caravaggio
Advanced tools
Comparing version 2.2.0 to 2.2.1
# Changelog | ||
## 2.2.1 | ||
- Minor fixes | ||
## 2.2.0 | ||
@@ -4,0 +8,0 @@ |
@@ -1,2 +0,2 @@ | ||
[{"type":"issue","check_name":"Vulnerable module \"tough-cookie\" identified","description":"`tough-cookie` Regular Expression Denial of Service","categories":["Security"],"remediation_points":300000,"content":{"body":"# Regular Expression Denial of Service\n## Overview:\nThe tough-cookie module is vulnerable to regular expression denial of service. Input of around 50k characters is required for a slow down of around 2 seconds.\n\nUnless node was compiled using the -DHTTP_MAX_HEADER_SIZE= option the default header max length is 80kb so the impact of the ReDoS is limited to around 7.3 seconds of blocking.\n\nAt the time of writing all version \u003c=2.3.2 are vulnerable\n\n## Recommendation:\nPlease update to version 2.3.3 or greater"},"location":{"path":"package-lock.json","lines":{"begin":3201,"end":3208}},"engine_name":"nodesecurity","fingerprint":"f06ee92c3bc4d7d37b51a549f59dd4f0","severity":"minor"}, | ||
{"type":"issue","check_name":"Vulnerable module \"debug\" identified","description":"`debug` Regular Expression Denial of Service","categories":["Security"],"remediation_points":300000,"content":{"body":"# Regular Expression Denial of Service\n## Overview:\nThe debug module is vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. It takes around 50k characters to block for 2 seconds making this a low severity issue.\n\n## Recommendation:\nUpgrade to version 2.6.9 or greater if you are on the 2.6.x series or 3.1.0 or greater."},"location":{"path":"package-lock.json","lines":{"begin":2550,"end":2557}},"engine_name":"nodesecurity","fingerprint":"82f98b1c73a1bd2659e5d0a968d287a5","severity":"minor"}] | ||
[{"type":"issue","check_name":"Vulnerable module \"tough-cookie\" identified","description":"`tough-cookie` Regular Expression Denial of Service","categories":["Security"],"remediation_points":300000,"content":{"body":"# Regular Expression Denial of Service\n## Overview:\nThe tough-cookie module is vulnerable to regular expression denial of service. Input of around 50k characters is required for a slow down of around 2 seconds.\n\nUnless node was compiled using the -DHTTP_MAX_HEADER_SIZE= option the default header max length is 80kb so the impact of the ReDoS is limited to around 7.3 seconds of blocking.\n\nAt the time of writing all version \u003c=2.3.2 are vulnerable\n\n## Recommendation:\nPlease update to version 2.3.3 or greater"},"location":{"path":"package-lock.json","lines":{"begin":3214,"end":3221}},"engine_name":"nodesecurity","fingerprint":"f06ee92c3bc4d7d37b51a549f59dd4f0","severity":"minor"}, | ||
{"type":"issue","check_name":"Vulnerable module \"debug\" identified","description":"`debug` Regular Expression Denial of Service","categories":["Security"],"remediation_points":300000,"content":{"body":"# Regular Expression Denial of Service\n## Overview:\nThe debug module is vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. It takes around 50k characters to block for 2 seconds making this a low severity issue.\n\n## Recommendation:\nUpgrade to version 2.6.9 or greater if you are on the 2.6.x series or 3.1.0 or greater."},"location":{"path":"package-lock.json","lines":{"begin":2563,"end":2570}},"engine_name":"nodesecurity","fingerprint":"82f98b1c73a1bd2659e5d0a968d287a5","severity":"minor"}] |
{ | ||
"name": "caravaggio", | ||
"version": "2.2.0", | ||
"version": "2.2.1", | ||
"description": "A blazing fast image processor service", | ||
@@ -38,10 +38,10 @@ "main": "index.js", | ||
"dependencies": { | ||
"config": "^1.29.2", | ||
"config": "^1.30.0", | ||
"fs-extra": "^5.0.0", | ||
"md5": "^2.2.1", | ||
"micro": "^9.1.0", | ||
"micro": "^9.1.4", | ||
"micro-redirect": "^1.0.0", | ||
"microrouter": "^3.0.0", | ||
"node-fetch": "^2.0.0-alpha.9", | ||
"pino": "^4.10.4", | ||
"microrouter": "^3.1.1", | ||
"node-fetch": "^2.1.2", | ||
"pino": "^4.15.3", | ||
"sharp": "^0.20.1", | ||
@@ -51,9 +51,9 @@ "yargs": "^11.0.0" | ||
"devDependencies": { | ||
"eslint": "^4.16.0", | ||
"eslint": "^4.19.1", | ||
"eslint-config-airbnb-base": "^12.1.0", | ||
"eslint-import-resolver-jest": "^2.0.0", | ||
"eslint-plugin-import": "^2.8.0", | ||
"eslint-plugin-jest": "^21.7.0", | ||
"jest": "^22.1.4", | ||
"micro-dev": "^2.2.0", | ||
"eslint-import-resolver-jest": "^2.1.1", | ||
"eslint-plugin-import": "^2.10.0", | ||
"eslint-plugin-jest": "^21.15.0", | ||
"jest": "^22.4.3", | ||
"micro-dev": "^2.2.2", | ||
"request-promise": "^4.2.2", | ||
@@ -60,0 +60,0 @@ "test-listen": "^1.1.0" |
@@ -10,3 +10,3 @@ module.exports = { | ||
buildDocumentationLink: doc => `https://ramiel.gitlab.io/caravaggio/docs/${doc}`, | ||
buildDocumentationLink: doc => `https://ramiel.gitlab.io/caravaggio/docs/${doc || 'docs.html'}`, | ||
@@ -13,0 +13,0 @@ isPercentage: percentage => `${percentage}`.indexOf('.') !== -1, |
Sorry, the diff of this file is not supported yet
62790
Updatedconfig@^1.30.0
Updatedmicro@^9.1.4
Updatedmicrorouter@^3.1.1
Updatednode-fetch@^2.1.2
Updatedpino@^4.15.3