Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade react-datetime from 2.7.5 to 2.16.3 #33

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade react-datetime from 2.7.5 to 2.16.3 #33

wants to merge 1 commit into from

Conversation

atlslscsrv-app
Copy link
Member

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade react-datetime from 2.7.5 to 2.16.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 27 versions ahead of your current version.
  • The recommended version was released 5 years ago, on 2018-12-03.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-LODASH-567746		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 Proof of Concept
Cross-site Scripting (XSS)
npm:marked:20170815		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-1023599		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-610226		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-608086		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASHMERGE-173732		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 Proof of Concept
Cross-site Scripting (XSS)
npm:marked:20170112		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
npm:marked:20170907		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
npm:marked:20180225		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 Proof of Concept
Prototype Poisoning
SNYK-JS-QS-3153490		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 Proof of Concept
Prototype Pollution
SNYK-JS-AJV-584908		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 No Known Exploit
Prototype Pollution
SNYK-JS-JSONSCHEMA-1920922		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 No Known Exploit
Command Injection
SNYK-JS-LODASH-1040724		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-450202		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-1072471		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 Proof of Concept
Arbitrary Code Injection
SNYK-JS-UNDERSCORE-1080984		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASHMERGE-173733		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 Proof of Concept
Cross-site Scripting (XSS)
npm:marked:20170815-1		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MINIMATCH-3050818		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 No Known Exploit
Prototype Pollution
SNYK-JS-MINIMIST-559764		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 Proof of Concept
Prototype Pollution
SNYK-JS-MINIMIST-2429795		 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: react-datetime
  • 2.16.3 - 2018-12-03
  • 2.16.2 - 2018-10-22
    • Turns moment timezone peer dependency in a runtime error when missing using displayTimezone.
  • 2.16.1 - 2018-10-19
    • Fixes problems with input event overriding
  • 2.16.0 - 2018-10-18
    • The prop disableOnClickOutside has been renamed to disableCloseOnClickOutside
    • The calendar doesn't get closed an open when clicking in the input anymore.
    • Fixes errors not finding dates when customizing day rendering.
    • Event listeners in inputProps now only override default behaviour when returning false.
    • Adds the displayTimeZone prop. Thanks to @ martingordon
  • 2.15.0 - 2018-07-24
    • New onNavigateBack and onNavigateForward hooks thanks to @ DaanDD and @ simeg.
    • Touch improvements by @ NicoDos
    • TS and debugging improvements
  • 2.14.0 - 2018-02-11
  • 2.13.0 - 2018-02-09
  • 2.12.0 - 2018-01-27
  • 2.11.1 - 2017-12-01
  • 2.11.0 - 2017-11-13
  • 2.10.3 - 2017-09-29
  • 2.10.2 - 2017-09-23
  • 2.10.1 - 2017-08-27
  • 2.10.0 - 2017-08-26
  • 2.9.0 - 2017-07-30
  • 2.8.11 - 2017-07-27
  • 2.8.10 - 2017-04-24
  • 2.8.9 - 2017-04-08
  • 2.8.8 - 2017-03-01
  • 2.8.7 - 2017-02-27
  • 2.8.6 - 2017-02-10
  • 2.8.5 - 2017-02-09
  • 2.8.4 - 2017-02-05
  • 2.8.3 - 2017-01-10
  • 2.8.2 - 2017-01-06
  • 2.8.1 - 2016-12-21
  • 2.8.0 - 2016-12-20
  • 2.7.5 - 2016-11-18
from react-datetime GitHub release notes
Commit messages
Package name: react-datetime
  • ab70aef Updates changelog
  • 1e03f84 Turns moment timezone peer dependency in a runtime error when missing using displayTimezone
  • b8af389 Fixes problems with input event overriding
  • 6596acb Removes windows environment from travis
  • 73d7150 Fixes linting. Adds displayTimeZone info to the change log
  • 1681e1d Bumps to v2.16
  • 1c92ea2 Merge branch 'display-time-zone' of https://github.com/custora/react-datetime into custora-display-time-zone
  • 87a4ca3 Bumps to v2.15.0
  • 49de8cf Merge pull request #542 from NicoDos/issue#525
  • 26446a9 Remove onTouchStart attribute when used together with onMouseDown
  • d40f6d8 Add onSubtractTime and onAddTime hooks (#508)
  • 0fbbc40 Add displayName to make debugging easier
  • d4bf16e Add tests for TS value and defaultValue
  • c6bf905 Add bullet point about dist files to PR template
  • 12add8e Version 2.14.0
  • db7315a Test viewDate in separate file
  • 405f4e8 Parse updated viewDate with moment()
  • a392b22 Leverage test helper method
  • 3b920b0 Use immutable variables for view modes
  • acd8fa5 Do not publish test folder to npm
  • 31d47f4 Specify why test is xit:ed
  • 7c6792c Fix failing test by using shallow instead of mount
  • 0fac4ac Dynamic viewDate
  • 94dde55 Version 2.13.0

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@atlslscsrv-app @snyk-bot