Skip to content
This repository has been archived by the owner on Oct 5, 2021. It is now read-only.

[Snyk] Fix for 2 vulnerabilities #49

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
high severity SQL Injection
SNYK-JS-KNEX-471962
Yes No Known Exploit
high severity Prototype Pollution
SNYK-JS-SETVALUE-450213
Yes Proof of Concept
Commit messages
Package name: @adonisjs/ace The new version differs by 26 commits.
  • 32d7b9a chore(release): 6.0.0
  • 35dbfb6 chore: update dependencies
  • cd5ed19 chore(package): going back to original version
  • a0084fa refactor: export manifest
  • 70f701d feat(utils): add utility for handling errors
  • 20da1f1 feat: kernel now entertains manifest as a first class citizen
  • 786e1f1 refactor: move help command to kernel itself
  • dae9a53 feat: add support for manifest file
  • ebf98b4 feat: add method to run commands directly
  • cc0c8c2 feat: add support for spread args
  • 3ecf6c5 feat: add decorators and docs
  • efd5586 refactor: get rid of lerna and monorepo
  • 009a037 feat(kernel): add support for command suggestions
  • 83877b5 refactor(kernel): ensure optional args comes at the end
  • 35571b8 feat(help): add utility to create help screens
  • 2223f24 refactor(kernel): make commands and flags public
  • e6450b4 refactor: move argv parsing to a dedicated parser
  • bf0eab5 feat: add functions to print commands help
  • c93610a style: update docblock
  • b445264 feat: add support for description in command, args and flags
  • 07f662f feat(ace): add command sorting and grouping helper
  • 81877de chore(tsconfig): add support for decorators
  • 4209e63 feat(ace): add command parser kernel
  • bf5037c chore(package): add pre commit hook

See the full diff

Package name: @adonisjs/lucid The new version differs by 164 commits.
  • f66aa54 chore(release): 7.2.1
  • aa3b50b fix(migrator): use the correct batch number when no batch is defined during rollback
  • 84b7447 refactor: improve visual outlook of `migration:status` command
  • 0b9e0b0 fix(MigrationSource): use appRoot for reading migrations
  • e016fdc fix: register correct paths to ace commands
  • 6dda0ef chore(release): 7.2.1-0
  • cbad436 chore: publish commands
  • 3a8f236 chore(release): 7.2.0-0
  • 51be91a refactor: accept custom return types for model and relation query builders
  • f02df80 fix(types): QueryBuilder.with accepts sub query builder instances as well
  • 24634ae fix(adapter): use adapter key when consuming insert returning results
  • 5e25aa7 chore: remove linter await promise rule
  • 8cefeba chore: update dependencies
  • f5e7fbd chore: setup providers and commands instructions inside package file
  • 471b44d feat: add status command
  • 8d1c946 feat: add rollback command
  • 1cb0491 feat: add migrate command
  • b3af184 refactor(Migrator): Include a complete trace of migrated files and their respective status
  • 0bfd8e0 feat: add make migration command
  • d865453 chore: update dependencies
  • 34eba39 refactor: add option to close all db connections from the migrator
  • 6349508 fix: handle esm exports when requiring migrations
  • 2751527 test: fixing tests helpers to make tests pass
  • 3334888 refactor: remove primaryAdapterKey in favor of using $refs for looking up cast keys

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant