Skip to content

[Snyk] Security upgrade azure-storage from 2.10.3 to 2.10.4#1680

Closed
snyk-bot wants to merge 1 commit intomasterfrom
snyk-fix-458a56eaee50f95f28a8179dba547346
Closed

[Snyk] Security upgrade azure-storage from 2.10.3 to 2.10.4#1680
snyk-bot wants to merge 1 commit intomasterfrom
snyk-fix-458a56eaee50f95f28a8179dba547346

Conversation

@snyk-bot
Copy link

@snyk-bot snyk-bot commented May 21, 2021

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
low severity 486/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 3.3		 Arbitrary Code Injection
SNYK-JS-UNDERSCORE-1080984		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: azure-storage The new version differs by 21 commits.
  • bb8550b Fix test issues which are caused by short expiry time
  • 9c9e1ef Upgrade version to 2.10.4
  • 126bbf6 Update underscore to 1.12.1 (#677)
  • 333c924 Merge pull request Show symbol type on hover #657 from abejide001/update-readme
  • ee94b41 update the docs link in the readme
  • 0be7cd1 Merge pull request Add new feature: Run Selection in Django Shell. #652 from ljian3377/update-package
  • 59f158f update package-lock.json to get rid of security alert for elliptic
  • 8afb26e Lock mocha's version to 6.2.0.
  • d0bf306 Update Contributing.md for using maser branch to maintain changes .
  • 7900a02 Update Readme and deprecate dev branch for contribution.
  • d776180 Run npm audit and fix vulnerabilities.
  • a80450a Update README.md (#625)
  • 0092857 Update README.md
  • 473ef09 Lock down dev dep mocha's version and make it work for existing node version 6 in CI.
  • 5ba7180 Fix typo
  • e20d66d Add `host` property to `StorageServiceClient`
  • d3d5d9d Bump handlebars from 4.1.2 to 4.5.3
  • 4bffbc9 Update issue template & readme links;
  • 7447df8 Updated changelog for 3.0.100
  • d5c93fe Refactred test cases for browsers - drop key based cases from browser testing scope
  • d380860 Remove SharedKey auth & SAS generation from browser bundle

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@snyk-bot @DonJayamanne