Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade netlify-cli from 9.16.7 to 17.33.4 #22

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

snyk-io[bot]
Copy link

@snyk-io snyk-io bot commented Aug 12, 2024

snyk-top-banner

Snyk has created this PR to upgrade netlify-cli from 9.16.7 to 17.33.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

  • The recommended version is 276 versions ahead of your current version.

  • The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908
118 Proof of Concept
high severity Uncontrolled resource consumption
SNYK-JS-BRACES-6838727
118 Proof of Concept
high severity Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
SNYK-JS-GITCLONE-2434308
118 No Known Exploit
high severity Inefficient Regular Expression Complexity
SNYK-JS-MICROMATCH-6838728
118 No Known Exploit
high severity Directory Traversal
SNYK-JS-STATICSERVER-5722341
118 Proof of Concept
high severity Prototype Pollution
SNYK-JS-UNSETVALUE-2400660
118 No Known Exploit
high severity Regular Expression Denial of Service (ReDoS)
npm:ansi2html:20151025
118 No Known Exploit
medium severity Improper Authentication
SNYK-JS-JSONWEBTOKEN-3180022
118 No Known Exploit
medium severity Improper Restriction of Security Token Assignment
SNYK-JS-JSONWEBTOKEN-3180024
118 No Known Exploit
medium severity Use of a Broken or Risky Cryptographic Algorithm
SNYK-JS-JSONWEBTOKEN-3180026
118 No Known Exploit
medium severity Cross-site Scripting (XSS)
SNYK-JS-SERIALIZEJAVASCRIPT-6147607
118 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-GLOBPARENT-1016905
118 Proof of Concept
medium severity Open Redirect
SNYK-JS-GOT-2932019
118 No Known Exploit
medium severity Open Redirect
SNYK-JS-GOT-2932019
118 No Known Exploit
medium severity Open Redirect
SNYK-JS-GOT-2932019
118 No Known Exploit
medium severity Uncontrolled Resource Consumption ('Resource Exhaustion')
SNYK-JS-TAR-6476909
118 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-HTTPCACHESEMANTICS-3248783
118 Proof of Concept
Release notes
Package name: netlify-cli
  • 17.33.4 - 2024-07-15

    17.33.4 (2024-07-15)

    Bug Fixes

    • deps: update dependency @ bugsnag/js to v7.25.0 (#6762) (c09bf1a)
    • deps: update dependency @ types/node to v20.14.10 (#6763) (ce647f4)
    • deps: update dependency fastify to v4.28.1 (#6764) (e45d378)
    • deps: update netlify packages (#6759) (9f36fed)
    • use heuristics for build and deploy command as well (#6729) (111967c)
  • 17.33.3 - 2024-07-12

    17.33.3 (2024-07-12)

    Bug Fixes

  • 17.33.2 - 2024-07-11

    17.33.2 (2024-07-11)

    Bug Fixes

  • 17.33.1 - 2024-07-11

    17.33.1 (2024-07-11)

    Bug Fixes

  • 17.33.0 - 2024-07-05

    17.33.0 (2024-07-05)

    Features

    • expose deploy context to functions and edge functions (#6747) (a4a4026)
  • 17.32.1 - 2024-07-04

    17.32.1 (2024-07-04)

    Bug Fixes

  • 17.32.0 - 2024-07-02

    17.32.0 (2024-07-02)

    Features

  • 17.31.0 - 2024-07-01

    17.31.0 (2024-07-01)

    Features

    • add support for the Frameworks API (#6735) (6a48a38)
    • load edge functions from Frameworks API in serve (#6738) (1c6903f)

    Bug Fixes

    • deps: update dependency https-proxy-agent to v7.0.5 (#6741) (3262995)
  • 17.30.0 - 2024-06-26

    17.30.0 (2024-06-26)

    Features

    Bug Fixes

  • 17.29.0 - 2024-06-20

    17.29.0 (2024-06-20)

    Features

    Bug Fixes

    • deps: update dependency @ netlify/build to v29.48.2 (#6719) (41294c0)
    • deps: update dependency @ netlify/zip-it-and-ship-it to v9.37.1 (#6718) (38d5000)
    • deps: update dependency ws to v8.17.1 [security] (#6716) (7da19ad)
    • deps: update netlify packages (#6707) (ca0e670)
  • 17.28.0 - 2024-06-17
  • 17.27.0 - 2024-06-13
  • 17.26.3 - 2024-06-12
  • 17.26.2 - 2024-06-10
  • 17.26.1 - 2024-06-07
  • 17.26.0 - 2024-06-05
  • 17.25.0 - 2024-05-29
  • 17.24.0 - 2024-05-29
  • 17.23.8 - 2024-05-24
  • 17.23.7 - 2024-05-24
  • 17.23.6 - 2024-05-23
  • 17.23.5 - 2024-05-14
  • 17.23.4 - 2024-05-14
  • 17.23.3 - 2024-05-13
  • 17.23.2 - 2024-05-07
  • 17.23.1 - 2024-04-26
  • 17.23.0 - 2024-04-25
  • 17.22.1 - 2024-04-10
  • 17.22.0 - 2024-04-08
  • 17.21.2 - 2024-04-05
  • 17.21.1 - 2024-03-26
  • 17.21.0 - 2024-03-26
  • 17.20.1 - 2024-03-22
  • 17.20.0 - 2024-03-21
  • 17.19.6 - 2024-03-20
  • 17.19.5 - 2024-03-18
  • 17.19.4 - 2024-03-15
  • 17.19.3 - 2024-03-13
  • 17.19.2 - 2024-03-11
  • 17.19.1 - 2024-03-11
  • 17.19.0 - 2024-03-08
  • 17.18.1 - 2024-03-06
  • 17.18.0 - 2024-03-05
  • 17.17.2 - 2024-03-04
  • 17.17.1 - 2024-02-26
  • 17.17.0 - 2024-02-22
  • 17.16.4 - 2024-02-20
  • 17.16.3 - 2024-02-19
  • 17.16.2 - 2024-02-13
  • 17.16.1 - 2024-02-08
  • 17.16.0 - 2024-02-05
  • 17.15.7 - 2024-02-01
  • 17.15.6 - 2024-01-31
  • 17.15.5 - 2024-01-30
  • 17.15.4 - 2024-01-29
  • 17.15.3 - 2024-01-24
  • 17.15.2 - 2024-01-22
  • 17.15.1 - 2024-01-19
  • 17.15.0 - 2024-01-18
  • 17.14.1 - 2024-01-18
  • 17.14.0 - 2024-01-15
  • 17.13.2 - 2024-01-12
  • 17.13.1 - 2024-01-11
  • 17.13.0 - 2024-01-09
  • 17.12.0 - 2024-01-09
  • 17.11.1 - 2024-01-05
  • 17.11.0 - 2024-01-02
  • 17.10.2 - 2023-12-29
  • 17.10.1 - 2023-12-08
  • 17.10.0 - 2023-12-06
  • 17.9.0 - 2023-12-04
  • 17.8.1 - 2023-11-28
  • 17.8.0 - 2023-11-28
  • 17.7.0 - 2023-11-23
  • 17.6.0 - 2023-11-21
  • 17.5.3 - 2023-11-20
  • 17.5.2 - 2023-11-20
  • 17.5.1 - 2023-11-17
  • 17.5.0 - 2023-11-17
  • 17.4.0 - 2023-11-16
  • 17.3.2 - 2023-11-15
  • 17.3.1 - 2023-11-14
  • 17.3.0 - 2023-11-14
  • 17.2.2 - 2023-11-10
  • 17.2.1 - 2023-11-09
  • 17.2.0 - 2023-11-08
  • 17.1.0 - 2023-11-07
  • 17.0.1 - 2023-11-02
  • 17.0.0 - 2023-11-01
  • 16.9.3 - 2023-10-27
  • 16.9.2 - 2023-10-24
  • 16.9.1 - 2023-10-20
  • 16.9.0 - 2023-10-19
  • 16.8.1 - 2023-10-19
  • 16.8.0 - 2023-10-17
  • 16.7.0 - 2023-10-12
  • 16.6.2 - 2023-10-12
  • 16.6.1 - 2023-10-10
  • 16.6.0 - 2023-10-10
  • 16.5.1 - 2023-10-03
  • 16.5.0 - 2023-10-02
  • 16.4.2 - 2023-09-21
  • 16.4.1 - 2023-09-20
  • 16.4.0 - 2023-09-19
  • 16.3.6 - 2023-09-18
  • 16.3.5 - 2023-09-18
  • 16.3.4 - 2023-09-18
  • 16.3.3 - 2023-09-15
  • 16.3.2 - 2023-09-13
  • 16.3.1 - 2023-09-06
  • 16.3.0 - 2023-09-06
  • 16.2.0 - 2023-08-29
  • 16.1.0 - 2023-08-17
  • 16.0.3 - 2023-08-14
  • 16.0.2 - 2023-08-11
  • 16.0.1 - 2023-08-10
  • 16.0.0 - 2023-08-10
  • 16.0.0-alpha.0 - 2023-08-10
  • 15.11.0 - 2023-08-07
  • 15.10.0 - 2023-07-31
  • 15.10.0-rc.1 - 2023-08-03
  • 15.10.0-rc.0 - 2023-08-03
  • 15.9.1 - 2023-07-19
  • 15.9.1-rc.0 - 2023-07-20
  • 15.9.0 - 2023-07-12
  • 15.8.1 - 2023-07-06
  • 15.8.1-rc.1 - 2023-07-11
  • 15.8.1-rc.0 - 2023-07-10
  • 15.8.0 - 2023-06-30
  • 15.7.0 - 2023-06-27
  • 15.6.0 - 2023-06-14
  • 15.5.1 - 2023-06-13
  • 15.5.0 - 2023-06-13
  • 15.4.2 - 2023-06-12
  • 15.4.1 - 2023-06-08
  • 15.4.0 - 2023-06-07
  • 15.3.2 - 2023-06-07
  • 15.3.1 - 2023-06-02
  • 15.3.0 - 2023-06-02
  • 15.2.0 - 2023-05-26
  • 15.1.1 - 2023-05-17
  • 15.1.0 - 2023-05-15
  • 15.0.3 - 2023-05-15
  • 15.0.2 - 2023-05-08
  • 15.0.1 - 2023-05-08
  • 15.0.0 - 2023-05-05
  • 15.0.0-rc.0 - 2023-05-02
  • 14.4.0 - 2023-05-03
  • 14.3.1 - 2023-04-26
  • 14.3.0 - 2023-04-25
  • 14.2.1 - 2023-04-20
  • 14.2.0 - 2023-04-20
  • 14.1.0 - 2023-04-19
  • 14.0.0 - 2023-04-17
  • 14.0.0-rc - 2023-04-14
  • 13.2.2 - 2023-03-28
  • 13.2.1 - 2023-03-22
  • 13.2.0 - 2023-03-21
  • 13.1.7 - 2023-03-21
  • 13.1.6 - 2023-03-14
  • 13.1.5 - 2023-03-14
  • 13.1.4 - 2023-03-14
  • 13.1.3 - 2023-03-13
  • 13.1.2 - 2023-03-10
  • 13.1.1 - 2023-03-09
  • 13.1.0 - 2023-03-09
  • 13.0.1 - 2023-03-03
  • 13.0.0 - 2023-02-21
  • 12.14.0 - 2023-02-20
  • 12.13.2 - 2023-02-20
  • 12.13.1 - 2023-02-17
  • 12.13.0 - 2023-02-17
  • 12.12.1 - 2023-02-16
  • 12.12.0 - 2023-02-10
  • 12.11.0 - 2023-02-09
  • 12.10.0 - 2023-01-26
  • 12.9.2 - 2023-01-24
  • 12.9.1 - 2023-01-20
  • 12.9.0 - 2023-01-20
  • 12.8.0 - 2023-01-20
  • 12.7.2 - 2023-01-11
  • 12.7.1 - 2023-01-11
  • 12.7.0 - 2023-01-10
  • 12.6.0 - 2023-01-09
  • 12.5.0 - 2022-12-22
  • 12.4.1 - 2022-12-20
  • 12.4.0 - 2022-12-15
  • 12.3.0 - 2022-12-15
  • 12.2.11 - 2022-12-14
  • 12.2.10 - 2022-12-12
  • 12.2.9 - 2022-12-06
  • 12.2.8 - 2022-12-01
  • 12.2.7 - 2022-11-23
  • 12.2.6 - 2022-11-21
  • 12.2.5 - 2022-11-21
  • 12.2.4 - 2022-11-18
  • 12.2.3 - 2022-11-18
  • 12.2.2 - 2022-11-18
  • 12.2.1 - 2022-11-17
  • 12.2.0 - 2022-11-15
  • 12.1.1 - 2022-11-09
  • 12.1.0 - 2022-11-04
  • 12.0.11 - 2022-10-18
  • 12.0.10 - 2022-10-17
  • 12.0.9 - 2022-10-13
  • 12.0.8 - 2022-10-12
  • 12.0.7 - 2022-10-07
  • 12.0.6 - 2022-10-05
  • 12.0.5 - 2022-10-04
  • 12.0.4 - 2022-10-03
  • 12.0.3 - 2022-10-03
  • 12.0.2 - 2022-09-30
  • 12.0.1 - 2022-09-29
  • 12.0.0 - 2022-09-27
  • 11.8.3 - 2022-09-23
  • 11.8.2 - 2022-09-21
  • 11.8.1 - 2022-09-20
  • 11.8.0 - 2022-09-15
  • 11.7.1 - 2022-09-09
  • 11.7.0 - 2022-09-09
  • 11.6.0 - 2022-09-08
  • 11.5.1 - 2022-08-29
  • 11.5.0 - 2022-08-22
  • 11.4.0 - 2022-08-22
  • 11.3.0 - 2022-08-19
  • 11.2.0 - 2022-08-19
  • 11.1.0 - 2022-08-19
  • 11.1.0-rc.2 - 2022-08-19
  • 11.1.0-rc.1 - 2022-08-18
  • 11.1.0-rc.0 - 2022-08-18
  • 11.0.0 - 2022-08-18
  • 10.18.0 - 2022-08-18
  • 10.18.0-rc2 - 2022-08-17
  • 10.18.0-rc1 - 2022-08-16
  • 10.18.0-rc.4 - 2022-08-18
  • 10.18.0-rc.3 - 2022-08-17
  • 10.17.8 - 2022-08-16
  • 10.17.7 - 2022-08-16
  • 10.17.6 - 2022-08-15
  • 10.17.5 - 2022-08-15
  • 10.17.4 - 2022-08-12
  • 10.17.3 - 2022-08-12
  • 10.17.2 - 2022-08-12
  • 10.17.1 - 2022-08-12
  • 10.17.0 - 2022-08-11
  • 10.16.0 - 2022-08-11
  • 10.15.0 - 2022-08-04
  • 10.14.0 - 2022-08-01
  • 10.13.0 - 2022-07-29
  • 10.12.1 - 2022-07-27
  • 10.12.0 - 2022-07-27
  • 10.11.2 - 2022-07-25
  • 10.11.1 - 2022-07-22
  • 10.11.0 - 2022-07-22
  • 10.10.2 - 2022-07-19
  • 10.10.1 - 2022-07-19
  • 10.10.0 - 2022-07-15
  • 10.9.1 - 2022-07-15
  • 10.9.0 - 2022-07-13
  • 10.8.0 - 2022-07-11
  • 10.7.1 - 2022-07-01
  • 10.7.0 - 2022-06-30
  • 10.6.3 - 2022-06-27
  • 10.6.2 - 2022-06-23
  • 10.6.1 - 2022-06-22
  • 10.6.0 - 2022-06-22
  • 10.5.1 - 2022-06-10
  • 10.5.0 - 2022-06-08
  • 10.4.0 - 2022-05-31
  • 10.3.3 - 2022-05-26
  • 10.3.1 - 2022-05-12
  • 10.3.0 - 2022-05-06
  • 10.2.0 - 2022-05-04
  • 10.1.0 - 2022-04-27
  • 10.0.0 - 2022-04-19
  • 10.0.0-rc.0 - 2022-04-18
  • 9.16.7 - 2022-04-18
from netlify-cli GitHub release notes

Important

  • Warning: This PR contains a major version upgrade, and may be a breaking change.
  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"netlify-cli","from":"9.16.7","to":"17.33.4"}],"env":"prod","hasFixes":true,"isBreakingChange":true,"isMajorUpgrade":true,"issuesToFix":[{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ANSIREGEX-1583908","issue_id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-BRACES-6838727","issue_id":"SNYK-JS-BRACES-6838727","priority_score":169,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00045},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon May 13 2024 14:36:53 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.81},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Uncontrolled resource consumption"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-GITCLONE-2434308","issue_id":"SNYK-JS-GITCLONE-2434308","priority_score":165,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00409},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Jun 28 2022 11:38:21 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":97},{"name":"impact","value":9.79},{"name":"likelihood","value":1.68},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-MICROMATCH-6838728","issue_id":"SNYK-JS-MICROMATCH-6838728","priority_score":124,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00045},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon May 13 2024 14:42:05 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.06},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Inefficient Regular Expression Complexity"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-STATICSERVER-5722341","issue_id":"SNYK-JS-STATICSERVER-5722341","priority_score":158,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00071},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Oct 02 2023 12:38:15 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":91},{"name":"impact","value":5.99},{"name":"likelihood","value":2.63},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Directory Traversal"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-UNSETVALUE-2400660","issue_id":"SNYK-JS-UNSETVALUE-2400660","priority_score":115,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01055},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Feb 13 2022 15:26:38 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":1.92},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"no-known-exploit","id":"npm:ansi2html:20151025","issue_id":"npm:ansi2html:20151025","priority_score":100,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00123},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Nov 06 2015 02:09:36 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":86},{"name":"impact","value":5.99},{"name":"likelihood","value":1.67},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-JSONWEBTOKEN-3180022","issue_id":"SNYK-JS-JSONWEBTOKEN-3180022","priority_score":118,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"high"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"low"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00088},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Dec 22 2022 09:13:25 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":7.84},{"name":"likelihood","value":1.5},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Improper Authentication"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-JSONWEBTOKEN-3180024","issue_id":"SNYK-JS-JSONWEBTOKEN-3180024","priority_score":80,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Dec 22 2022 09:16:03 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":4.19},{"name":"likelihood","value":1.89},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Improper Restriction of Security Token Assignment"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-JSONWEBTOKEN-3180026","issue_id":"SNYK-JS-JSONWEBTOKEN-3180026","priority_score":130,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"low"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.001},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Dec 22 2022 10:32:50 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":8.63},{"name":"likelihood","value":1.5},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Use of a Broken or Risky Cryptographic Algorithm"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SERIALIZEJAVASCRIPT-6147607","issue_id":"SNYK-JS-SERIALIZEJAVASCRIPT-6147607","priority_score":109,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"none"},{"name":"scope","value":"changed"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01055},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Jan 09 2024 12:13:57 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":4.54},{"name":"likelihood","value":2.39},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Cross-site Scripting (XSS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-GLOBPARENT-1016905","issue_id":"SNYK-JS-GLOBPARENT-1016905","priority_score":63,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01244},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Jan 12 2021 15:00:42 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.67},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-GOT-2932019","issue_id":"SNYK-JS-GOT-2932019","priority_score":61,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00071},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jun 19 2022 15:33:44 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":4.19},{"name":"likelihood","value":1.45},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Open Redirect"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-GOT-2932019","issue_id":"SNYK-JS-GOT-2932019","priority_score":61,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00071},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jun 19 2022 15:33:44 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":4.19},{"name":"likelihood","value":1.45},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Open Redirect"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-GOT-2932019","issue_id":"SNYK-JS-GOT-2932019","priority_score":61,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00071},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jun 19 2022 15:33:44 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":4.19},{"name":"likelihood","value":1.45},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Open Redirect"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-TAR-6476909","issue_id":"SNYK-JS-TAR-6476909","priority_score":142,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00045},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Mar 22 2024 12:56:33 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.36},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-HTTPCACHESEMANTICS-3248783","issue_id":"SNYK-JS-HTTPCACHESEMANTICS-3248783","priority_score":63,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00116},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Jan 30 2023 14:39:52 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.64},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"}],"prId":"e9a0ad60-88a6-4d0e-b1cb-c299f7f6e085","prPublicId":"e9a0ad60-88a6-4d0e-b1cb-c299f7f6e085","packageManager":"npm","priorityScoreList":[159,169,165,124,158,115,100,118,80,130,109,63,61,142,63],"projectPublicId":"cbb76115-a7f0-4591-9034-49072a66075f","projectUrl":"https://app.snyk.io/org/cachiman/project/cbb76115-a7f0-4591-9034-49072a66075f?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["priorityScore"],"type":"auto","upgrade":["SNYK-JS-ANSIREGEX-1583908","SNYK-JS-BRACES-6838727","SNYK-JS-GITCLONE-2434308","SNYK-JS-MICROMATCH-6838728","SNYK-JS-STATICSERVER-5722341","SNYK-JS-UNSETVALUE-2400660","npm:ansi2html:20151025","SNYK-JS-JSONWEBTOKEN-3180022","SNYK-JS-JSONWEBTOKEN-3180024","SNYK-JS-JSONWEBTOKEN-3180026","SNYK-JS-SERIALIZEJAVASCRIPT-6147607","SNYK-JS-GLOBPARENT-1016905","SNYK-JS-GOT-2932019","SNYK-JS-GOT-2932019","SNYK-JS-GOT-2932019","SNYK-JS-TAR-6476909","SNYK-JS-HTTPCACHESEMANTICS-3248783"],"upgradeInfo":{"versionsDiff":276,"publishedDate":"2024-07-15T18:13:59.042Z"},"vulns":["SNYK-JS-ANSIREGEX-1583908","SNYK-JS-BRACES-6838727","SNYK-JS-GITCLONE-2434308","SNYK-JS-MICROMATCH-6838728","SNYK-JS-STATICSERVER-5722341","SNYK-JS-UNSETVALUE-2400660","npm:ansi2html:20151025","SNYK-JS-JSONWEBTOKEN-3180022","SNYK-JS-JSONWEBTOKEN-3180024","SNYK-JS-JSONWEBTOKEN-3180026","SNYK-JS-SERIALIZEJAVASCRIPT-6147607","SNYK-JS-GLOBPARENT-1016905","SNYK-JS-GOT-2932019","SNYK-JS-GOT-2932019","SNYK-JS-GOT-2932019","SNYK-JS-TAR-6476909","SNYK-JS-HTTPCACHESEMANTICS-3248783"]}'

Snyk has created this PR to upgrade netlify-cli from 9.16.7 to 17.33.4.

See this package in npm:
netlify-cli

See this project in Snyk:
https://app.snyk.io/org/cachiman/project/cbb76115-a7f0-4591-9034-49072a66075f?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr
Copy link

google-cla bot commented Aug 12, 2024

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants