[Snyk] Upgrade jasmine-core from 3.4.0 to 3.9.0 #9

snyk-bot · 2021-09-20T07:04:26Z

Snyk has created this PR to upgrade jasmine-core from 3.4.0 to 3.9.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 6 versions ahead of your current version.
The recommended version was released a month ago, on 2021-08-21.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Prototype Pollution SNYK-JS-LODASH-608086	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-LODASH-590103	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-LODASH-567746	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Denial of Service (DoS) SNYK-JS-HTTPPROXY-569139	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: jasmine-core

3.9.0 - 2021-08-21
Please see the release notes.
3.8.0 - 2021-07-02
Please see the release notes.
3.7.1 - 2021-03-19
Please see the release notes.
3.7.0 - 2021-03-18
Please see the release notes
3.6.0 - 2020-07-23
Please see the release notes
3.5.0 - 2019-09-21
Please see the release notes
3.4.0 - 2019-04-04
Please see the release notes

from jasmine-core GitHub release notes

Commit messages

Package name: jasmine-core

a6d7eb2 Bump version to 3.9.0
dd8a65c Better reporting of unhandled promise rejections with truthy but non-`Error` reasons on Node
e72d161 Return a promise from Env#execute in environments that support promises
dcaac62 Updated deprecaton messages for Env#throwOnExpectationFailure() and Env#stopOnSpecFailure()
b696bec Renamed failFast and oneFailurePerSpec config props to stopOnSpecFailure and stopSpecOnExpectationFailure
43073b3 Added API docs for Suite#id and Spec#id
2865249 Split boot.js in two to allow the env to be configured in between
2c32dd5 Run browser-flakes build before regular cron build
c1d1d69 Fixed test failures in Chrome and Edge
3513249 Built distribution
21bfbbb Merge branch 'iserror-tt' of https://github.com/bjarkler/jasmine into main
88b90ec Backfilled unit tests for j$.isError_
50c88e7 Mark Env#hideDisabled deprecated in jsdocs
3e64ce3 Removed property tests for MatchersUtil#equals
00586e5 Bump version to 3.8.0
dc80a28 Make j$.isError_ compatible with Trusted Types
27c650e Updated package description
56daa6f Merge branch 'select-spec' of https://github.com/jlpstolwijk/jasmine into main
e4c7d8a new attempt for fixing Use xcolor over color for \fcolorbox where available for LaTeX output sphinx-doc/sphinx#1906: add window.location.pathname to hrefs + comments + fixed tests
ee88ecc Revert "add url pathName in toQueryString function - fixes (https://snyk.io/redirect/github/HTML Reporter for angular (karma) always runs all specs jasmine/jasmine#1906 ) + comment + test"
ec03827 Updated contributing guide
c5bdd79 Added TS typings and jasmine-browser-runner to issue template
dbc1a0a Added expectAsync(...).already
5862b22 Include rejection details in failure messages for toBeResolved and toBeResolvedWith