[Snyk] Upgrade sinon from 14.0.0 to 15.2.0 #55

Woodpile37 · 2023-08-26T17:40:40Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade sinon from 14.0.0 to 15.2.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

The recommended version is 11 versions ahead of your current version.
The recommended version was released 2 months ago, on 2023-06-20.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Prototype Pollution SNYK-JS-LOADERUTILS-3043105	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Uncaught Exception SNYK-JS-YAML-5458867	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Prototype Poisoning SNYK-JS-QS-3153490	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Uncaught Exception SNYK-JS-ENGINEIO-2336356	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-MOCHA-2863123	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Prototype Pollution SNYK-JS-FASTJSONPATCH-3182961	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-FASTXMLPARSER-3325616	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-FASTXMLPARSER-5668858	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Prototype Pollution SNYK-JS-LOADERUTILS-3043105	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Prototype Pollution SNYK-JS-FASTXMLPARSER-3325616	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-FASTXMLPARSER-5668858	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Prototype Pollution SNYK-JS-LOADERUTILS-3043105	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIHTML-1296849	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Prototype Poisoning SNYK-JS-QS-3153490	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Prototype Pollution SNYK-JS-OBJECTPATH-1585658	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Authorization Bypass Through User-Controlled Key SNYK-JS-PARSEPATH-2936439	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-ASYNC-2441827	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Prototype Pollution SNYK-JS-ASYNC-2441827	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Denial of Service (DoS) SNYK-JS-DICER-2311764	589/1000 Why? Has a fix available, CVSS 7.5	Mature
Denial of Service (DoS) SNYK-JS-DICER-2311764	589/1000 Why? Has a fix available, CVSS 7.5	Mature
Prototype Pollution SNYK-JS-UNSETVALUE-2400660	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Sandbox Bypass SNYK-JS-WEBPACK-3358798	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-XSS-1584355	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Information Exposure SNYK-JS-GATSBYCLI-5671903	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Open Redirect SNYK-JS-GOT-2932019	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Improper Authentication SNYK-JS-JSONWEBTOKEN-3180022	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Server-side Request Forgery (SSRF) SNYK-JS-PARSEURL-3023021	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Improper Input Validation SNYK-JS-PARSEURL-3024398	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-PROMPTS-1729737	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Information Exposure SNYK-JS-NODEFETCH-2342118	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Improper Restriction of Security Token Assignment SNYK-JS-JSONWEBTOKEN-3180024	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Use of a Broken or Risky Cryptographic Algorithm SNYK-JS-JSONWEBTOKEN-3180026	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Information Exposure SNYK-JS-EVENTSOURCE-2823375	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Information Exposure SNYK-JS-NODEFETCH-2342118	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Prototype Pollution SNYK-JS-OBJECTPATH-1569453	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Open Redirect SNYK-JS-GOT-2932019	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-IMMER-1540542	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-JSON5-3182856	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-JSON5-3182856	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-JSON5-3182856	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-CSSWHAT-1298035	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SIDEWAYFORMULA-3317169	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Undesired Behavior SNYK-JS-STYLEDCOMPONENTS-3149924	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
Improper Input Validation SNYK-JS-SOCKETIOPARSER-3091012	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Improper Input Validation SNYK-JS-SOCKETIOPARSER-3091012	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
Improper Input Validation SNYK-JS-SOCKETIOPARSER-3091012	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: sinon

from sinon GitHub release notes

Commit messages

Package name: sinon

c97f511 15.2.0
11fe43c lockfile update
66b0081 Use fake-timers v10.1.0 re-released as v10.3.0
a79ccae Support callable instances (Rework styling using styled-components badges/shields#2517)
d220c99 fix: bundling compatibility with webpack@5 (Overhaul initialization pattern for server + server tests [githubpullrequestcheckstate githublicense pypi] badges/shields#2519)
b4f868d 15.1.2
02b73ae Update lock file after removing node_modules ...
0720b2f 15.1.1
2e4918d Update lock file
194fc2e Change fake-timers version to target the one containing the 'jump' feature
05f05ac docs: Remove threw(obj) from docs (Bump danger from 6.1.11 to 6.1.12 badges/shields#2513)
7e13966 15.1.0
79e719f Ensure we use a fake-timers version with clock.jump
f096abf fix (Old pypi version in README badges/shields#2514): only force new or inherited descriptors to be configurable (use baseUrl in markup modal path badges/shields#2515)
b2a4df5 Add docs for clock.jump method (Improved [MicroBadger] tests speed badges/shields#2512)
fb6e695 Bump nokogiri from 1.13.10 to 1.14.3
53e287f Bump yaml from 2.2.1 to 2.2.2 (Delegate logos to simple-icons badges/shields#2510)
100991f avoid conflicts on releases branch
b252475 15.0.4
e9042c4 Handling non-configurable object descriptors on the prototype (Bump next from 6.1.2 to 7.0.2 badges/shields#2508)
3b41aff Use the correct version of stale action
430c9a6 Remove uses of `var` (Bump sinon from 7.1.1 to 7.2.0 badges/shields#2506)
cd45bfa Update script line
64f31b6 fix: uncomment test assertions

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade sinon from 14.0.0 to 15.2.0. See this package in npm: https://www.npmjs.com/package/sinon See this project in Snyk: https://app.snyk.io/org/woodpile37/project/cfce79e3-c267-4a26-81c2-a4c293cede42?utm_source=github&utm_medium=referral&page=upgrade-pr

changeset-bot · 2023-08-26T17:40:43Z

⚠️ No Changeset found

Latest commit: 6279568

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade sinon from 14.0.0 to 15.2.0 #55

[Snyk] Upgrade sinon from 14.0.0 to 15.2.0 #55

Woodpile37 commented Aug 26, 2023

changeset-bot bot commented Aug 26, 2023

[Snyk] Upgrade sinon from 14.0.0 to 15.2.0 #55

Are you sure you want to change the base?

[Snyk] Upgrade sinon from 14.0.0 to 15.2.0 #55

Conversation

Woodpile37 commented Aug 26, 2023

Snyk has created this PR to upgrade sinon from 14.0.0 to 15.2.0.

changeset-bot bot commented Aug 26, 2023

⚠️ No Changeset found