Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: upgrade ua-parser-js from 1.0.35 to 1.0.37 #2981

Merged
merged 1 commit into from
Jan 23, 2024

Conversation

sandeepdsvs
Copy link
Contributor

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade ua-parser-js from 1.0.35 to 1.0.37.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 2 versions ahead of your current version.
  • The recommended version was released 2 months ago, on 2023-10-27.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Improper Input Validation
SNYK-JS-FOLLOWREDIRECTS-6141137
544/1000
Why? Proof of Concept exploit, Recently disclosed, CVSS 7.3
Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: ua-parser-js
  • 1.0.37 - 2023-10-27

    Bump version 1.0.37 (mirror of 0.7.37)

  • 1.0.36 - 2023-09-09

    Bump version 1.0.36

  • 1.0.35 - 2023-04-01
from ua-parser-js GitHub release notes
Commit messages
Package name: ua-parser-js
  • 8087a1b Bump version 1.0.37 (mirror of 0.7.37)
  • d30ad46 Bump version 0.7.37
  • 5302e2d Update changelog
  • f3de7b7 Backport - Improve browser detection: WeChat (cherry picked from commit 17f0c1e1cd4c6c63a726ab4b360a880fa5e91478)
  • c41100e Backport - Improve browser detection: unified name for Baidu (cherry picked from commit 9cc274fb6f53c3afc54c9c822d45693214050142)
  • 23c5d77 Backport - Improve browser detection: remove unnecessary extra space in "Avant " (cherry picked from commit f56073bb3e38e9027afee9d4df0accd768f25de6)
  • e3d5f76 Backport - Improve browser detection: rename "Samsung Browser" to "Samsung Internet" (cherry picked from commit 5c10e2b1070abb48f4549827533877f88139df93)
  • 02af42f Backport - Fix master -> saas #682 - Add new browser: Smart Lenovo Browser (cherry picked from commit d565f65280a6608641ceb17a75fd630ffc6c0a85)
  • 57d1ac0 Backport - Fix Transform stats #683 - change MetaSr into Sogou Explorer (+add Sogou Mobile) (cherry picked from commit 69ed6cec77685ff91cfe24fc819c9aeba21c2e31)
  • ea2c829 Backport - Fix misidentified WebView token as device model - found in Adjust - revamp #681 (cherry picked from commit b51ae9eb387b54223a3c481ab78484a0337e3393)
  • 3b896d5 Backport - Fix Adjust - revamp #681 - Add new browser: Vivo Browser (cherry picked from commit 125f0d9f16048889f81c3d1fd35f4d49c4564f3d)
  • 5a724cb Backport - Increase UA_MAX_LENGTH to 500 (cherry picked from commit e614108911a947b5381f87e22b34ae33fa30de12)
  • c761396 Backport - Fix Make webhook content-type header case insensitive #563 Appsflyer OS parameter inclusion #631 - Add new browser: Alipay (cherry picked from commit 77e0aa1ac67f5a875539b546bd2d1a5c962373b0)
  • 310cab9 Backport - add Klarna Shopping Browser UA parser (master -> saas #669) (cherry picked from commit 177a496c34f718d2f77083ed98807a2535c1c0d4)
  • c6dea63 Backport - Fix Added a basic comment to trigger change #651 - Improve device detection: Xiaomi Redmi (cherry picked from commit aa76da90d9c9248b49ece250129b617052f40bc0)
  • daab1e7 Backport - Add new device vendor: Ulefone (cherry picked from commit 817c5835efb7767d11acd714453aafd785edfabb)
  • f78e468 Backport - Improve device detection: Realme (cherry picked from commit 6ea6936632503d32b67fe826103b1a19da9b26a5)
  • 056f5e3 Bump version 0.7.36 (mirror of v1.0.36)
  • 91f3185 Bump version 1.0.36
  • 9bcfbe2 Backport - Update sponsors section in readme (cherry picked from commit f2e4b242ceaa9bcdafd731066fe665c2b28132f5)
  • eeaf198 Backport - Add Snapchat user agent. (cherry picked from commit 153831d2edb73db1f066c5638da733d302027a1e)
  • 59edeef Backport - Fix Amazon Fire TV device detection (cherry picked from commit b20d09655cf01657d00e38e334a757c25b176175)
  • f92d409 Add some tests; Add new devices: Infinix, Tecno; Improve detection: Xiaomi POCO Source: https://www.useragents.me
  • 5af24a6 Fix Kustomer advanced transform #643 - Improve iOS detection (cherry picked from commit 29fb85658adb66e4b842ffe721b38e77f4ec5cd1)

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@sandeepdsvs sandeepdsvs requested review from sivashanmukh and a team as code owners January 8, 2024 14:06
Copy link
Contributor

coderabbitai bot commented Jan 8, 2024

Important

Auto Review Skipped

Auto reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository.

To trigger a single review, invoke the @coderabbitai review command.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>.
    • Generate unit-tests for this file.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit tests for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai generate interesting stats about this repository from git and render them as a table.
    • @coderabbitai show all the console.log statements in this repository.
    • @coderabbitai read src/utils.ts and generate unit tests.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • The JSON schema for the configuration file is available here.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json

CodeRabbit Discord Community

Join our Discord Community to get help, request features, and share feedback.

Copy link

codecov bot commented Jan 8, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (d4e0ae3) 87.28% compared to head (9a4cdef) 87.28%.

Additional details and impacted files
@@           Coverage Diff            @@
##           develop    #2981   +/-   ##
========================================
  Coverage    87.28%   87.28%           
========================================
  Files          872      872           
  Lines        29500    29500           
  Branches      6865     6865           
========================================
  Hits         25749    25749           
  Misses        3405     3405           
  Partials       346      346           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Copy link

sonarqubecloud bot commented Jan 8, 2024

Quality Gate Passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

@koladilip koladilip changed the title [Snyk] Upgrade ua-parser-js from 1.0.35 to 1.0.37 chore: upgrade ua-parser-js from 1.0.35 to 1.0.37 Jan 8, 2024
@koladilip koladilip merged commit 4a56bcb into develop Jan 23, 2024
15 of 16 checks passed
@koladilip koladilip deleted the snyk-upgrade-1f3f1c386cbceed2c7fc2fde89ea59cb branch January 23, 2024 04:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants