[Snyk] Upgrade: , , babel-jest, jose, , , , , body-parser, digest-fetch, dotenv, express, express-session, fs, got, nodemon, openid-client, passport, passport-jwt, sqlite3, swagger-ui-express, winston #56
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade multiple dependencies.
👯♂ The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
@babel/core
from 7.14.3 to 7.25.2 | 78 versions ahead of your current version | 2 months ago
on 2024-07-30
@babel/preset-env
from 7.14.4 to 7.25.4 | 65 versions ahead of your current version | a month ago
on 2024-08-22
babel-jest
from 27.0.2 to 27.5.1 | 20 versions ahead of your current version | 3 years ago
on 2022-02-08
jose
from 3.11.6 to 3.20.4 | 26 versions ahead of your current version | 2 years ago
on 2022-09-01
@types/body-parser
from 1.19.1 to 1.19.5 | 4 versions ahead of your current version | 10 months ago
on 2023-11-06
@types/isomorphic-fetch
from 0.0.35 to 0.0.39 | 4 versions ahead of your current version | 10 months ago
on 2023-11-07
@types/node-jose
from 1.1.6 to 1.1.13 | 7 versions ahead of your current version | 10 months ago
on 2023-11-07
@types/sqlite3
from 3.1.7 to 3.1.11 | 4 versions ahead of your current version | 10 months ago
on 2023-11-07
body-parser
from 1.19.0 to 1.20.2 | 5 versions ahead of your current version | 2 years ago
on 2023-02-22
digest-fetch
from 1.2.1 to 1.3.0 | 1 version ahead of your current version | 2 years ago
on 2022-08-15
dotenv
from 8.2.0 to 8.6.0 | 5 versions ahead of your current version | 3 years ago
on 2021-05-05
express
from 4.17.1 to 4.19.2 | 9 versions ahead of your current version | 6 months ago
on 2024-03-25
express-session
from 1.17.1 to 1.18.0 | 3 versions ahead of your current version | 8 months ago
on 2024-01-28
fs
from 0.0.1-security to 0.0.2 | 1 version ahead of your current version | 10 years ago
on 2014-09-12
got
from 11.8.2 to 11.8.6 | 3 versions ahead of your current version | 2 years ago
on 2022-12-08
nodemon
from 2.0.7 to 2.0.22 | 25 versions ahead of your current version | a year ago
on 2023-03-22
openid-client
from 4.4.0 to 4.9.1 | 15 versions ahead of your current version | 3 years ago
on 2021-10-13
passport
from 0.4.1 to 0.7.0 | 6 versions ahead of your current version | 10 months ago
on 2023-11-27
passport-jwt
from 4.0.0 to 4.0.1 | 1 version ahead of your current version | 2 years ago
on 2022-12-24
sqlite3
from 5.0.2 to 5.1.7 | 18 versions ahead of your current version | 8 months ago
on 2024-01-05
swagger-ui-express
from 4.1.6 to 4.6.3 | 8 versions ahead of your current version | a year ago
on 2023-05-05
winston
from 3.3.3 to 3.14.2 | 20 versions ahead of your current version | a month ago
on 2024-08-14
Issues fixed by the recommended upgrade:
SNYK-JS-JSONSCHEMA-1920922
SNYK-JS-ANSIREGEX-1583908
SNYK-JS-ANSIREGEX-1583908
SNYK-JS-ANSIREGEX-1583908
SNYK-JS-ANSIREGEX-1583908
SNYK-JS-TAR-1536528
SNYK-JS-TAR-1536531
SNYK-JS-TAR-1579147
SNYK-JS-TAR-1579152
SNYK-JS-TAR-1579155
SNYK-JS-TAR-1536528
SNYK-JS-ASYNC-2441827
SNYK-JS-SQLITE3-2388645
SNYK-JS-SQLITE3-3358947
SNYK-JS-TAR-1536531
SNYK-JS-TAR-1579147
SNYK-JS-TAR-1579152
SNYK-JS-TAR-1579155
SNYK-JS-NORMALIZEURL-1296539
SNYK-JS-QS-3153490
SNYK-JS-QS-3153490
SNYK-JS-SWAGGERUIEXPRESS-6815423
SNYK-JS-EXPRESS-6474509
SNYK-JS-GLOBPARENT-1016905
SNYK-JS-GOT-2932019
SNYK-JS-JSON5-3182856
SNYK-JS-SWAGGERUIEXPRESS-6815424
SNYK-JS-TAR-6476909
SNYK-JS-GOT-2932019
SNYK-JS-SWAGGERUIDIST-6056393
SNYK-JS-TAR-6476909
SNYK-JS-TOUGHCOOKIE-5672873
SNYK-JS-MINIMATCH-3050818
SNYK-JS-PASSPORT-2840631
SNYK-JS-REQUEST-3361831
SNYK-JS-TAR-1536758
SNYK-JS-BABELTRAVERSE-5962462
SNYK-JS-SWAGGERUIDIST-2314884
SNYK-JS-TAR-1536758
Release notes
Package name: @babel/core
v7.25.2 (2024-07-30)
🐛 Bug Fix
babel-core
,babel-traverse
requeueComputedKeyAndDecorators
is available (@ nicolo-ribaudo)Committers: 2
v7.24.9 (2024-07-15)
🐛 Bug Fix
babel-core
,babel-standalone
require()
call in@ babel/standalone
bundle (@ nicolo-ribaudo)babel-types
💅 Polish
babel-generator
,babel-plugin-transform-optional-chaining
as
/satisfies
(@ nicolo-ribaudo)🏠 Internal
babel-helper-module-transforms
Committers: 5
Package name: @babel/preset-env
v7.25.4 (2024-08-22)
🐛 Bug Fix
babel-traverse
babel-helper-create-class-features-plugin
,babel-plugin-proposal-decorators
babel-types
babel-generator
export namespace as A
(@ nicolo-ribaudo)💅 Polish
babel-generator
,babel-plugin-proposal-decorators
,babel-plugin-proposal-destructuring-private
,babel-plugin-proposal-pipeline-operator
,babel-plugin-transform-class-properties
,babel-plugin-transform-destructuring
,babel-plugin-transform-optional-chaining
,babel-plugin-transform-private-methods
,babel-plugin-transform-private-property-in-object
,babel-plugin-transform-typescript
,babel-runtime-corejs2
,babel-runtime
,babel-traverse
babel-generator
,babel-plugin-transform-class-properties
babel-generator
,babel-plugin-proposal-decorators
,babel-plugin-proposal-destructuring-private
,babel-plugin-transform-object-rest-spread
🔬 Output optimization
babel-generator
Committers: 4
v7.25.3 (2024-07-31)
🐛 Bug Fix
babel-plugin-bugfix-firefox-class-in-computed-class-key
,babel-traverse
traverse.visitors.merge
(@ nicolo-ribaudo)🏠 Internal
babel-parser
@ babel/types
as a dependency of@ babel/parser
(@ nicolo-ribaudo)Committers: 2
v7.25.2 (2024-07-30)
🐛 Bug Fix
babel-core
,babel-traverse
requeueComputedKeyAndDecorators
is available (@ nicolo-ribaudo)Committers: 2
v7.25.0 (2024-07-26)
Thanks @ davidtaylorhq and @ slatereax for your first PR!
You can find the release blog post with some highlights at https://babeljs.io/blog/2024/07/26/7.25.0.
👓 Spec Compliance
babel-helpers
,babel-plugin-proposal-explicit-resource-management
,babel-runtime-corejs3
await using
normative updates (@ JLHwung)babel-plugin-transform-typescript
🚀 New Feature
babel-helper-create-class-features-plugin
,babel-helper-function-name
,babel-helper-plugin-utils
,babel-helper-wrap-function
,babel-plugin-bugfix-safari-class-field-initializer-scope
,babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression
,babel-plugin-transform-classes
,babel-plugin-transform-function-name
,babel-preset-env
,babel-traverse
,babel-types
ensureFunctionName
toNodePath.prototype
(@ nicolo-ribaudo)babel-helper-hoist-variables
,babel-helper-plugin-utils
,babel-plugin-proposal-async-do-expressions
,babel-plugin-transform-modules-systemjs
,babel-traverse
hoistVariables
toScope.prototype
(@ nicolo-ribaudo)babel-helper-create-class-features-plugin
,babel-helper-module-transforms
,babel-helper-plugin-utils
,babel-helper-split-export-declaration
,babel-plugin-transform-classes
,babel-traverse
,babel-types
splitExportDeclaration
toNodePath.prototype
(@ nicolo-ribaudo)babel-helper-create-class-features-plugin
,babel-helper-environment-visitor
,babel-helper-module-transforms
,babel-helper-plugin-utils
,babel-helper-remap-async-to-generator
,babel-helper-replace-supers
,babel-plugin-bugfix-firefox-class-in-computed-class-key
,babel-plugin-bugfix-v8-static-class-fields-redefine-readonly
,babel-plugin-transform-async-generator-functions
,babel-plugin-transform-classes
,babel-traverse
environment-visitor
helper into@ babel/traverse
(@ nicolo-ribaudo)babel-core
,babel-parser
.extra.async
(@ nicolo-ribaudo)babel-compat-data
,babel-plugin-bugfix-safari-class-field-initializer-scope
,babel-preset-env
bugfix-safari-class-field-initializer-scope
(@ davidtaylorhq)babel-plugin-transform-block-scoping
,babel-traverse
,babel-types
NodePath#getAssignmentIdentifiers
(@ JLHwung)babel-helper-import-to-platform-api
,babel-plugin-proposal-json-modules
uncheckedRequire
option for JSON imports to CJS (@ nicolo-ribaudo)babel-helper-transform-fixture-test-runner
,babel-node
babel-node --eval
(@ slatereax)babel-compat-data
,babel-helper-create-regexp-features-plugin
,babel-plugin-proposal-duplicate-named-capturing-groups-regex
,babel-plugin-transform-duplicate-named-capturing-groups-regex
,babel-preset-env
,babel-standalone
duplicate-named-capturing-groups-regex
topreset-env
(@ JLHwung)🐛 Bug Fix
babel-generator
babel-template
,babel-types
🏠 Internal
babel-generator
(
before ambiguous tokens (@ nicolo-ribaudo)babel-helper-function-name
,babel-plugin-transform-arrow-functions
,babel-plugin-transform-function-name
,babel-preset-env
,babel-traverse
helper-function-name
logic (@ nicolo-ribaudo)🏃♀️ Performance
babel-parser
,babel-plugin-proposal-pipeline-operator
🔬 Output optimization
babel-plugin-transform-classes
assertThisInitialized
(@ liuxingbaoyu)babel-helper-create-class-features-plugin
,babel-helper-replace-supers
,babel-helpers
,babel-plugin-proposal-decorators
,babel-plugin-transform-class-properties
,babel-plugin-transform-classes
,babel-plugin-transform-exponentiation-operator
,babel-plugin-transform-object-super
,babel-plugin-transform-private-methods
,babel-runtime-corejs2
,babel-runtime-corejs3
,babel-runtime
super.x
output (@ liuxingbaoyu)babel-plugin-transform-class-properties
,babel-plugin-transform-classes
Committers: 6
Package name: babel-jest
Features
[jest-config]
Support comments in JSON config file (#12316)[pretty-format]
ExposeConvertAnsi
plugin (#12308)Fixes
[expect]
Add type definitions for asymmetriccloseTo
matcher (#12304)[jest-cli]
Load binary via exported API (#12315)[jest-config]
Replacejsonlint
withparse-json
(#12316)[jest-repl]
Make module importable (#12311 & #12315)Chore & Maintenance
[*]
Avoid anonymous default exports (#12313)New Contributors
Full Changelog: v27.5.0...v27.5.1
Features
[expect]
Add asymmetric matcherexpect.closeTo
(#12243)[jest-mock]
AddedmockFn.mock.lastCall
to retrieve last argument (#12285)Fixes
[expect]
Add a fix for.toHaveProperty('')
(#12251)[jest-each, @ jest/globals]
Allow passingReadonlyArray
type of a table todescribe.each
andtest.each
(#12297)[@ jest/globals]
Add missingoptions
argument tojest.doMock
typing (#12292)[jest-environment-node]
Addatob
andbtoa
(#12269)[jest-matcher-utils]
Correct diff for expected asymmetric matchers (#12264)[jest-message-util]
Fix.getTopFrame()
(andtoMatchInlineSnapshot()
) withmjs
files (#12277)Chore & Maintenance
[*]
Updategraceful-fs
to^4.2.9
(#11749)Performance
[jest-resolve]
perf: skip error creation on not foundstat
calls (#11749)New Contributors
Full Changelog: v27.4.7...v27.5.0
Fixes
[jest-environment-node]
AddAbortSignal
(#12157)[jest-environment-node]
Add Missing node globalperformance
(#12002)[jest-runtime]
Handle missingmocked
property (#12213)[@ jest/transform]
Update dependency packagepirates
to 4.0.4 (#12002)Performance
jest-config
perf: only register ts-node once when loading TS config files (#12160)New Contributors
Full Changelog: v27.4.5...v27.4.6
Fixes
[jest-worker]
Stop explicitly passingprocess.env
(#12141)New Contributors
Full Changelog: v27.4.4...v27.4.5
Fixes
[babel-jest]
Addprocess.version
chunk to the cache key (#12122)[jest-environment]
Addmocked
tojest
object (#12133)[jest-worker]
Stop explicitly passingexecArgv
(#12128)Chore & Maintenance
[website]
Fix the card front that looks overlapping part of the card backNew Contributors
Full Changelog: