Ran
|
Files
1
|
Run time
0s
|
Badge
Embed ▾
README BADGES
|
push
travis-ci
Merge #34 34: build(deps): [security] bump acorn from 6.1.1 to 6.4.1 r=jniles a=dependabot-preview[bot] Bumps [acorn](https://github.com/acornjs/acorn) from 6.1.1 to 6.4.1. **This update includes a security fix.** <details> <summary>Vulnerabilities fixed</summary> <p><em>Sourced from <a href="https://github.com/advisories/GHSA-7fhm-mqm4-2wp7">The GitHub Security Advisory Database</a>.</em></p> <blockquote> <p><strong>Moderate severity vulnerability that affects acorn, minimist, and svjsl</strong> There are high severity security vulnerabilities in two of ESLints dependencies: - <a href="https://app.snyk.io/vuln/SNYK-JS-ACORN-559469">acorn</a> - <a href="https://app.snyk.io/vuln/SNYK-JS-MINIMIST-559764">minimist</a></p> <p>The releases 1.8.3 and lower of svjsl (JSLib-npm) are vulnerable, but only if installed in a developer environment. A patch has been released (v1.8.4) which fixes these vulnerabilities.</p> <p>Identifiers:</p> <ul> <li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7598">CVE-2020-7598</a></li> <li>SNYK-JS-ACORN-559469 (doesn&#39;t have a CVE identifier)</li> </ul> <p>Affected versions: >= 6.0.0 < 6.4.1</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/acornjs/acorn/commit/9a2e9b667"><code>9a2e9b6</code></a> Mark version 6.4.1</li> <li><a href="https://github.com/acornjs/acorn/commit/90a9548ea"><code>90a9548</code></a> More rigorously check surrogate pairs in regexp validator</li> <li><a href="https://github.com/acornjs/acorn/commit/df0cf1a3e"><code>df0cf1a</code></a> Mark version 6.4.0</li> <li><a href="https://github.com/acornjs/acorn/commit/530341268"><code>5303412</code></a> Also export Parser via Parser.acorn</li> <li><a href="https://github.com/acornjs/acorn/commit/efe273e70"><code>efe273e</code... (continued)
17 of 27 branches covered (62.96%)
Branch coverage included in aggregate %.
39 of 64 relevant lines covered (60.94%)
38.81 hits per line
Coverage | ∆ | File | Lines | Relevant | Covered | Missed | Hits/Line | Branch Hits | Branch Misses |
---|