[Snyk] Upgrade: libsodium, nan, node-gyp #90
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade:
- libsodium from 0.7.10 to 0.7.15.
See this package in npm: https://www.npmjs.com/package/libsodium
- nan from 2.15.0 to 2.20.0.
See this package in npm: https://www.npmjs.com/package/nan
- node-gyp from 9.0.0 to 9.4.1.
See this package in npm: https://www.npmjs.com/package/node-gyp
See this project in Snyk:
https://app.snyk.io/org/blinkhash/project/a8cae574-e147-4e0a-a2b1-f8af9070f810?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade multiple dependencies.
👯♂ The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
libsodium
from 0.7.10 to 0.7.15 | 4 versions ahead of your current version | 25 days ago
on 2024-08-13
nan
from 2.15.0 to 2.20.0 | 5 versions ahead of your current version | 3 months ago
on 2024-06-12
node-gyp
from 9.0.0 to 9.4.1 | 6 versions ahead of your current version | 10 months ago
on 2023-10-27
Release notes
Package name: libsodium
-
0.7.15 - 2024-08-13
-
0.7.14 - 2024-07-09
-
0.7.13 - 2023-09-13
-
0.7.11 - 2023-02-16
-
0.7.10 - 2022-03-22
from libsodium GitHub release notes0.7.15
0.7.14
0.7.13
0.7.11
0.7.10
Package name: nan
-
2.20.0 - 2024-06-12
-
2.19.0 - 2024-03-06
-
2.18.0 - 2023-09-12
-
2.17.0 - 2022-10-10
-
2.16.0 - 2022-05-25
-
2.15.0 - 2021-08-04
from nan GitHub release notes2.20.0
2.19.0
2.18.0
2.17.0
2.16.0
2.15.0
Package name: node-gyp
-
9.4.1 - 2023-10-27
- Revert "update make-fetch-happen to 11.0.3 (#2796)" (82c2d64)
- update expired certs (#2908) (cd1b637)
- add release branches as ci targets (b68da05)
- add release-please to v9 branch (5a65d03)
- increase parallel install timeouts (fd77b34)
-
9.4.0 - 2023-06-13
- add support for native windows arm64 build tools (bb76021)
- Upgrade Python linting from flake8 to ruff (#2815) (fc0ddc6)
- extract tarball to temp directory on Windows (#2846) (aaa117c)
- log statement is for devDir not nodedir (#2840) (55048f8)
- get update-gyp.py to work with Python >= v3.5 (#2826) (337e8e6)
- docs/README.md add advise about deprecated node-sass (#2828) (6f3c2d3)
- Update README.md (#2822) (c7927e2)
- remove deprecated Node.js and Python (#2868) (a0b3d1c)
-
9.3.1 - 2022-12-19
- increase node 12 support to ^12.13 (#2771) (888efb9)
- update python test matrix (#2774) (38f01fa)
-
9.3.0 - 2022-10-11
- gyp: update gyp to v0.14.0 (#2749) (713b8dc)
- remove support for VS2015 in Node.js >=19 (#2746) (131d1a4)
- support IBM Open XL C/C++ on z/OS (#2743) (7d0c83d)
-
9.2.0 - 2022-10-04
- Add proper support for IBM i (a26494f)
- gyp: update gyp to v0.13.0 (3e2a532)
- node.js debugger adds stderr (but exit code is 0) -> shouldn't throw (#2719) (c379a74)
- enable support for zoslib on z/OS (#2600) (83c0a12)
- update dependency - nopt@6.0.0 (#2707) (8958ecf)
-
9.1.0 - 2022-07-14
- Update function getSDK() to support Windows 11 SDK (#2565) (ea8520e)
- extend tap timeout length to allow for slow CI (6f74c76)
- new ca & server certs, bundle in .js file and unpack for testing (147e3d3)
- re-label (#2689) (f0b7863)
- typo on readme (bf81cd4)
- update docs/README.md with latest version number (62d2815)
- update due to rename of primary branch (ca1f068)
- Try msvs-version: [2016, 2019, 2022] (#2700) (68b5b5b)
- Upgrade GitHub Actions (#2623) (245cd5b)
- Upgrade GitHub Actions (#2701) (1c64ca7)
-
9.0.0 - 2022-03-01
- increase "engines" to "node" : "^12.22 || ^14.13 || >=16" (#2601)
- _ in npm_config_ env variables (eef4eef)
- update make-fetch-happen to a minimum of 10.0.3 (839e414)
- add minimal SECURITY.md (#2560) (c2a1850)
- Add notes/disclaimers for upgrading the copy of node-gyp that npm uses (#2585) (faf6d48)
- Rename and update Common-issues.md --> docs/README.md (#2567) (2ef5fb8)
- rephrase explanation of which node-gyp is used by npm (#2587) (a2f2988)
- title match content (#2574) (6e8f93b)
- Update Python versions (#2571) (e069f13)
- add lib.target as path for searching libnode on z/OS (1d499dd)
- increase "engines" to "node" : "^12.22 || ^14.13 || >=16" (#2601) (6562f92)
- make-fetch-happen@10.0.1 (78f6660)
from node-gyp GitHub release notesBug Fixes
Tests
Miscellaneous
Features
Bug Fixes
Miscellaneous
Doc
Tests
Bug Fixes
Miscellaneous
Features
Features
Bug Fixes
Core
Miscellaneous
Features
Bug Fixes
Doc
Core
Tests
⚠ BREAKING CHANGES
Bug Fixes
Miscellaneous
Doc
Core
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: