Skip to content
This repository has been archived by the owner on Apr 25, 2023. It is now read-only.

build(deps): bump cookiejar from 2.1.3 to 2.1.4 #227

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jan 24, 2023

Bumps cookiejar from 2.1.3 to 2.1.4.

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [cookiejar](https://github.com/bmeck/node-cookiejar) from 2.1.3 to 2.1.4.
- [Release notes](https://github.com/bmeck/node-cookiejar/releases)
- [Commits](https://github.com/bmeck/node-cookiejar/commits)

---
updated-dependencies:
- dependency-name: cookiejar
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jan 24, 2023
@ImagineBuildBot
Copy link

Scan submitted to Checkmarx

@ImagineBuildBot
Copy link

Logo
Checkmarx SAST - Scan Summary & Details

Cx-SAST Summary

Total of 70 vulnerabilities
High 33 High
Medium 37 Medium
Low 0 Low
Info 0 Info

Checkmarx Scan Summary

Severity Count
High 33
Medium 37
Low 0
Informational 0

Violation Summary

High 28 High
Medium 21 Medium

View more details on Checkmarx UI

Cx-SAST Details

Lines Severity Category File Link
81 Medium Unchecked_Input_For_Loop_Condition plugins/catalog-graph/src/components/CatalogGraphPage/useCatalogGraphPage.ts Checkmarx
73 Medium Privacy_Violation plugins/todo-backend/src/service/router.ts Checkmarx
172 Medium Privacy_Violation plugins/scaffolder-backend/src/service/router.ts Checkmarx
89 Medium Missing_HSTS_Header contrib/catalog/ImmediateEntityProvider.ts Checkmarx
198 219 Medium Client_ReDoS_From_Regex_Injection plugins/catalog-backend-module-bitbucket/src/BitbucketDiscoveryProcessor.test.ts Checkmarx
91 116 Medium Client_ReDoS_From_Regex_Injection plugins/catalog-backend-module-github/src/GithubDiscoveryProcessor.test.ts Checkmarx
102 121 126 129 130 151 161 Medium Client_ReDoS_From_Regex_Injection plugins/catalog-backend-module-bitbucket/src/BitbucketDiscoveryProcessor.ts Checkmarx
104 Medium Client_ReDoS_From_Regex_Injection plugins/catalog-backend-module-github/src/GithubDiscoveryProcessor.ts Checkmarx
168 Medium Client_Privacy_Violation packages/integration/src/bitbucket/core.ts Checkmarx
90 Medium Client_Privacy_Violation plugins/auth-backend/src/providers/microsoft/provider.ts Checkmarx
155 Medium Client_Privacy_Violation plugins/scaffolder-backend/src/scaffolder/actions/builtin/publish/bitbucket.ts Checkmarx
221 Medium Client_Privacy_Violation packages/backend-common/src/scm/git.ts Checkmarx
149 Medium Client_HTML5_Store_Sensitive_data_In_Web_Storage packages/core-app-api/src/lib/AuthSessionManager/AuthSessionStore.ts Checkmarx
77 100 High Stored_XSS plugins/code-coverage-backend/src/service/CodeCoverageDatabase.ts Checkmarx
242 High Reflected_XSS plugins/techdocs-node/src/stages/publish/openStackSwift.ts Checkmarx
372 High Reflected_XSS plugins/techdocs-node/src/stages/publish/awsS3.ts Checkmarx
335 High Reflected_XSS plugins/techdocs-node/src/stages/publish/azureBlobStorage.ts Checkmarx
108 High Reflected_XSS plugins/search-backend/src/service/router.ts Checkmarx
48 86 High Reflected_XSS plugins/badges-backend/src/service/router.ts Checkmarx
44 High Reflected_XSS plugins/bazaar-backend/src/service/router.ts Checkmarx
50 High Reflected_XSS plugins/periskop-backend/src/service/router.ts Checkmarx
53 59 65 66 72 73 79 80 High Reflected_XSS plugins/rollbar-backend/src/service/router.ts Checkmarx
46 83 High Reflected_XSS plugins/jenkins-backend/src/service/router.ts Checkmarx
40 High Reflected_XSS plugins/app-backend/src/lib/assets/createStaticAssetMiddleware.ts Checkmarx
126 129 130 High Prototype_Pollution plugins/catalog-backend-module-bitbucket/src/BitbucketDiscoveryProcessor.ts Checkmarx
36 High Insecure_Storage_of_Sensitive_Data plugins/auth-backend/src/service/standaloneServer.ts Checkmarx
30 High Client_DOM_XSS plugins/catalog-backend/src/util/conversion.ts Checkmarx
64 High Client_DOM_XSS plugins/gcp-projects/src/components/ProjectDetailsPage/ProjectDetailsPage.tsx Checkmarx
62 High Client_DOM_XSS plugins/git-release-manager/src/hooks/useQueryHandler.ts Checkmarx

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant