Skip to content

[Snyk] Upgrade ajv from 5.2.5 to 8.12.0#356

Merged
mergify[bot] merged 1 commit intomainfrom
snyk-upgrade-9c734ebac3ede47e76c6e7757f049d64
Apr 10, 2023
Merged

[Snyk] Upgrade ajv from 5.2.5 to 8.12.0#356
mergify[bot] merged 1 commit intomainfrom
snyk-upgrade-9c734ebac3ede47e76c6e7757f049d64

Conversation

@Centaurioun
Copy link
Copy Markdown
Owner

@Centaurioun Centaurioun commented Feb 13, 2023

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade ajv from 5.2.5 to 8.12.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

  • The recommended version is 105 versions ahead of your current version.
  • The recommended version was released a month ago, on 2023-01-03.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-AJV-584908		 619/1000
Why? Has a fix available, CVSS 8.1		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: ajv
  • 8.12.0 - 2023-01-03
    • fix JTD serialisation (remove leading comma in objects with only optional properties) (#2190, @ piliugin-anton)
    • empty JTD "values" schema (#2191)
    • empty object to work with JTD utility type (#2158, @ erikbrinkman)
    • fix JTD "discriminator" schema for objects with more than 8 properties (#2194)
    • correctly narrow "number" type to "integer" (#2192, @ JacobLey)
    • update Node.js versions in CI to 14, 16, 18 and 19
  • 8.11.2 - 2022-11-13

    Update dependencies

    Export ValidationError and MissingRefError (#1840, @ dannyb648)

  • 8.11.1 - 2022-11-13

    Update dependencies

    Export ValidationError and MissingRefError (#1840, @ dannyb648)

  • 8.11.0 - 2022-03-22

    Use root schemaEnv when resolving references in oneOf (#1901, @ asprouse)

    Only use equal function in generated code when it is used (#1922, @ bhvngt)

  • 8.10.0 - 2022-02-04

    uriResolver option (@ zekth, #1862)

  • 8.9.0 - 2022-01-15

    Option code.esm to generate ESM exports for standalone validation functions (@ rehanvdm, #1861)
    Support discriminator keyword with $ref in oneOf subschemas (@ dfeufel, #1815)

  • 8.8.2 - 2021-11-21

    Use full RegExp string (with flags) as cache key, related to ajv-validator/ajv-keywords#220

  • 8.8.1 - 2021-11-16

    Fix minContains: 0 (#1819)

  • 8.8.0 - 2021-11-13

    Fix browser bundles in cdnjs
    regExp option allowing to specify alternative RegExp engine, e.g. re2 (@ efebarlas)

  • 8.7.1 - 2021-11-08

    Publish Ajv bundle for JSON Schema 2020-12 to cdnjs.com

  • 8.7.0 - 2021-11-08
  • 8.6.3 - 2021-09-12
  • 8.6.2 - 2021-07-15
  • 8.6.1 - 2021-07-04
  • 8.6.0 - 2021-06-06
  • 8.5.0 - 2021-05-20
  • 8.4.0 - 2021-05-14
  • 8.3.0 - 2021-05-09
  • 8.2.0 - 2021-04-27
  • 8.1.0 - 2021-04-11
  • 8.0.5 - 2021-04-02
  • 8.0.4 - 2021-04-02
  • 8.0.3 - 2021-04-01
  • 8.0.2 - 2021-03-31
  • 8.0.1 - 2021-03-27
  • 8.0.0 - 2021-03-27
  • 8.0.0-beta.4 - 2021-03-23
  • 8.0.0-beta.3 - 2021-03-21
  • 8.0.0-beta.2 - 2021-03-16
  • 8.0.0-beta.1 - 2021-03-15
  • 8.0.0-beta.0 - 2021-03-13
  • 7.2.4 - 2021-03-26
  • 7.2.3 - 2021-03-20
  • 7.2.2 - 2021-03-20
  • 7.2.1 - 2021-03-07
  • 7.2.0 - 2021-03-07
  • 7.1.1 - 2021-02-17
  • 7.1.0 - 2021-02-11
  • 7.0.4 - 2021-02-01
  • 7.0.3 - 2021-01-02
  • 7.0.2 - 2020-12-19
  • 7.0.1 - 2020-12-16
  • 7.0.0 - 2020-12-15
  • 7.0.0-rc.5 - 2020-12-14
  • 7.0.0-rc.4 - 2020-12-14
  • 7.0.0-rc.3 - 2020-12-14
  • 7.0.0-rc.2 - 2020-12-13
  • 7.0.0-rc.1 - 2020-12-09
  • 7.0.0-rc.0 - 2020-12-06
  • 7.0.0-beta.9 - 2020-12-02
  • 7.0.0-beta.8 - 2020-11-29
  • 7.0.0-beta.7 - 2020-11-22
  • 7.0.0-beta.6 - 2020-11-16
  • 7.0.0-beta.5 - 2020-11-15
  • 7.0.0-beta.4 - 2020-11-10
  • 7.0.0-beta.3 - 2020-11-05
  • 7.0.0-beta.2 - 2020-10-24
  • 7.0.0-beta.1 - 2020-10-10
  • 7.0.0-beta.0 - 2020-09-23
  • 7.0.0-alpha.1 - 2020-09-16
  • 7.0.0-alpha.0 - 2020-09-15
  • 6.12.6 - 2020-10-10
  • 6.12.5 - 2020-09-13
  • 6.12.4 - 2020-08-15
  • 6.12.3 - 2020-07-04
  • 6.12.2 - 2020-04-19
  • 6.12.1 - 2020-04-18
  • 6.12.0 - 2020-02-22
  • 6.11.0 - 2020-01-18
  • 6.10.2 - 2019-07-14
  • 6.10.1 - 2019-07-06
  • 6.10.0 - 2019-03-03
  • 6.9.2 - 2019-02-22
  • 6.9.1 - 2019-02-10
  • 6.9.0 - 2019-02-09
  • 6.8.1 - 2019-02-02
  • 6.8.0 - 2019-02-02
  • 6.7.0 - 2019-01-13
  • 6.6.2 - 2018-12-16
  • 6.6.1 - 2018-11-29
  • 6.6.0 - 2018-11-29
  • 6.5.5 - 2018-11-04
  • 6.5.4 - 2018-09-23
  • 6.5.3 - 2018-08-17
  • 6.5.2 - 2018-06-30
  • 6.5.1 - 2018-06-10
  • 6.5.0 - 2018-05-08
  • 6.4.0 - 2018-03-25
  • 6.3.0 - 2018-03-17
  • 6.2.1 - 2018-03-03
  • 6.2.0 - 2018-02-26
  • 6.1.1 - 2018-01-30
  • 6.1.0 - 2018-01-26
  • 6.0.1 - 2018-01-11
  • 6.0.0 - 2018-01-07
  • 6.0.0-rc.1 - 2017-12-03
  • 6.0.0-rc.0 - 2017-11-26
  • 6.0.0-beta.2 - 2017-11-12
  • 6.0.0-beta.1 - 2017-11-06
  • 6.0.0-beta.0 - 2017-11-06
  • 5.5.2 - 2017-12-16
  • 5.5.1 - 2017-12-02
  • 5.5.0 - 2017-11-24
  • 5.4.0 - 2017-11-20
  • 5.3.0 - 2017-10-24
  • 5.2.5 - 2017-10-24
from ajv GitHub release notes
Commit messages
Package name: ajv

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Feb 13, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@mergify mergify Bot merged commit d1563aa into main Apr 10, 2023
@mergify mergify Bot deleted the snyk-upgrade-9c734ebac3ede47e76c6e7757f049d64 branch April 10, 2023 08:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

2 participants

@Centaurioun @snyk-bot