[Snyk] Upgrade priam from 4.0.0 to 4.1.0 by snyk-bot · Pull Request #55 · godaddy/datastar

snyk-bot · 2022-07-19T20:19:43Z

Snyk has created this PR to upgrade priam from 4.0.0 to 4.1.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 2 versions ahead of your current version.
The recommended version was released a month ago, on 2022-06-08.

Release notes

Package name: priam

4.1.0 - 2022-06-08
4.0.1 - 2019-12-11
4.0.0 - 2019-12-04
Update min version from 12.0 to 12.3

from priam GitHub release notes

Commit messages

Package name: priam

319e458 4.1.0
c395086 Expose Cassandra clients in connection events (#85)
4add8a0 Purge vulnerabilities from lockfile
93408ab Bump hosted-git-info from 2.7.1 to 2.8.9 (#79)
1df5749 fix: package.json & package-lock.json to reduce vulnerabilities (#77)
207ccdb Bump y18n from 4.0.0 to 4.0.1 (#78)
6bf741b Bump yargs-parser from 13.0.0 to 13.1.2 (#76)
618375a Bump lodash from 4.17.15 to 4.17.19 (#74)
7e0f265 Security audit fixes (#71)
dc47dad Include error for queryFailed events (chore: upgrade to priam 5.0.0 #67)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade priam from 4.0.0 to 4.1.0. See this package in npm: https://www.npmjs.com/package/priam See this project in Snyk: https://app.snyk.io/org/jgowdy/project/6cd4f0c2-b6d4-4503-bdca-4dd2f80b3892?utm_source=github&utm_medium=referral&page=upgrade-pr

jgowdy · 2022-07-19T20:21:29Z

Checkmarx AST – Scan Summary & Details – 1879db01-7964-4515-a53a-c94e42e13b0f

New Issues

Severity	Issue	File / Package	Scan Engine
HIGH	CVE-2021-23343	Npm-path-parse-1.0.6	CxSCA
HIGH	CVE-2021-35065	Npm-glob-parent-5.1.2	CxSCA
HIGH	CVE-2021-3807	Npm-ansi-regex-3.0.0	CxSCA
HIGH	CVE-2021-3807	Npm-ansi-regex-5.0.0	CxSCA
HIGH	CVE-2021-3807	Npm-ansi-regex-4.1.0	CxSCA
HIGH	CVE-2021-43138	Npm-async-1.5.2	CxSCA
HIGH	CVE-2021-44906	Npm-minimist-1.2.5	CxSCA
HIGH	CVE-2022-24785	Npm-moment-2.24.0	CxSCA
HIGH	CVE-2022-31129	Npm-moment-2.24.0	CxSCA
HIGH	Cx62f5bb1b-fa5e	Npm-moment-2.24.0	CxSCA
HIGH	Cx89601373-08db	Npm-debug-3.2.6	CxSCA
HIGH	Cx89601373-08db	Npm-debug-4.1.1	CxSCA
HIGH	Cx8bc4df28-fcf5	Npm-debug-3.2.6	CxSCA
HIGH	Cx8bc4df28-fcf5	Npm-debug-4.1.1	CxSCA
HIGH	Cxb3ca64d2-9cd1	Npm-mocha-7.1.1	CxSCA
HIGH	Cxdca8e59f-8bfe	Npm-inflight-1.0.6	CxSCA
MEDIUM	CVE-2020-15366	Npm-ajv-6.10.2	CxSCA
MEDIUM	Cx65603961-769c	Npm-debug-4.1.1	CxSCA
MEDIUM	Cx65603961-769c	Npm-debug-3.2.6	CxSCA
MEDIUM	Cxbd6f2b91-dd38	Npm-debug-4.1.1	CxSCA
MEDIUM	Cxbd6f2b91-dd38	Npm-debug-3.2.6	CxSCA