[Snyk] Upgrade sinon from 7.3.1 to 7.5.0 #15

snyk-bot · 2021-04-10T21:49:45Z

Snyk has created this PR to upgrade sinon from 7.3.1 to 7.5.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 4 versions ahead of your current version.
The recommended version was released 2 years ago, on 2019-09-23.

Release notes

Package name: sinon

7.5.0 - 2019-09-23
7.5.0
7.4.2 - 2019-09-02
7.4.2
7.4.1 - 2019-08-06
7.4.1
7.3.2 - 2019-04-17
7.3.2
7.3.1 - 2019-03-27
7.3.1

from sinon GitHub release notes

Commit messages

Package name: sinon

7835301 Update docs/changelog.md and set new release id in docs/_config.yml
4978898 Add release documentation for v7.5.0
5d0adf7 7.5.0
c0e68b6 Update CHANGELOG.md and AUTHORS for new release
bf26967 Merge pull request Setting the transitionDuration to 0 after it has been set, requires "0ms" instead of 0 jquery/jquery#2080 from dpmott/issue-2006-Sinon.assert.calledOnceWithExactly
c3e9512 Merge branch '2027-apply-feedback'
9c4bbf1 refactor: extract and share common tests for spies/stubs
3dd59a5 Update docs/changelog.md and set new release id in docs/_config.yml
5419db2 Add release documentation for v7.4.2
d163383 7.4.2
ad553d1 Update CHANGELOG.md and AUTHORS for new release
bbe6f5e Upgrade nise to latest
78a676f Update @ sinonjs/samsam to latest
157b537 Restore sinon.createStubInstance() behaviour (Standardize custom pseudo object jquery/jquery#2073)
766cae4 Merge pull request Nested table :even and :odd selector returns wrong expected set jquery/jquery#2076 from sinonjs/github-workflow
fed2129 Proposed resolution to issue 2006
261c4cd renamed step
8525f4d trying built-in coveralls support
cf0f402 added coveralls (via npx)
88cf7a9 added code coverage
e716d8d Upgrade eslint to latest
4e7bcef Bump eslint-utils from 1.3.1 to 1.4.2
2b1b2df Fix Typo in migration 6 and updated migration docs for migration from… (Please use qmik to develop mobile html5 jquery/jquery#2074)
8723ed0 removed node 6

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade sinon from 7.3.1 to 7.5.0. See this package in npm: https://www.npmjs.com/package/sinon See this project in Snyk: https://app.snyk.io/org/kadirselcuk/project/28ac5072-f66b-4183-bbda-99b4324cbf96?utm_source=github&utm_medium=upgrade-pr

mistaken-pull-closer · 2021-04-10T21:49:50Z

Thanks for your submission.

It appears that you've created a pull request using one of our repository's branches. Since this is
almost always a mistake, we're going to go ahead and close this. If it was intentional, please
let us know what you were intending and we can see about reopening it.

Thanks again!

pull-dog · 2021-04-10T21:49:51Z

*Ruff* 🐶 I wasn't able to find any Docker Compose files in your repository at any of the given paths in the pull-dog.json configuration file, or the default docker-compose.yml file 😩 Make sure the given paths are correct.

Files checked:

docker-compose.yml

What is this?

Pull Dog is a GitHub app that makes test environments for your pull requests using Docker, from a docker-compose.yml file you specify. It takes 19 seconds to set up (we counted!) and there's a free plan available.

Visit our website to learn more.

Commands

@pull-dog up to reprovision or provision the server.
@pull-dog down to delete the provisioned server.

Troubleshooting

Need help? Don't hesitate to file an issue in our repository

Configuration

{
  "isLazy": false,
  "dockerComposeYmlFilePaths": [
    "docker-compose.yml"
  ],
  "expiry": "00:00:00",
  "conversationMode": "singleComment"
}

Trace ID
aa5382c0-9a46-11eb-80c1-6cb6aa174fc9

guardrails · 2021-04-10T21:51:07Z

⚠️ We detected 118 security issues in this pull request:
Mode: paranoid | Total findings: 118 | Considered vulnerability: 0

Hard-Coded Secrets (2)

jquery/test/unit/event.js

Line 1182 in 159bce9

$child.trigger( { "type": "foo", "secret": "boo!" } );

jquery/test/unit/selector.js

Line 2115 in 159bce9

assert.equal( jQuery.escapeSelector( "a0123456789b" ), "a0123456789b",

More info on how to fix Hard-Coded Secrets in General.

Insecure File Management (41)

jquery/Gruntfile.js

Line 9 in 159bce9

fs.readFileSync( filepath, { encoding: "utf8" } )

jquery/build/release.js

Line 25 in 159bce9

var contents = fs.readFileSync( filepath, "utf8" );

jquery/build/release.js

Line 27 in 159bce9

fs.writeFileSync( filepath, contents, "utf8" );

jquery/build/release/cdn.js

Line 46 in 159bce9

text = fs.readFileSync( builtFile, "utf8" )

jquery/build/release/cdn.js

Line 51 in 159bce9

fs.writeFileSync( releaseFile, text );

jquery/build/release/cdn.js

Line 74 in 159bce9

output = fs.createWriteStream(

jquery/build/release/cdn.js

Line 93 in 159bce9

fs.writeFileSync( md5file, sum );

jquery/build/release/cdn.js

Line 97 in 159bce9

archiver.append( fs.createReadStream( file ),

jquery/build/release/dist.js

Line 8 in 159bce9

const pkg = require( `${ Release.dir.repo }/package.json` );

jquery/build/release/dist.js

Line 73 in 159bce9

const readme = await fs.readFile(

jquery/build/release/dist.js

Line 106 in 159bce9

await fs.writeFile( `${ Release.dir.dist }/bower.json`, generateBower() );

jquery/build/release/dist.js

Line 108 in 159bce9

await fs.writeFile( `${ Release.dir.dist }/README.md`,

jquery/build/tasks/build.js

Line 102 in 159bce9

fs.readdirSync( `${ srcFolder }/${ prepend }${ module }` ),

jquery/build/tasks/build.js

Line 154 in 159bce9

fs.readdirSync( `${ srcFolder }/${ module }` ),

jquery/build/tasks/dist.js

Line 33 in 159bce9

text = fs.readFileSync( filename, "utf8" );

jquery/build/tasks/node_smoke_tests.js

Line 15 in 159bce9

fs.readdirSync( testsDir )

jquery/build/tasks/node_smoke_tests.js

Line 17 in 159bce9

fs.statSync( testsDir + testFilePath ).isFile() &&

jquery/build/tasks/qunit_fixture.js

Line 8 in 159bce9

fs.writeFileSync(

jquery/build/tasks/sourcemap.js

Line 13 in 159bce9

var text = fs.readFileSync( minLoc, "utf8" )

jquery/build/tasks/sourcemap.js

Line 15 in 159bce9

fs.writeFileSync( minLoc, text );

jquery/src/ajax/xhr.js

Line 24 in 159bce9

xhr.open(

jquery/test/data/jquery-1.9.1.js

Line 8753 in 159bce9

xhr.open( s.type, s.url, s.async, s.username, s.password );

jquery/test/data/jquery-1.9.1.js

Line 8755 in 159bce9

xhr.open( s.type, s.url, s.async );

jquery/test/data/testinit.js

Line 329 in 159bce9

require( [ parentUrl + "test/data/testrunner.js" ], function() {

jquery/test/data/testinit.js

Line 366 in 159bce9

require( [ parentUrl + "test/" + dep ], loadDep );

jquery/test/data/testinit.js

Line 389 in 159bce9

    
           require( [ "http://swarm.jquery.org/js/inject.js?" + ( new Date() ).getTime() ],

jquery/test/jquery.js

Line 89 in 159bce9

require( [ src ], loadTests );

jquery/test/jquery.js

Line 91 in 159bce9

require( [ src ] );

jquery/test/middleware-mockserver.js

Line 134 in 159bce9

var body = fs.readFileSync( __dirname + "/data/with_fries.xml" ).toString();

jquery/test/middleware-mockserver.js

Line 214 in 159bce9

var body = fs.readFileSync( __dirname + "/data/test.include.html" ).toString();

jquery/test/middleware-mockserver.js

Line 223 in 159bce9

var body = fs.readFileSync( __dirname + "/data/csp.include.html" ).toString();

jquery/test/middleware-mockserver.js

Line 232 in 159bce9

var body = fs.readFileSync(

jquery/test/middleware-mockserver.js

Line 241 in 159bce9

var body = fs.readFileSync(

[Snyk] Upgrade sinon from 7.3.1 to 7.5.0 #15

Are you sure you want to change the base?

[Snyk] Upgrade sinon from 7.3.1 to 7.5.0 #15

Conversation

snyk-bot commented Apr 10, 2021

Snyk has created this PR to upgrade sinon from 7.3.1 to 7.5.0.

mistaken-pull-closer bot commented Apr 10, 2021

pull-dog bot commented Apr 10, 2021

guardrails bot commented Apr 10, 2021