024-01-28
  • 20.11.9 - 2024-01-28
  • 20.11.8 - 2024-01-27
  • 20.11.7 - 2024-01-26
  • 20.11.6 - 2024-01-24
  • 20.11.5 - 2024-01-17
  • 20.11.4 - 2024-01-16
  • 20.11.3 - 2024-01-15
  • 20.11.2 - 2024-01-15
  • 20.11.1 - 2024-01-15
  • 20.11.0 - 2024-01-11
  • 20.10.8 - 2024-01-09
  • 20.10.7 - 2024-01-07
  • 20.10.6 - 2023-12-30
  • 20.10.5 - 2023-12-17
  • 20.10.4 - 2023-12-07
  • 20.10.3 - 2023-12-03
  • 20.10.2 - 2023-12-01
  • 20.10.1 - 2023-11-29
  • 20.10.0 - 2023-11-24
  • 20.9.5 - 2023-11-23
  • 20.9.4 - 2023-11-22
  • 20.9.3 - 2023-11-21
  • 20.9.2 - 2023-11-18
  • 20.9.1 - 2023-11-16
  • 20.9.0 - 2023-11-07
  • 20.8.10 - 2023-10-31
  • 20.8.9 - 2023-10-25
  • 20.8.8 - 2023-10-24
  • 20.8.7 - 2023-10-18
  • 20.8.6 - 2023-10-13
  • 20.8.5 - 2023-10-12
  • 20.8.4 - 2023-10-09
  • 20.8.3 - 2023-10-06
  • 20.8.2 - 2023-10-02
  • 20.8.1 - 2023-10-02
  • 20.8.0 - 2023-09-30
  • 20.7.2 - 2023-09-29
  • 20.7.1 - 2023-09-27
  • 20.7.0 - 2023-09-25
  • 20.6.5 - 2023-09-24
  • 20.6.4 - 2023-09-23
  • 20.6.3 - 2023-09-20
  • 20.6.2 - 2023-09-16
  • 20.6.1 - 2023-09-15
  • 20.6.0 - 2023-09-08
  • 20.5.9 - 2023-09-02
  • 20.5.8 - 2023-09-01
  • 20.5.7 - 2023-08-28
  • 20.5.6 - 2023-08-24
  • 20.5.5 - 2023-08-24
  • 20.5.4 - 2023-08-23
  • 20.5.3 - 2023-08-22
  • 20.5.2 - 2023-08-22
  • 20.5.1 - 2023-08-18
  • 20.5.0 - 2023-08-13
  • 20.4.10 - 2023-08-11
  • 20.4.9 - 2023-08-08
  • 20.4.8 - 2023-08-05
  • 20.4.7 - 2023-08-04
  • 20.4.6 - 2023-08-02
  • 20.4.5 - 2023-07-25
  • 20.4.4 - 2023-07-22
  • 20.4.3 - 2023-07-21
  • 20.4.2 - 2023-07-12
  • 20.4.1 - 2023-07-07
  • 20.4.0 - 2023-07-05
  • 20.3.3 - 2023-06-30
  • 20.3.2 - 2023-06-26
  • 20.3.1 - 2023-06-13
  • 20.3.0 - 2023-06-10
  • 20.2.6 - 2023-06-10
  • 20.2.5 - 2023-05-26
  • 20.2.4 - 2023-05-25
  • 20.2.3 - 2023-05-21
  • 20.2.2 - 2023-05-21
  • 20.2.1 - 2023-05-18
  • 20.2.0 - 2023-05-17
  • 20.1.7 - 2023-05-16
  • 20.1.6 - 2023-05-16
  • 20.1.5 - 2023-05-16
  • 20.1.4 - 2023-05-13
  • 20.1.3 - 2023-05-11
  • 20.1.2 - 2023-05-10
  • 20.1.1 - 2023-05-08
  • 20.1.0 - 2023-05-05
  • 20.0.0 - 2023-05-05
  • 18.19.50 - 2024-09-04
  • 18.19.49 - 2024-09-04
  • 18.19.48 - 2024-09-01
  • 18.19.47 - 2024-08-28
  • 18.19.46 - 2024-08-26
  • 18.19.45 - 2024-08-19
  • 18.19.44 - 2024-08-09
  • 18.19.43 - 2024-08-02
  • 18.19.42 - 2024-07-23
  • 18.19.41 - 2024-07-18
  • 18.19.40 - 2024-07-16
  • 18.19.39 - 2024-06-22
  • 18.19.38 - 2024-06-20
  • 18.19.37 - 2024-06-19
  • 18.19.36 - 2024-06-17
  • 18.19.35 - 2024-06-17
  • 18.19.34 - 2024-06-03
  • 18.19.33 - 2024-05-08
  • 18.19.32 - 2024-05-06
  • 18.19.31 - 2024-04-09
  • 18.19.30 - 2024-04-05
  • 18.19.29 - 2024-04-02
  • 18.19.28 - 2024-03-30
  • 18.19.27 - 2024-03-30
  • 18.19.26 - 2024-03-19
  • 18.19.25 - 2024-03-18
  • 18.19.24 - 2024-03-13
  • 18.19.23 - 2024-03-11
  • 18.19.22 - 2024-03-06
  • 18.19.21 - 2024-02-29
  • 18.19.20 - 2024-02-28
  • 18.19.19 - 2024-02-27
  • 18.19.18 - 2024-02-22
  • 18.19.17 - 2024-02-15
  • 18.19.16 - 2024-02-15
  • 18.19.15 - 2024-02-08
  • 18.19.14 - 2024-02-01
  • 18.19.13 - 2024-02-01
  • 18.19.12 - 2024-01-31
  • 18.19.11 - 2024-01-30
  • 18.19.10 - 2024-01-26
  • 18.19.9 - 2024-01-24
  • 18.19.8 - 2024-01-17
  • 18.19.7 - 2024-01-15
  • 18.19.6 - 2024-01-09
  • 18.19.5 - 2024-01-07
  • 18.19.4 - 2023-12-30
  • 18.19.3 - 2023-12-07
  • 18.19.2 - 2023-12-03
  • 18.19.1 - 2023-12-01
  • 18.19.0 - 2023-11-30
  • 18.18.14 - 2023-11-29
  • 18.18.13 - 2023-11-23
  • 18.18.12 - 2023-11-22
  • 18.18.11 - 2023-11-21
  • 18.18.10 - 2023-11-18
  • 18.18.9 - 2023-11-07
  • 18.18.8 - 2023-10-31
  • 18.18.7 - 2023-10-25
  • 18.18.6 - 2023-10-18
  • 18.18.5 - 2023-10-12
  • 18.18.4 - 2023-10-06
  • 18.18.3 - 2023-10-02
  • 18.18.2 - 2023-10-02
  • 18.18.1 - 2023-09-29
  • 18.18.0 - 2023-09-25
  • 18.17.19 - 2023-09-23
  • 18.17.18 - 2023-09-20
  • 18.17.17 - 2023-09-16
  • 18.17.16 - 2023-09-15
  • 18.17.15 - 2023-09-08
  • 18.17.14 - 2023-09-02
  • 18.17.13 - 2023-09-01
  • 18.17.12 - 2023-08-28
  • 18.17.11 - 2023-08-24
  • 18.17.10 - 2023-08-24
  • 18.17.9 - 2023-08-23
  • 18.17.8 - 2023-08-22
  • 18.17.7 - 2023-08-22
  • 18.17.6 - 2023-08-18
  • 18.17.5 - 2023-08-11
  • 18.17.4 - 2023-08-08
  • 18.17.3 - 2023-08-05
  • 18.17.2 - 2023-08-04
  • 18.17.1 - 2023-07-25
  • 18.17.0 - 2023-07-22
  • 18.16.20 - 2023-07-21
  • 18.16.19 - 2023-06-30
  • 18.16.18 - 2023-06-13
  • 18.16.17 - 2023-06-10
  • 18.16.16 - 2023-05-26
  • 18.16.15 - 2023-05-25
  • 18.16.14 - 2023-05-21
  • 18.16.13 - 2023-05-18
  • 18.16.12 - 2023-05-16
  • 18.16.11 - 2023-05-16
  • 18.16.10 - 2023-05-16
  • 18.16.9 - 2023-05-13
  • 18.16.8 - 2023-05-11
  • 18.16.7 - 2023-05-10
  • 18.16.6 - 2023-05-08
  • 18.16.5 - 2023-05-05
  • 18.16.4 - 2023-05-05
  • 18.16.3 - 2023-04-29
  • 18.16.2 - 2023-04-27
  • 18.16.1 - 2023-04-25
  • 18.16.0 - 2023-04-23
  • 18.15.13 - 2023-04-21
  • 18.15.12 - 2023-04-19
  • 18.15.11 - 2023-03-28
  • 18.15.10 - 2023-03-25
  • 18.15.9 - 2023-03-25
  • 18.15.8 - 2023-03-24
  • 18.15.7 - 2023-03-24
  • 18.15.6 - 2023-03-23
  • 18.15.5 - 2023-03-20
  • 18.15.4 - 2023-03-20
  • 18.15.3 - 2023-03-14
  • 18.15.2 - 2023-03-13
  • 18.15.1 - 2023-03-13
  • 18.15.0 - 2023-03-09
  • 18.14.6 - 2023-03-03
  • 18.14.5 - 2023-03-03
  • 18.14.4 - 2023-03-02
  • 18.14.3 - 2023-03-02
  • 18.14.2 - 2023-02-26
  • 18.14.1 - 2023-02-23
  • 18.14.0 - 2023-02-17
  • 18.13.0 - 2023-02-07
  • 18.11.19 - 2023-02-04
  • 18.11.18 - 2022-12-26
from @types/node GitHub release notes
Package name: @octokit/openapi-types
  • 22.2.0 - 2024-04-29

    22.2.0 (2024-04-29)

    Features

    • add copilot endpoints, add reusable components, description updates (#416) (8ac5115)
  • 22.1.0 - 2024-04-15

    22.1.0 (2024-04-15)

    Features

    • remove all_of for issue, workflow_run, alert, release, pull_request, marketplace_purchase (#414) (f372a47)
  • 22.0.1 - 2024-04-09

    22.0.1 (2024-04-09)

    Bug Fixes

    • description updates, new parameter for enterprise-admin/license-upload, default_value field can now also be string[] on custom_property (#411) (cf05067)
  • 22.0.0 - 2024-04-05

    22.0.0 (2024-04-05)

    Features

    • BREAKING CHANGES: renames [repository-rule-params-code-scanning-threshold to repository-rule-params-code-scanning-tool, security_alerts to security_alerts_threshold], renames fields[repository-rule-params-code-scanning-threshold.alerts to repository-rule-params-code-scanning-tool.alerts_threshold, repository-rule-params-code-scanning-threshold.security_alerts to repository-rule-params-code-scanning-tool.security_alerts_threshold] (#409) (17537ce)

    BREAKING CHANGES

    • renames [repository-rule-params-code-scanning-threshold to repository-rule-params-code-scanning-tool, security_alerts to security_alerts_threshold], renames fields[repository-rule-params-code-scanning-threshold.alerts to repository-rule-params-code-scanning-tool.alerts_threshold, repository-rule-params-code-scanning-threshold.security_alerts to repository-rule-params-code-scanning-tool.security_alerts_threshold]
  • 21.2.0 - 2024-04-03

    21.2.0 (2024-04-03)

    Features

  • 21.1.0 - 2024-04-03

    21.1.0 (2024-04-03)

    Features

    • creates a component for security-advisory-ecosystems, adds deprecated attribute to workflow-run-requested.hub_url, BREAKING CHANGES: [renames operation repository-rule-params-thresholds to repository-rule-params-code-scanning-threshold, renames repository-rule-params-thresholds[code_scanning_alert_threshold, code_scanning_security_alert_threshold] to repository-rule-params-code-scanning-threshold[alerts,security_alerts]], adds property repository-rule-params-code-scanning-threshold[tool], adds object secret-scanning-location-wiki-commit (#407) (f2fe6f7)
  • 21.0.0 - 2024-04-01

    21.0.0 (2024-04-01)

    chore

    BREAKING CHANGES

    • Updates multiple endpoints to use owner + repo in place of repository_id
  • 20.0.0 - 2024-02-22

    20.0.0 (2024-02-22)

    Features

    • add GHES 3.11, GHES 3.12, remove GHES 3.7, many description updates and new enpoints (#395) (44dd0a8)

    BREAKING CHANGES

    • Drop GHES 3.7
  • 19.1.0 - 2023-11-28

    19.1.0 (2023-11-28)

    Features

  • 19.0.2 - 2023-10-25

    19.0.2 (2023-10-25)

    Bug Fixes

    • description and sample payload updates (#365) (d14957b)
  • 19.0.1 - 2023-10-24
  • 19.0.0 - 2023-09-23
  • 18.1.1 - 2023-09-23
  • 18.1.0 - 2023-09-22
  • 18.0.0 - 2023-06-09
  • 17.2.0 - 2023-05-16
  • 17.1.2 - 2023-05-11
  • 17.1.1 - 2023-05-05
  • 17.1.0 - 2023-04-28
  • 17.0.0 - 2023-04-20
  • 16.1.0 - 2023-04-19
  • 16.0.0 - 2023-01-19
  • 15.0.0 - 2023-01-19
  • 14.0.0 - 2022-09-27
from @octokit/openapi-types GitHub release notes
Package name: @octokit/types
  • 13.5.0 - 2024-04-29

    13.5.0 (2024-04-29)

    Features

    • add Copilot operations, bump openapi-types version (#638) (69c7f34)
  • 13.4.1 - 2024-04-15

    13.4.1 (2024-04-15)

    Bug Fixes

    • openapi-types and openapi-version minor bumps (#633) (fa8e2bb)
  • 13.4.0 - 2024-04-09

    13.4.0 (2024-04-09)

    Features

    • updates @ octokit/openapi-types to v22.0.1 (#631) (73f3c21)
  • 13.3.0 - 2024-04-09

    13.3.0 (2024-04-09)

    Features

    • add redirect option in RequestRequestOptions (#630) (9c58158)
  • 13.2.0 - 2024-04-08

    13.2.0 (2024-04-08)

    Features

    • Updates @ octokit/openapi-types to 22.0.0 (which had breaking changes). BREAKING CHANGES: Renames [repository-rule-params-code-scanning-threshold to repository-rule-params-code-scanning-tool, security_alerts to security_alerts_threshold], renames fields[repository-rule-params-code-scanning-threshold.alerts to repository-rule-params-code-scanning-tool.alerts_threshold, repository-rule-params-code-scanning-threshold.security_alerts to repository-rule-params-code-scanning-tool.security_alerts_threshold] (#629) (d32a77f)
    • updates @ octokit/openapi-types to v21.2.0 (#627) (a5bfb8f)
  • 13.1.0 - 2024-04-04

    13.1.0 (2024-04-04)

    Features

  • 13.0.0 - 2024-04-02

    13.0.0 (2024-04-02)

    Features

    • Updates openapi-types to v21.0.0 (which had breaking changes), BREAKING CHANGE: Updates multiple endpoints to use owner + repo in place of repository_id (#625) (ad024fe)

    BREAKING CHANGES

    • Updates multiple endpoints to use owner + repo in place of repository_id
  • 12.6.0 - 2024-02-22

    12.6.0 (2024-02-22)

    Features

  • 12.5.0 - 2024-02-15

    12.5.0 (2024-02-15)

    Features

  • 12.4.0 - 2023-12-04

    12.4.0 (2023-12-04)

    Features

    • permissions.organization_custom_properties (#598) (ff98468)
  • 12.3.0 - 2023-11-12
  • 12.2.0 - 2023-11-07
  • 12.1.1 - 2023-10-25
  • 12.1.0 - 2023-10-24
  • 12.0.1 - 2023-10-24
  • 12.0.0 - 2023-09-23
  • 11.1.0 - 2023-07-10
  • 11.0.0 - 2023-07-07
  • 10.1.0-beta.1 - 2023-06-30
  • 10.0.0 - 2023-06-13
  • 10.0.0-beta.2 - 2023-06-12
  • 10.0.0-beta.1 - 2023-05-26
  • 9.3.2 - 2023-06-13
  • 9.3.1 - 2023-06-10
  • 9.3.0 - 2023-06-09
  • 9.3.0-beta.1 - 2023-05-25
  • 9.2.3 - 2023-05-19
  • 9.2.2 - 2023-05-11
  • 9.2.1 - 2023-05-05
  • 9.2.0 - 2023-04-28
  • 9.1.4 - 2023-04-27
  • 9.1.3 - 2023-04-27
  • 9.1.2 - 2023-04-21
  • 9.1.1 - 2023-04-20
  • 9.1.0 - 2023-04-19
  • 9.0.0 - 2023-01-20
  • 8.2.1 - 2023-01-20
  • 8.2.0 - 2023-01-20
  • 8.1.1 - 2023-01-13
  • 8.1.0 - 2023-01-11
from @octokit/types GitHub release notes
Package name: jsonwebtoken
  • 9.0.2 - 2023-08-30

    Release 9.0.2 (#935)

  • 9.0.1 - 2023-07-05

    Updating package version to 9.0.1 (#920)

  • 9.0.0 - 2022-12-21
    • Check if node version supports asymmetricKeyDetails

    • Validate algorithms for ec key type

    • Rename variable

    • Rename function

    • Add early return for symmetric keys

    • Validate algorithm for RSA key type

    • Validate algorithm for RSA-PSS key type

    • Check key types for EdDSA algorithm

    • Rename function

    • Move validateKey function to module

    • Convert arrow to function notation

    • Validate key in verify function

    • Simplify if

    • Convert if to switch..case

    • Guard against empty key in validation

    • Remove empty line

    • Add lib to check modulus length

    • Add modulus length checks

    • Validate mgf1HashAlgorithm and saltLength

    • Check node version before using key details API

    • Use built-in modulus length getter

    • Fix Node version validations

    • Remove duplicate validateKey

    • Add periods to error messages

    • Fix validation in verify function

    • Make asymmetric key validation the latest validation step

    • Change key curve validation

    • Remove support for ES256K

    • Fix old test that was using wrong key types to sign tokens

    • Enable RSA-PSS for old Node versions

    • Add specific RSA-PSS validations on Node 16 LTS+

    • Improve error message

    • Simplify key validation code

    • Fix typo

    • Improve error message

    • Change var to const in test

    • Change const to let to avoid reassigning problem

    • Improve error message

    • Test incorrect private key type

    • Rename invalid to unsupported

    • Test verifying of jwt token with unsupported key

    • Test invalid private key type

    • Change order of object parameters

    • Move validation test to separate file

    • Move all validation tests to separate file

    • Add prime256v1 ec key

    • Remove modulus length check

    • WIP: Add EC key validation tests

    • Fix node version checks

    • Fix error message check on test

    • Add successful tests for EC curve check

    • Remove only from describe

    • Remove only

    • Remove duplicate block of code

    • Move variable to a different scope and make it const

    • Convert allowed curves to object for faster lookup

    • Rename variable

    • Change variable assignment order

    • Remove unused object properties

    • Test RSA-PSS happy path and wrong length

    • Add missing tests

    • Pass validation if no algorithm has been provided

    • Test validation of invalid salt length

    • Test error when signing token with invalid key

    • Change var to const/let in verify tests

    • Test verifying token with invalid key

    • Improve test error messages

    • Add parameter to skip private key validation

    • Replace DSA key with a 4096 bit long key

    • Test allowInvalidPrivateKeys in key signing

    • Improve test message

    • Rename variable

    • Add key validation flag tests

    • Fix variable name in Readme

    • Change private to public dsa key in verify

    • Rename flag

    • Run EC validation tests conditionally

    • Fix tests in old node versions

    • Ignore block of code from test coverage

    • Separate EC validations tests into two different ones

    • Add comment

    • Wrap switch in if instead of having an early return

    • Remove unsupported algorithms from asymmetric key validation

    • Rename option to allowInvalidAsymmetricKeyTypes and improve Readme

    • 9.0.0

    • adding migration notes to readme

    • adding changelog for version 9.0.0

    Co-authored-by: julienwoll julien.wollscheid@auth0.com

from jsonwebtoken GitHub release notes
Package name: lru-cache
  • 11.0.0 - 2024-07-08

    11.0.0

  • 10.4.3 - 2024-07-09
  • 10.4.2 - 2024-07-09
  • 10.4.1 - 2024-07-08

    10.4.1

  • 10.4.0 - 2024-07-08

    10.4.0

  • 10.3.1 - 2024-07-06

    10.3.1

  • 10.3.0 - 2024-06-28

    10.3.0

  • 10.2.2 - 2024-04-28

    10.2.2

  • 10.2.1 - 2024-04-25

    10.2.1

  • 10.2.0 - 2024-01-25

    10.2.0

  • 10.1.0 - 2023-11-22

    10.1.0

  • 10.0.3 - 2023-11-19

    10.0.3

  • 10.0.2 - 2023-11-10
  • 10.0.1 - 2023-08-10
  • 10.0.0 - 2023-06-15
  • 9.1.2 - 2023-06-01
  • 9.1.1 - 2023-04-23
  • 9.1.0 - 2023-04-18
  • 9.0.3 - 2023-04-14
  • 9.0.2 - 2023-04-13
  • 9.0.1 - 2023-04-10
  • 9.0.0 - 2023-04-09
  • 8.0.5 - 2023-04-05
  • 8.0.4 - 2023-03-17
  • 8.0.3 - 2023-03-15
  • 8.0.2 - 2023-03-15
  • 8.0.1 - 2023-03-15
  • 8.0.0 - 2023-03-12
  • 7.18.3 - 2023-03-05
  • 7.18.2 - 2023-03-05
  • 7.18.1 - 2023-03-01
  • 7.18.0 - 2023-03-01
  • 7.17.2 - 2023-03-01
  • 7.17.1 - 2023-03-01
  • 7.17.0 - 2023-02-22
  • 7.16.2 - 2023-02-21
  • 7.16.1 - 2023-02-17
  • 7.16.0 - 2023-02-16
  • 7.15.0 - 2023-02-16
  • 7.14.1 - 2022-11-02
from lru-cache GitHub release notes
Package name: probot
  • 13.3.7 - 2024-08-06

    13.3.7 (2024-08-06)

    Bug Fixes

  • 13.3.6 - 2024-07-15

    13.3.6 (2024-07-15)

    Bug Fixes

    • deps): Revert "fix(deps: update dependency lru-cache to v11" (#2056) (60ff5b6), closes #2049
  • 13.3.5 - 2024-07-13

    13.3.5 (2024-07-13)

    Bug Fixes

  • 13.3.4 - 2024-07-13

    13.3.4 (2024-07-13)

    Bug Fixes

    • ci: Use organization-wide PROBOTBOT_NPM_TOKEN (#2054) (cc86a53)
  • 13.3.0 - 2024-06-03

    13.3.0 (2024-06-03)

    Features

    • set x-github-delivery header to event.id for all requests sent from context.octokit in event handlers (#2027) (12944d5)
  • 13.2.2 - 2024-05-07

    13.2.2 (2024-05-07)

    Bug Fixes

    • deps: update dependencies pino to v9, pino-http to v10 (#2007) (ef7b9df)
  • 13.2.1 - 2024-05-01
  • 13.2.0 - 2024-04-03
  • 13.1.2 - 2024-03-26
  • 13.1.1 - 2024-03-26
  • 13.1.0 - 2024-03-12
  • 13.0.2 - 2024-02-03
  • 13.0.1 - 2024-01-26
  • 13.0.0 - 2024-01-25
  • 13.0.0-beta.17 - 2024-01-18
  • 13.0.0-beta.16 - 2023-12-04
  • 13.0.0-beta.15 - 2023-12-04
  • 13.0.0-beta.14 - 2023-11-25
  • 13.0.0-beta.13 - 2023-11-25
  • 13.0.0-beta.12 - 2023-11-22
  • 13.0.0-beta.11 - 2023-11-18
  • 13.0.0-beta.10 - 2023-11-16
  • 13.0.0-beta.9 - 2023-11-16
  • 13.0.0-beta.8 - 2023-11-14
  • 13.0.0-beta.7 - 2023-11-14
  • 13.0.0-beta.6 - 2023-11-13
  • 13.0.0-beta.5 - 2023-11-12
  • 13.0.0-beta.4 - 2023-11-12
  • 13.0.0-beta.3 - 2023-11-12
  • 13.0.0-beta.2 - 2023-10-29
  • 13.0.0-beta.1 - 2023-10-29
  • 12.4.0 - 2024-06-03

    12.4.0 (2024-06-03)

    Features

    • set x-github-delivery header to event.id for all requests sent from context.octokit in event handlers (#2026) (f1985e5)
  • 12.3.4 - 2024-05-01
  • 12.3.3 - 2023-11-15
  • 12.3.2 - 2023-11-14
  • 12.3.1 - 2023-06-14
  • 12.3.0 - 2023-01-16
  • 12.2.9 - 2023-01-10
from probot GitHub release notes
Package name: gcf-utils
  • 15.0.1 - 2023-09-26

    15.0.1 (2023-09-26)

    Bug Fixes

    • getAuthenticatedOctokit is a standalone method (#5235) (0f95e5a)
  • 15.0.0 - 2023-09-15
  • 14.4.6 - 2023-01-12
from gcf-utils GitHub release notes
Package name: @google-automations/bot-config-utils
  • 7.0.0 - 2023-09-18
  • 6.1.3 - 2023-01-10
from @google-automations/bot-config-utils GitHub release notes
Package name: @google-automations/datastore-lock
  • 5.0.0 - 2023-09-18
  • 4.1.0 - 2023-05-17
from @google-automations/datastore-lock GitHub release notes
Package name: @google-automations/label-utils
  • 4.0.0 - 2023-09-18

    4.0.0 (2024-09-06)

    ⚠ BREAKING CHANGES

    • deps: update gcf-utils to v16 (#5464)

    Bug Fixes

  • 3.0.2 - 2023-01-10
from @google-automations/label-utils GitHub release notes
Package name: @types/mocha
  • 10.0.7 - 2024-06-22
  • 10.0.6 - 2023-11-22
  • 10.0.5 - 2023-11-21
  • 10.0.4 - 2023-11-07
  • 10.0.3 - 2023-10-18
  • 10.0.2 - 2023-09-27
  • 10.0.1 - 2022-11-28
from @types/mocha GitHub release notes
Package name: @types/sinon
  • 17.0.3 - 2024-01-10
  • 17.0.2 - 2023-11-21
  • 17.0.1 - 2023-11-07
  • 17.0.0 - 2023-11-03
  • 10.0.20 - 2023-10-18
  • 10.0.19 - 2023-10-06
  • 10.0.18 - 2023-10-02
  • 10.0.17 - 2023-09-25
  • 10.0.16 - 2023-08-01
  • 10.0.15 - 2023-05-14
  • 10.0.14 - 2023-04-17
  • 10.0.13 - 2022-07-20
from @types/sinon GitHub release notes
Package name: c8

Snyk has created this PR to upgrade:
  - @types/node from 18.11.18 to 22.5.1.
    See this package in npm: https://www.npmjs.com/package/@types/node
  - @octokit/openapi-types from 14.0.0 to 22.2.0.
    See this package in npm: https://www.npmjs.com/package/@octokit/openapi-types
  - @octokit/types from 8.1.0 to 13.5.0.
    See this package in npm: https://www.npmjs.com/package/@octokit/types
  - jsonwebtoken from 9.0.0 to 9.0.2.
    See this package in npm: https://www.npmjs.com/package/jsonwebtoken
  - lru-cache from 7.14.1 to 11.0.0.
    See this package in npm: https://www.npmjs.com/package/lru-cache
  - probot from 12.2.9 to 13.3.7.
    See this package in npm: https://www.npmjs.com/package/probot
  - gcf-utils from 14.4.6 to 15.0.1.
    See this package in npm: https://www.npmjs.com/package/gcf-utils
  - @google-automations/bot-config-utils from 6.1.3 to 7.0.0.
    See this package in npm: https://www.npmjs.com/package/@google-automations/bot-config-utils
  - @google-automations/datastore-lock from 4.1.0 to 5.0.0.
    See this package in npm: https://www.npmjs.com/package/@google-automations/datastore-lock
  - @google-automations/label-utils from 3.0.2 to 4.0.0.
    See this package in npm: https://www.npmjs.com/package/@google-automations/label-utils
  - @types/mocha from 10.0.1 to 10.0.7.
    See this package in npm: https://www.npmjs.com/package/@types/mocha
  - @types/sinon from 10.0.13 to 17.0.3.
    See this package in npm: https://www.npmjs.com/package/@types/sinon
  - c8 from 7.14.0 to 10.1.2.
    See this package in npm: https://www.npmjs.com/package/c8
  - gts from 4.0.1 to 5.3.1.
    See this package in npm: https://www.npmjs.com/package/gts
  - mocha from 10.2.0 to 10.7.3.
    See this package in npm: https://www.npmjs.com/package/mocha
  - nock from 13.3.0 to 13.5.5.
    See this package in npm: https://www.npmjs.com/package/nock
  - sinon from 15.0.1 to 18.0.0.
    See this package in npm: https://www.npmjs.com/package/sinon
  - typescript from 4.9.4 to 5.5.4.
    See this package in npm: https://www.npmjs.com/package/typescript

See this project in Snyk:
https://app.snyk.io/org/cachiman/project/c6e152d6-26c1-49cf-836e-7d8a788303fa?utm_source=github&utm_medium=referral&page=upgrade-pr
Copy link

google-cla bot commented Sep 22, 2024

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Type Parameter Issues for Context
2 participants