Skip to content
This repository has been archived by the owner on Jul 15, 2021. It is now read-only.

[Snyk] Upgrade snyk from 1.380.0 to 1.436.0 #396

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade snyk from 1.380.0 to 1.436.0 #396

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

@snyk-bot snyk-bot commented Jan 1, 2021

Snyk has created this PR to upgrade snyk from 1.380.0 to 1.436.0.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 110 versions ahead of your current version.
  • The recommended version was released 22 days ago, on 2020-12-10.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-Y18N-1021887		 686/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-INI-1048974		 686/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: snyk
  • 1.436.0 - 2020-12-10

    1.436.0 (2020-12-10)

    Features

    • bump gradle plugin to support non root gradlew for reachable vulns (fa80a71)
  • 1.435.1 - 2020-12-10

    1.435.1 (2020-12-10)

    Bug Fixes

    • Group issues should also group names (4ddf826)
  • 1.435.0 - 2020-12-10

    1.435.0 (2020-12-10)

    Features

    • analytics- enable getting a command version (8097297)
  • 1.434.4 - 2020-12-09

    1.434.4 (2020-12-09)

    Bug Fixes

    • add graph conversion while pruning duration analytics (0894113)
  • 1.434.3 - 2020-12-08

    1.434.3 (2020-12-08)

    Bug Fixes

    • show users 404 when a non existing package is scanned (9b26e2b)
  • 1.434.2 - 2020-12-04

    1.434.2 (2020-12-04)

    Bug Fixes

    • show spinner scanning ecosystem (42be990)
  • 1.434.1 - 2020-12-04

    1.434.1 (2020-12-04)

    Bug Fixes

    • Include all sarif results under a single run (4e3a699)
  • 1.434.0 - 2020-12-03

    1.434.0 (2020-12-03)

    Features

    • improve class path discovery for maven projects (91a60ab)
  • 1.433.0 - 2020-12-01

    1.433.0 (2020-12-01)

    Features

    • maven support aar unmanaged files (93ef66a)
  • 1.432.1 - 2020-12-01

    1.432.1 (2020-12-01)

    Bug Fixes

    • Error output for mismatched options (d79edf6)
  • 1.432.0 - 2020-12-01
  • 1.431.4 - 2020-11-30
  • 1.431.3 - 2020-11-30
  • 1.431.2 - 2020-11-27
  • 1.431.1 - 2020-11-24
  • 1.431.0 - 2020-11-24
  • 1.430.2 - 2020-11-23
  • 1.430.1 - 2020-11-23
  • 1.430.0 - 2020-11-20
  • 1.429.0 - 2020-11-20
  • 1.428.2 - 2020-11-19
  • 1.428.1 - 2020-11-19
  • 1.428.0 - 2020-11-18
  • 1.427.2 - 2020-11-17
  • 1.427.1 - 2020-11-17
  • 1.427.0 - 2020-11-15
  • 1.426.0 - 2020-11-13
  • 1.425.4 - 2020-11-13
  • 1.425.3 - 2020-11-11
  • 1.425.2 - 2020-11-10
  • 1.425.1 - 2020-11-09
  • 1.425.0 - 2020-11-09
  • 1.424.4 - 2020-11-05
  • 1.424.3 - 2020-11-05
  • 1.424.2 - 2020-11-04
  • 1.424.1 - 2020-11-04
  • 1.424.0 - 2020-11-03
  • 1.423.0 - 2020-11-03
  • 1.422.1 - 2020-11-03
  • 1.422.0 - 2020-11-02
  • 1.421.1 - 2020-10-29
  • 1.421.0 - 2020-10-28
  • 1.420.2 - 2020-10-28
  • 1.420.1 - 2020-10-25
  • 1.420.0 - 2020-10-23
  • 1.419.1 - 2020-10-21
  • 1.419.0 - 2020-10-20
  • 1.418.0 - 2020-10-20
  • 1.417.0 - 2020-10-20
  • 1.416.0 - 2020-10-19
  • 1.415.0 - 2020-10-18
  • 1.414.1 - 2020-10-16
  • 1.414.0 - 2020-10-15
  • 1.413.5 - 2020-10-15
  • 1.413.4 - 2020-10-15
  • 1.413.3 - 2020-10-13
  • 1.413.2 - 2020-10-09
  • 1.413.1 - 2020-10-09
  • 1.413.0 - 2020-10-09
  • 1.412.0 - 2020-10-09
  • 1.411.0 - 2020-10-09
  • 1.410.4 - 2020-10-08
  • 1.410.3 - 2020-10-07
  • 1.410.2 - 2020-10-06
  • 1.410.1 - 2020-10-06
  • 1.410.0 - 2020-10-06
  • 1.409.1 - 2020-10-05
  • 1.409.0 - 2020-10-05
  • 1.408.0 - 2020-10-05
  • 1.407.0 - 2020-10-05
  • 1.406.0 - 2020-10-01
  • 1.405.1 - 2020-09-30
  • 1.405.0 - 2020-09-30
  • 1.404.0 - 2020-09-29
  • 1.403.0 - 2020-09-29
  • 1.402.0 - 2020-09-28
  • 1.401.0 - 2020-09-25
  • 1.400.0 - 2020-09-24
  • 1.399.1 - 2020-09-22
  • 1.399.0 - 2020-09-21
  • 1.398.1 - 2020-09-16
  • 1.398.0 - 2020-09-15
  • 1.397.1 - 2020-09-15
  • 1.397.0 - 2020-09-15
  • 1.396.0 - 2020-09-15
  • 1.395.0 - 2020-09-14
  • 1.394.0 - 2020-09-14
  • 1.393.1 - 2020-09-14
  • 1.393.0 - 2020-09-10
  • 1.392.1 - 2020-09-08
  • 1.392.0 - 2020-09-08
  • 1.391.1 - 2020-09-07
  • 1.391.0 - 2020-09-07
  • 1.390.0 - 2020-09-07
  • 1.389.0 - 2020-09-04
  • 1.388.0 - 2020-09-02
  • 1.387.1 - 2020-09-01
  • 1.387.0 - 2020-09-01
  • 1.386.0 - 2020-08-28
  • 1.385.2 - 2020-08-28
  • 1.385.1 - 2020-08-28
  • 1.385.0 - 2020-08-26
  • 1.384.0 - 2020-08-25
  • 1.383.1 - 2020-08-25
  • 1.383.0 - 2020-08-25
  • 1.382.1 - 2020-08-25
  • 1.382.0 - 2020-08-24
  • 1.381.2 - 2020-08-23
  • 1.381.1 - 2020-08-20
  • 1.381.0 - 2020-08-20
  • 1.380.0 - 2020-08-19
from snyk GitHub release notes
Commit messages
Package name: snyk
  • cc73cc6 Merge pull request #1562 from snyk/feat/bump-gradle-plugin
  • fa80a71 feat: bump gradle plugin to support non root gradlew for reachable vulns
  • 6a6b7a8 Merge pull request #1554 from snyk/fix/group-vulns-name
  • 3a2b412 Merge pull request #1552 from snyk/feat/get-command-version
  • 00a8ad0 test: fix analytics test, add analytics jest tests
  • 420c95d Merge pull request #1544 from snyk/fix/add-prune-duration
  • 4b7ab8a Merge pull request #1557 from snyk/fix/indicative-message-for-missing-packages
  • 9b26e2b fix: show users 404 when a non existing package is scanned
  • 4ddf826 fix: Group issues should also group names
  • 47eaff9 Merge pull request #1556 from snyk/feat/maven-unmanaged-aar-files
  • 9d83013 chore: help text for unmanaged aar files
  • 4a656f9 Merge pull request #1555 from snyk/fix/show-spinner-scaning-ecosystem
  • 42be990 fix: show spinner scanning ecosystem
  • 0ae410d Merge pull request #1550 from snyk/fix/iac-sarif-output-CC-525
  • 942b83c test: add tests to analytics npm version capture
  • 0b5c486 Merge pull request #1553 from snyk/feat/improve-class-path-discovery
  • 8097297 feat: analytics- enable getting a command version
  • 91a60ab feat: improve class path discovery for maven projects
  • 7606a5b Merge pull request #1551 from snyk/feat/maven-unmanaged-aar-files
  • 534fcdf Merge pull request #1540 from snyk/fix/sarif-json-error-CC-401
  • 93ef66a feat: maven support aar unmanaged files
  • 477aaef chore: Update IaC sarif tests to cover path
  • 669cb21 Merge pull request #1543 from snyk/feat/json-group-vulns
  • 4e3a699 fix: Include all sarif results under a single run

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@snyk-bot