Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Fix for 1 vulnerabilities #69

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

PDSSnyk
Copy link
Owner

@PDSSnyk PDSSnyk commented May 26, 2024

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • package.json
  • package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-MINIMATCH-3050818
  479  
Release notes
Package name: glob from glob GitHub release notes
Package name: grunt from grunt GitHub release notes
Package name: grunt-contrib-compress
  • 2.0.0 - 2020-12-12
    No content.
  • 1.6.0 - 2019-10-21
from grunt-contrib-compress GitHub release notes
Package name: jasmine from jasmine GitHub release notes
Package name: jest
  • 29.0.0 - 2022-08-25

    Blog post: https://jestjs.io/blog/2022/08/25/jest-29

    Features

    • [expect] [BREAKING] Differentiate between MatcherContext MatcherUtils and MatcherState types (#13141)
    • [jest-circus] Add support for test.failing.each (#13142)
    • [jest-config] [BREAKING] Make snapshotFormat default to escapeString: false and printBasicPrototype: false (#13036)
    • [jest-config] [BREAKING] Remove undocumented collectCoverageOnlyFrom option (#13156)
    • [jest-environment-jsdom] [BREAKING] Upgrade to jsdom@20 (#13037, #13058)
    • [@ jest/globals] Add jest.Mocked, jest.MockedClass, jest.MockedFunction and jest.MockedObject utility types (#12727)
    • [jest-mock] [BREAKING] Refactor Mocked* utility types. MaybeMockedDeep and MaybeMocked became Mocked and MockedShallow respectively; only deep mocked variants of MockedClass, MockedFunction and MockedObject are exported (#13123, #13124)
    • [jest-mock] [BREAKING] Change the default jest.mocked helper’s behavior to deep mocked (#13125)
    • [jest-snapshot] [BREAKING] Let babel find config when updating inline snapshots (#13150)
    • [@ jest/test-result, @ jest/types] [BREAKING] Replace Bytes and Milliseconds types with number (#13155)
    • [jest-worker] Adds workerIdleMemoryLimit option which is used as a check for worker memory leaks >= Node 16.11.0 and recycles child workers as required (#13056, #13105, #13106, #13107)
    • [pretty-format] [BREAKING] Remove ConvertAnsi plugin in favour of jest-serializer-ansi-escapes (#13040)
    • [pretty-format] Allow to opt out from sorting object keys with compareKeys: null (#12443)

    Fixes

    • [jest-config] Fix testing multiple projects with TypeScript config files (#13099)
    • [@ jest/expect-utils] Fix deep equality of ImmutableJS Record (#13055)
    • [jest-haste-map] Increase the maximum possible file size that jest-haste-map can handle (#13094)
    • [jest-runtime] Properly support CJS re-exports from dual packages (#13170)
    • [jest-snapshot] Make prettierPath optional in SnapshotState (#13149)
    • [jest-snapshot] Fix parsing error from inline snapshot files with JSX (#12760)
    • [jest-worker] When a process runs out of memory worker exits correctly and doesn't spin indefinitely (#13054)

    Chore & Maintenance

    • [*] [BREAKING] Drop support for Node v12 and v17 (#13033)
    • [docs] Fix webpack name (#13049)
    • [docs] Explicit how to set n for --bail (#13128)
    • [docs] Update Enzyme URL (#13166)
    • [jest-leak-detector] Remove support for weak-napi (#13035)
    • [jest-snapshot] [BREAKING] Require rootDir as argument to SnapshotState (#13150)

    New Contributors

    Full Changelog: v28.1.3...v29.0.0

  • 29.0.0-alpha.6 - 2022-08-19

    What's Changed

    • chore: update @ jridgewell/trace-mapping by @ SimenB in #13119
    • refactor(jest-mock)!: rework Mocked* utility types by @ mrazauskas in #13123
    • fix(jest-mock): export MockedShallow type by @ mrazauskas in #13124
    • feat(@ jest/globals): add jest.Mocked, jest.MockedClass, jest.MockedFunction and jest.MockedObject utility types by @ mrazauskas in #12727
    • refactor(jest-mock)!: change the default jest.mocked helper’s behaviour to deep mocked by @ mrazauskas in #13125
    • chore(types): separate MatcherContext, MatcherUtils and MatcherState by @ SimenB in #13141
    • feat(circus): added each to failing tests by @ kkyusufk in #13142
    • chore: make prettierPath optional in SnapshotState by @ SimenB in #13149
    • feat: Let babel find config when updating inline snapshots by @ SimenB in #13150
    • fix: Allow updating inline snapshots when test includes JSX by @ eps1lon in #12760

    New Contributors

    Full Changelog: v29.0.0-alpha.5...v29.0.0-alpha.6

  • 29.0.0-alpha.5 - 2022-08-11

    What's Changed

    • fix: pipe workerIdleMemoryLimit to globalConfig by @ backmask in #13106
    • fix: worker being killed after being spawned and other worker bugs by @ phawxby in #13107

    New Contributors

    Full Changelog: v29.0.0-alpha.4...v29.0.0-alpha.5

  • 29.0.0-alpha.4 - 2022-08-08

    What's Changed

    New Contributors

    Full Changelog: v29.0.0-alpha.3...v29.0.0-alpha.4

  • 29.0.0-alpha.3 - 2022-08-07

    Features

    • [jest-worker] Adds workerIdleMemoryLimit option which is used as a check for worker memory leaks >= Node 16.11.0 and recycles child workers as required. (#13056)

    Fixes

    • [jest-haste-map] Increase the maximum possible file size that jest-haste-map can handle (#13094)

    New Contributors

    Full Changelog: v29.0.0-alpha.1...v29.0.0-alpha.3

  • 29.0.0-alpha.1 - 2022-08-04

    Features

    • [pretty-format] [BREAKING] Remove ConvertAnsi plugin in favour of jest-serializer-ansi-escapes (#13040)

    Fixes

    • [jest-worker] When a process runs out of memory worker exits correctly and doesn't spin indefinitely (#13054)
    • [@ jest/expect-utils] Fix deep equality of ImmutableJS Record (#13055)

    New Contributors

    Full Changelog: v29.0.0-alpha.0...v29.0.0-alpha.1

  • 29.0.0-alpha.0 - 2022-07-17

    Features

    • [jest-config] [BREAKING] Make snapshotFormat default to escapeString: false and printBasicPrototype: false (#13036)
    • [jest-environment-jsdom] [BREAKING] Upgrade to jsdom@20 (#13037)

    Chore & Maintenance

    • [*] [BREAKING] Drop support for Node v12 and v17 (#13033)
    • [jest-leak-detector] Remove support for weak-napi (#13035)

    Full Changelog: v28.1.3...v29.0.0-alpha.0

  • 28.1.3 - 2022-07-13

    Features

    • [jest-leak-detector] Use native FinalizationRegistry when it exists to get rid of external C dependency (#12973)

    Fixes

    • [jest-changed-files] Fix a lock-up after repeated invocations (#12757)
    • [@ jest/expect-utils] Fix deep equality of ImmutableJS OrderedSets (#12977)
    • [jest-mock] Add index signature support for spyOn types (#13013, #13020)
    • [jest-snapshot] Fix indentation of awaited inline snapshots (#12986)

    Chore & Maintenance

    • [*] Replace internal usage of pretty-format/ConvertAnsi with jest-serializer-ansi-escapes (#12935, #13004)
    • [docs] Update spyOn docs (#13000)

    New Contributors

    Full Changelog: v28.1.2...v28.1.3

  • 28.1.2 - 2022-06-29

    Fixes

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants