Skip to content

[Snyk] Security upgrade express from 4.19.2 to 4.21.2 #31

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
aravindbuilt wants to merge 68 commits into from
Closed

[Snyk] Security upgrade express from 4.19.2 to 4.21.2 #31

aravindbuilt wants to merge 68 commits into from

Conversation

@aravindbuilt
Copy link
Contributor

@aravindbuilt aravindbuilt commented Dec 6, 2024

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • package.json
  • package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHTOREGEXP-8482416		   125  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

rohitmishra209 and others added 30 commits January 30, 2019 17:58
@rohitmishra209
first commit
9f00d43
@rohitmishra209
first commit
f38b830
@rohitmishra209
make it better
69ce7d0
@rohitmishra209
make it better
010edcb
@rohitmishra209
make it better
8c0fe83
@rohitmishra209
dynamic port
808e554
@rohitmishra209
Updated the README file
01ffa02
@rohitmishra209
Update README.md
7de683c
@rohitmishra209
updated the image size of thumbnail
8e5fc44
@rohitmishra209
updated the image size of thumbnail
3780781
@rohitmishra209
updated the image size of thumbnail
1301538
@rohitmishra209
Update README.md
4f5a686
@rohitmishra209
Update README.md
fff0405
@uttamukkoji
Update README.md
a42df2a
@rohitmishra209
Update README.md
2c20dc1
@rohitmishra209
Update README.md
45ebe6c
@rohitmishra209
Update README.md
6336573
@rohitmishra209
Update README.md
039df0d
@rohitmishra209
Update README.md
37c8e74
@uttamukkoji
Update README.md
b75473f
@rohitmishra209
updated the README
ca9a44b
@rohitmishra209
updated the README
81ca0cb
@rohitmishra209
updated the README
95d81e5
@rohitmishra209
updated the README
2761b3b
@rohitmishra209
Updated the README file
d5e6fa9
@uttamukkoji
GraphQL beta ph2
29e8281
@uttamukkoji
Merge pull request #1 from contentstack/development
0797d46 
GraphQL beta ph2
@uttamukkoji
Update README.md
56a1b1a
@dependabot
Bump node-fetch from 2.6.0 to 2.6.1
d93a9b0 
Bumps [node-fetch](https://github.com/bitinn/node-fetch) from 2.6.0 to 2.6.1.
- [Release notes](https://github.com/bitinn/node-fetch/releases)
- [Changelog](https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md)
- [Commits](node-fetch/node-fetch@v2.6.0...v2.6.1)

Signed-off-by: dependabot[bot] <support@github.com>
@uttamukkoji
Merge pull request #2 from contentstack/dependabot/npm_and_yarn/node-…
97b8eb7 
…fetch-2.6.1

Bump node-fetch from 2.6.0 to 2.6.1
aravindbuilt and others added 26 commits September 15, 2022 10:53
@aravindbuilt
sca-scan.yml
52834b0
@aravindbuilt
secrets-scan.yml
2b7a1ee
@aravindbuilt
codeql-analysis.yml
f24cc44
@aravindbuilt
sast-scan.yml
53677f1
@aravindbuilt
sca-scan.yml
8604898
@aravindbuilt
secrets-scan.yml
2e0dfe4
@aravindbuilt
jira.yml
f3631b3
@aravindbuilt
jira.yml
a2c321e
@aravindbuilt
jira.yml
1fa4985
@aravindbuilt
sca-scan.yml
0101587
@aravindbuilt
jira.yml
ecb98a2
@aravindbuilt
codeql-analysis.yml
555cf1d
@aravindbuilt
sast-scan.yml
0269860
@aravindbuilt
secrets-scan.yml
cfdfd09
@aravindbuilt
CODEOWNERS update
9ccf2d6
@nadeem-cs
feat: add check-branch.yml
8292f8d
@nadeem-cs
fix: remove redundant workflow files
47dd550
@nadeem-cs
update packages
76a326b
@nadeem-cs
fix: snyk vulnerabilities and package updates
d0d3572
@nadeem-cs
Merge pull request #26 from contentstack/feat/CS-44648-check-branck-w…
a834b30 
…orkflow

feat: add check-branch.yml
@harshithad0703
Merge pull request #27 from contentstack/next
80cb450 
Add check-branch.yml file and update packages
@aravindbuilt
sca-scan.yml
77d4669
@aravindbuilt
jira.yml
54fbaab
@aravindbuilt
sast-scan.yml
6138587
@aravindbuilt
codeql-analysis.yml
4c21c9a
@snyk-bot
fix: package.json & package-lock.json to reduce vulnerabilities
30b28dc 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-PATHTOREGEXP-8482416
@aravindbuilt aravindbuilt requested a review from a team as a code owner December 6, 2024 22:37
@github-actions
Copy link

github-actions bot commented Dec 6, 2024

We regret to inform you that you are currently not able to merge your changes into the master branch due to restrictions applied by our SRE team. To proceed with merging your changes, we kindly request that you create a pull request from the next branch. Our team will then review the changes and work with you to ensure a successful merge into the master branch.

@aman19K aman19K closed this May 8, 2025
@aman19K aman19K force-pushed the snyk-fix-b16dd4b9253bdc7633462621ac6e3f44 branch from 15b6d7c to 30b28dc Compare May 8, 2025 11:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

10 participants

@aravindbuilt @aman19K @rohitmishra209 @uttamukkoji @nandeesh-gajula @contentstack-admin @nadeem-cs @harshithad0703 @snyk-bot