Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade @testing-library/jest-dom from 5.16.2 to 5.17.0 #38

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-io[bot]
Copy link

@snyk-io snyk-io bot commented May 21, 2024

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade @testing-library/jest-dom from 5.16.2 to 5.17.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 4 versions ahead of your current version.

  • The recommended version was released 10 months ago, on 2023-07-18.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Denial of Service (DoS)
SNYK-JS-DECODEURICOMPONENT-3149970
159/1000
Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00224, Social Trends: No, Days since published: 539, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.65, Score Version: V5
Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: @testing-library/jest-dom from @testing-library/jest-dom GitHub release notes
Commit messages
Package name: @testing-library/jest-dom

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

Snyk has created this PR to upgrade @testing-library/jest-dom from 5.16.2 to 5.17.0.

See this package in npm:
@testing-library/jest-dom

See this project in Snyk:
https://app.snyk.io/org/hawthorne001/project/e19e34ea-1d5e-4f3b-87d6-93c28d31ca2e?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr
Copy link

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@ampproject/[email protected] None 0 78.9 kB jridgewell
npm/@babel/[email protected] environment +1 29.8 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 65.2 kB nicolo-ribaudo
npm/@babel/[email protected] environment, filesystem, unsafe +2 879 kB nicolo-ribaudo
npm/@babel/[email protected] None +1 525 kB nicolo-ribaudo
npm/@babel/[email protected] None +2 82.5 kB nicolo-ribaudo
npm/@babel/[email protected] None +3 69.2 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 6.56 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 21.6 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 7.03 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 50.5 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 63.8 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 158 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 14.1 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 10.7 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 49.2 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 11.7 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 650 kB nicolo-ribaudo
npm/@babel/[email protected] environment +2 41 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 1.89 MB nicolo-ribaudo
npm/@babel/[email protected] None +1 200 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 68.9 kB nicolo-ribaudo
npm/@babel/[email protected] None +1 658 kB nicolo-ribaudo
npm/@babel/[email protected] environment +1 2.42 MB nicolo-ribaudo
npm/@jridgewell/[email protected] None +1 116 kB jridgewell
npm/@jridgewell/[email protected] None 0 53.2 kB jridgewell
npm/@jridgewell/[email protected] None 0 17.9 kB jridgewell
npm/@jridgewell/[email protected] None +1 215 kB jridgewell
npm/@sindresorhus/[email protected] None 0 40.2 kB sindresorhus
npm/@szmarczak/[email protected] None 0 6.3 kB szmarczak
npm/@types/[email protected] None 0 79 kB types
npm/@types/[email protected] None 0 7.2 kB types
npm/@types/[email protected] None 0 32.2 kB types
npm/@types/[email protected] None 0 690 kB types
npm/@types/[email protected] None 0 10.6 kB types
npm/@ungap/[email protected] None 0 4.88 kB webreflection
npm/@vue/[email protected] environment Transitive: filesystem, network, shell, unsafe +198 10.2 MB soda
npm/@vue/[email protected] environment, filesystem Transitive: network, shell, unsafe +88 8.08 MB soda
npm/@vue/[email protected] environment, filesystem Transitive: eval, network, shell, unsafe +350 28.3 MB soda
npm/@vue/[email protected] environment Transitive: eval, filesystem, unsafe +11 19.5 MB soda
npm/[email protected] None 0 4.78 kB isaacs
npm/[email protected] None 0 16.6 kB dougwilson
npm/[email protected] None 0 42.8 kB marijn
npm/[email protected] None 0 466 kB marijn
npm/[email protected] None 0 7.68 kB nexdrew
npm/[email protected] environment 0 24.4 kB jonschlinkert
npm/[email protected] None 0 7.46 kB thlorenz
npm/[email protected] None 0 9.44 kB paulmillr
npm/[email protected] None 0 5.64 kB chaijs
npm/[email protected] None 0 6.7 kB juliangruber
npm/[email protected] None 0 8.89 kB dougwilson
npm/[email protected] None 0 5.07 kB sindresorhus
npm/[email protected] network 0 56.4 kB dougwilson
npm/[email protected] None 0 12.7 kB sindresorhus
npm/[email protected] None 0 2.3 kB kumavis
npm/[email protected] environment, filesystem +1 2.12 MB ai
npm/[email protected] None 0 11 kB dougwilson
npm/[email protected] network +2 31.9 kB lukechilds
npm/[email protected] None 0 1.53 MB caniuse-lite
npm/[email protected] filesystem 0 66 kB thlorenz
npm/[email protected] network 0 200 kB chaijs
npm/[email protected] None 0 735 kB chaijs
npm/[email protected] None 0 20.2 kB chaijs
npm/[email protected] environment, filesystem 0 87.9 kB paulmillr
npm/[email protected] environment 0 12.8 kB watson
npm/[email protected] None 0 4.76 kB hirokiosame
npm/[email protected] None 0 5.69 kB sindresorhus
npm/[email protected] None 0 4.61 kB lukechilds
npm/[email protected] None 0 11.8 kB jorgebucaran
npm/[email protected] None 0 8 kB nami-doc
npm/[email protected] None 0 7.61 kB sindresorhus
npm/[email protected] None 0 19.1 kB dougwilson
npm/[email protected] None 0 15.9 kB phated
npm/[email protected] None 0 17.9 kB dougwilson
npm/[email protected] None 0 14.4 kB andyburke
npm/[email protected] None +1 603 kB zloirock
npm/[email protected] environment, eval, filesystem 0 986 kB zloirock
npm/[email protected] None 0 23.2 kB isaacs
npm/[email protected] environment 0 27.4 kB kentcdodds
npm/[email protected] environment, filesystem, shell 0 20.5 kB satazor
npm/[email protected] Transitive: environment, filesystem, shell +46 2.83 MB ludovicofischer
npm/[email protected] environment 0 42.4 kB qix
npm/[email protected] None 0 4 kB sindresorhus
npm/[email protected] None 0 3.54 kB sindresorhus
npm/[email protected] None 0 54 kB chaijs
npm/[email protected] None 0 9.19 kB unclechu
npm/[email protected] network 0 5.45 kB szmarczak
npm/[email protected] None 0 23.6 kB salakar
npm/[email protected] None 0 369 kB kpdecker
npm/[email protected] None 0 11.4 kB feedic
npm/[email protected] None 0 44.6 kB feedic
npm/[email protected] None 0 9.42 kB sindresorhus
npm/[email protected] None 0 6.43 kB floatdrop
npm/[email protected] None 0 290 kB kilianvalkhof
npm/[email protected] None 0 6.28 kB sindresorhus
npm/[email protected] filesystem, unsafe +7 3.51 MB ota-meshi
npm/[email protected] filesystem Transitive: environment, eval, unsafe +54 7.91 MB eslintbot
npm/[email protected] eval, filesystem, unsafe 0 309 kB jdalton
npm/[email protected] None +1 1.28 MB eslintbot
npm/[email protected] environment, filesystem, network 0 208 kB dougwilson
npm/[email protected] None 0 23.5 kB ljharb
npm/[email protected] None 0 26.6 kB timoxley
npm/[email protected] filesystem, network 0 41.3 kB alexindigo
npm/[email protected] filesystem 0 85.1 kB tunnckocore
npm/[email protected] None 0 5.55 kB dougwilson
npm/[email protected] None 0 44.8 kB paulmillr
npm/[email protected] eval 0 9.04 kB mafintosh
npm/[email protected] None 0 9.83 kB chaijs
npm/[email protected] environment, filesystem 0 32.5 kB isaacs
npm/[email protected] environment, shell +4 1.78 MB simenb
npm/[email protected] None 0 10.4 kB isaacs
npm/[email protected] None 0 235 kB jordanbtucker
npm/[email protected] environment, filesystem, shell +2 38.9 kB soda
npm/[email protected] eval, filesystem 0 18.4 kB sokra
npm/[email protected] None 0 1.41 MB bnjmnt4n
npm/[email protected] filesystem 0 10 kB sindresorhus
npm/[email protected] None 0 8.9 kB zensh
npm/[email protected] None 0 55.9 kB jonschlinkert
npm/[email protected] None 0 206 kB dougwilson
npm/[email protected] None 0 18.3 kB dougwilson
npm/[email protected] None +3 57.8 kB isaacs
npm/[email protected] None 0 33.2 kB substack
npm/[email protected] None 0 6.84 kB styfle
npm/[email protected] None 0 34 kB chicoxyzzy
npm/[email protected] None 0 9.22 kB jonschlinkert
npm/[email protected] None +1 15.3 kB feedic
npm/[email protected] None 0 19.1 kB indutny
npm/[email protected] None +1 7.01 kB isaacs
npm/[email protected] None +1 10.6 kB sindresorhus
npm/[email protected] environment, filesystem, shell +1 50.8 kB sindresorhus
npm/[email protected] None 0 10.3 kB dougwilson
npm/[email protected] None 0 4.55 kB sindresorhus
npm/[email protected] None 0 90 kB mrmlnc
npm/[email protected] None +1 201 kB evilebottnawi
npm/[email protected] None 0 27.2 kB evilebottnawi
npm/[email protected] environment, filesystem +3 362 kB ai
npm/[email protected] None 0 8.46 kB dougwilson
npm/[email protected] filesystem +13 182 kB sindresorhus
npm/[email protected] environment +1 137 kB matteo.collina
npm/[email protected] environment, filesystem +5 212 kB ljharb
npm/[email protected] None +2 35.1 kB jonschlinkert
npm/[email protected] None 0 9.96 kB isaacs
npm/[email protected] None 0 805 kB tromey
npm/[email protected] None +1 53.4 kB sindresorhus
npm/[email protected] None 0 4.03 kB sindresorhus
npm/[email protected] None 0 6.96 kB sindresorhus
npm/[email protected] None 0 46.9 kB sokra
npm/[email protected] Transitive: environment, filesystem, network, unsafe +31 6.17 MB evilebottnawi
npm/[email protected] environment, eval Transitive: filesystem, shell +9 2.91 MB fabiosantoscode
npm/[email protected] None +1 57.9 kB gkz
npm/[email protected] None 0 4.31 kB dougwilson
npm/[email protected] None 0 5.48 kB tootallnate
npm/[email protected] environment 0 27.4 kB soda
npm/[email protected] environment, eval +1 418 kB posva
npm/[email protected] environment 0 2.97 MB posva
npm/[email protected] None +1 22.4 kB indutny
npm/[email protected] network +2 148 kB jcoglan
npm/[email protected] environment 0 448 kB eemeli

🚮 Removed packages: npm/@ampproject/[email protected], npm/@apideck/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@babel/[email protected], npm/@bcoe/[email protected], npm/@csstools/[email protected], npm/@csstools/[email protected], npm/@csstools/[email protected], npm/@csstools/[email protected], npm/@csstools/[email protected], npm/@csstools/[email protected], npm/@csstools/[email protected], npm/@csstools/[email protected], npm/@csstools/[email protected], npm/@eslint/[email protected], npm/@humanwhocodes/[email protected], npm/@istanbuljs/[email protected], npm/@istanbuljs/[email protected], npm/@jest/[email protected], npm/@jest/[email protected], npm/@jest/[email protected], npm/@jest/[email protected], npm/@jest/[email protected], npm/@jest/[email protected], npm/@jest/[email protected], npm/@jest/[email protected], npm/@jest/[email protected], npm/@jest/[email protected], npm/@jest/[email protected], npm/@jridgewell/[email protected], npm/@jridgewell/[email protected], npm/@jridgewell/[email protected], npm/@pmmmwh/[email protected], npm/@rollup/[email protected], npm/@rollup/[email protected], npm/@rollup/[email protected], npm/@rollup/[email protected], npm/@rushstack/[email protected], npm/@sheerun/[email protected], npm/@sinonjs/[email protected], npm/@sinonjs/[email protected], npm/@surma/[email protected], npm/@svgr/[email protected], npm/@svgr/[email protected], npm/@svgr/[email protected], npm/@svgr/[email protected], npm/@svgr/[email protected], npm/@svgr/[email protected], npm/@svgr/[email protected], npm/@svgr/[email protected], npm/@svgr/[email protected], npm/@svgr/[email protected], npm/@svgr/[email protected], npm/@svgr/[email protected], npm/@svgr/[email protected], npm/@svgr/[email protected], npm/@testing-library/[email protected], npm/@testing-library/[email protected], npm/@testing-library/[email protected], npm/@testing-library/[email protected], npm/@tootallnate/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@types/[email protected], npm/@typescript-eslint/[email protected], npm/@typescript-eslint/[email protected], npm/@typescript-eslint/[email protected], npm/@typescript-eslint/[email protected], npm/@typescript-eslint/[email protected], npm/@typescript-eslint/[email protected], npm/@typescript-eslint/[email protected], npm/@typescript-eslint/[email protected], npm/@typescript-eslint/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

Copy link

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert Package NoteSource
Install scripts npm/[email protected]
  • Install script: install
  • Source: node bin/install.js

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants