[Snyk] Upgrade netlify-cli from 9.16.7 to 17.33.4 #22

snyk-io · 2024-08-12T05:24:14Z

Snyk has created this PR to upgrade netlify-cli from 9.16.7 to 17.33.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

The recommended version is 276 versions ahead of your current version.
The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	118	Proof of Concept
Uncontrolled resource consumption SNYK-JS-BRACES-6838727	118	Proof of Concept
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') SNYK-JS-GITCLONE-2434308	118	No Known Exploit
Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	118	No Known Exploit
Directory Traversal SNYK-JS-STATICSERVER-5722341	118	Proof of Concept
Prototype Pollution SNYK-JS-UNSETVALUE-2400660	118	No Known Exploit
Regular Expression Denial of Service (ReDoS) npm:ansi2html:20151025	118	No Known Exploit
Improper Authentication SNYK-JS-JSONWEBTOKEN-3180022	118	No Known Exploit
Improper Restriction of Security Token Assignment SNYK-JS-JSONWEBTOKEN-3180024	118	No Known Exploit
Use of a Broken or Risky Cryptographic Algorithm SNYK-JS-JSONWEBTOKEN-3180026	118	No Known Exploit
Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607	118	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	118	Proof of Concept
Open Redirect SNYK-JS-GOT-2932019	118	No Known Exploit
Open Redirect SNYK-JS-GOT-2932019	118	No Known Exploit
Open Redirect SNYK-JS-GOT-2932019	118	No Known Exploit
Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	118	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	118	Proof of Concept

Release notes

Package name: netlify-cli

17.33.4 - 2024-07-15
17.33.4 (2024-07-15)

Bug Fixes
- deps: update dependency @ bugsnag/js to v7.25.0 (#6762) (c09bf1a)
- deps: update dependency @ types/node to v20.14.10 (#6763) (ce647f4)
- deps: update dependency fastify to v4.28.1 (#6764) (e45d378)
- deps: update netlify packages (#6759) (9f36fed)
- use heuristics for build and deploy command as well (#6729) (111967c)
17.33.3 - 2024-07-12
17.33.3 (2024-07-12)

Bug Fixes
- deps: update netlify packages (#6757) (d0a8f93)
17.33.2 - 2024-07-11
17.33.2 (2024-07-11)

Bug Fixes
- deps: update dependency @ netlify/blobs to v7.4.0 (#6743) (146231e)
- deps: update netlify packages (#6755) (d14a8b9)
17.33.1 - 2024-07-11
17.33.1 (2024-07-11)

Bug Fixes
- deps: update dependency parse-github-url to v1.0.3 (#6750) (f830a87)
- deps: update netlify packages (#6754) (d1ac3d9)
17.33.0 - 2024-07-05
17.33.0 (2024-07-05)

Features
- expose deploy context to functions and edge functions (#6747) (a4a4026)
17.32.1 - 2024-07-04
17.32.1 (2024-07-04)

Bug Fixes
- deps: update netlify packages (#6734) (00f5052)
17.32.0 - 2024-07-02
17.32.0 (2024-07-02)

Features
- add flag to skip env var fetching (#6723) (a0f33c1)
17.31.0 - 2024-07-01
17.31.0 (2024-07-01)

Features
- add support for the Frameworks API (#6735) (6a48a38)
- load edge functions from Frameworks API in serve (#6738) (1c6903f)
Bug Fixes
- deps: update dependency https-proxy-agent to v7.0.5 (#6741) (3262995)
17.30.0 - 2024-06-26
17.30.0 (2024-06-26)

Features
- pass accountId to resolveConfig (#6733) (6ce285e)
Bug Fixes
- deps: update dependency listr2 to v8.2.3 (#6726) (1e66af7)
- deps: update netlify packages (#6728) (dd1bab4)
- deps: update netlify packages (#6730) (37d8193)
17.29.0 - 2024-06-20
17.29.0 (2024-06-20)

Features
- support excludedPath in functions (#6717) (5981a35)
Bug Fixes
- deps: update dependency @ netlify/build to v29.48.2 (#6719) (41294c0)
- deps: update dependency @ netlify/zip-it-and-ship-it to v9.37.1 (#6718) (38d5000)
- deps: update dependency ws to v8.17.1 [security] (#6716) (7da19ad)
- deps: update netlify packages (#6707) (ca0e670)
17.28.0 - 2024-06-17
17.27.0 - 2024-06-13
17.26.3 - 2024-06-12
17.26.2 - 2024-06-10
17.26.1 - 2024-06-07
17.26.0 - 2024-06-05
17.25.0 - 2024-05-29
17.24.0 - 2024-05-29
17.23.8 - 2024-05-24
17.23.7 - 2024-05-24
17.23.6 - 2024-05-23
17.23.5 - 2024-05-14
17.23.4 - 2024-05-14
17.23.3 - 2024-05-13
17.23.2 - 2024-05-07
17.23.1 - 2024-04-26
17.23.0 - 2024-04-25
17.22.1 - 2024-04-10
17.22.0 - 2024-04-08
17.21.2 - 2024-04-05
17.21.1 - 2024-03-26
17.21.0 - 2024-03-26
17.20.1 - 2024-03-22
17.20.0 - 2024-03-21
17.19.6 - 2024-03-20
17.19.5 - 2024-03-18
17.19.4 - 2024-03-15
17.19.3 - 2024-03-13
17.19.2 - 2024-03-11
17.19.1 - 2024-03-11
17.19.0 - 2024-03-08
17.18.1 - 2024-03-06
17.18.0 - 2024-03-05
17.17.2 - 2024-03-04
17.17.1 - 2024-02-26
17.17.0 - 2024-02-22
17.16.4 - 2024-02-20
17.16.3 - 2024-02-19
17.16.2 - 2024-02-13
17.16.1 - 2024-02-08
17.16.0 - 2024-02-05
17.15.7 - 2024-02-01
17.15.6 - 2024-01-31
17.15.5 - 2024-01-30
17.15.4 - 2024-01-29
17.15.3 - 2024-01-24
17.15.2 - 2024-01-22
17.15.1 - 2024-01-19
17.15.0 - 2024-01-18
17.14.1 - 2024-01-18
17.14.0 - 2024-01-15
17.13.2 - 2024-01-12
17.13.1 - 2024-01-11
17.13.0 - 2024-01-09
17.12.0 - 2024-01-09
17.11.1 - 2024-01-05
17.11.0 - 2024-01-02
17.10.2 - 2023-12-29
17.10.1 - 2023-12-08
17.10.0 - 2023-12-06
17.9.0 - 2023-12-04
17.8.1 - 2023-11-28
17.8.0 - 2023-11-28
17.7.0 - 2023-11-23
17.6.0 - 2023-11-21
17.5.3 - 2023-11-20
17.5.2 - 2023-11-20
17.5.1 - 2023-11-17
17.5.0 - 2023-11-17
17.4.0 - 2023-11-16
17.3.2 - 2023-11-15
17.3.1 - 2023-11-14
17.3.0 - 2023-11-14
17.2.2 - 2023-11-10
17.2.1 - 2023-11-09
17.2.0 - 2023-11-08
17.1.0 - 2023-11-07
17.0.1 - 2023-11-02
17.0.0 - 2023-11-01
16.9.3 - 2023-10-27
16.9.2 - 2023-10-24
16.9.1 - 2023-10-20
16.9.0 - 2023-10-19
16.8.1 - 2023-10-19
16.8.0 - 2023-10-17
16.7.0 - 2023-10-12
16.6.2 - 2023-10-12
16.6.1 - 2023-10-10
16.6.0 - 2023-10-10
16.5.1 - 2023-10-03
16.5.0 - 2023-10-02
16.4.2 - 2023-09-21
16.4.1 - 2023-09-20
16.4.0 - 2023-09-19
16.3.6 - 2023-09-18
16.3.5 - 2023-09-18
16.3.4 - 2023-09-18
16.3.3 - 2023-09-15
16.3.2 - 2023-09-13
16.3.1 - 2023-09-06
16.3.0 - 2023-09-06
16.2.0 - 2023-08-29
16.1.0 - 2023-08-17
16.0.3 - 2023-08-14
16.0.2 - 2023-08-11
16.0.1 - 2023-08-10
16.0.0 - 2023-08-10
16.0.0-alpha.0 - 2023-08-10
15.11.0 - 2023-08-07
15.10.0 - 2023-07-31
15.10.0-rc.1 - 2023-08-03
15.10.0-rc.0 - 2023-08-03
15.9.1 - 2023-07-19
15.9.1-rc.0 - 2023-07-20
15.9.0 - 2023-07-12
15.8.1 - 2023-07-06
15.8.1-rc.1 - 2023-07-11
15.8.1-rc.0 - 2023-07-10
15.8.0 - 2023-06-30
15.7.0 - 2023-06-27
15.6.0 - 2023-06-14
15.5.1 - 2023-06-13
15.5.0 - 2023-06-13
15.4.2 - 2023-06-12
15.4.1 - 2023-06-08
15.4.0 - 2023-06-07
15.3.2 - 2023-06-07
15.3.1 - 2023-06-02
15.3.0 - 2023-06-02
15.2.0 - 2023-05-26
15.1.1 - 2023-05-17
15.1.0 - 2023-05-15
15.0.3 - 2023-05-15
15.0.2 - 2023-05-08
15.0.1 - 2023-05-08
15.0.0 - 2023-05-05
15.0.0-rc.0 - 2023-05-02
14.4.0 - 2023-05-03
14.3.1 - 2023-04-26
14.3.0 - 2023-04-25
14.2.1 - 2023-04-20
14.2.0 - 2023-04-20
14.1.0 - 2023-04-19
14.0.0 - 2023-04-17
14.0.0-rc - 2023-04-14
13.2.2 - 2023-03-28
13.2.1 - 2023-03-22
13.2.0 - 2023-03-21
13.1.7 - 2023-03-21
13.1.6 - 2023-03-14
13.1.5 - 2023-03-14
13.1.4 - 2023-03-14
13.1.3 - 2023-03-13
13.1.2 - 2023-03-10
13.1.1 - 2023-03-09
13.1.0 - 2023-03-09
13.0.1 - 2023-03-03
13.0.0 - 2023-02-21
12.14.0 - 2023-02-20
12.13.2 - 2023-02-20
12.13.1 - 2023-02-17
12.13.0 - 2023-02-17
12.12.1 - 2023-02-16
12.12.0 - 2023-02-10
12.11.0 - 2023-02-09
12.10.0 - 2023-01-26
12.9.2 - 2023-01-24
12.9.1 - 2023-01-20
12.9.0 - 2023-01-20
12.8.0 - 2023-01-20
12.7.2 - 2023-01-11
12.7.1 - 2023-01-11
12.7.0 - 2023-01-10
12.6.0 - 2023-01-09
12.5.0 - 2022-12-22
12.4.1 - 2022-12-20
12.4.0 - 2022-12-15
12.3.0 - 2022-12-15
12.2.11 - 2022-12-14
12.2.10 - 2022-12-12
12.2.9 - 2022-12-06
12.2.8 - 2022-12-01
12.2.7 - 2022-11-23
12.2.6 - 2022-11-21
12.2.5 - 2022-11-21
12.2.4 - 2022-11-18
12.2.3 - 2022-11-18
12.2.2 - 2022-11-18
12.2.1 - 2022-11-17
12.2.0 - 2022-11-15
12.1.1 - 2022-11-09
12.1.0 - 2022-11-04
12.0.11 - 2022-10-18
12.0.10 - 2022-10-17
12.0.9 - 2022-10-13
12.0.8 - 2022-10-12
12.0.7 - 2022-10-07
12.0.6 - 2022-10-05
12.0.5 - 2022-10-04
12.0.4 - 2022-10-03
12.0.3 - 2022-10-03
12.0.2 - 2022-09-30
12.0.1 - 2022-09-29
12.0.0 - 2022-09-27
11.8.3 - 2022-09-23
11.8.2 - 2022-09-21
11.8.1 - 2022-09-20
11.8.0 - 2022-09-15
11.7.1 - 2022-09-09
11.7.0 - 2022-09-09
11.6.0 - 2022-09-08
11.5.1 - 2022-08-29
11.5.0 - 2022-08-22
11.4.0 - 2022-08-22
11.3.0 - 2022-08-19
11.2.0 - 2022-08-19
11.1.0 - 2022-08-19
11.1.0-rc.2 - 2022-08-19
11.1.0-rc.1 - 2022-08-18
11.1.0-rc.0 - 2022-08-18
11.0.0 - 2022-08-18
10.18.0 - 2022-08-18
10.18.0-rc2 - 2022-08-17
10.18.0-rc1 - 2022-08-16
10.18.0-rc.4 - 2022-08-18
10.18.0-rc.3 - 2022-08-17
10.17.8 - 2022-08-16
10.17.7 - 2022-08-16
10.17.6 - 2022-08-15
10.17.5 - 2022-08-15
10.17.4 - 2022-08-12
10.17.3 - 2022-08-12
10.17.2 - 2022-08-12
10.17.1 - 2022-08-12
10.17.0 - 2022-08-11
10.16.0 - 2022-08-11
10.15.0 - 2022-08-04
10.14.0 - 2022-08-01
10.13.0 - 2022-07-29
10.12.1 - 2022-07-27
10.12.0 - 2022-07-27
10.11.2 - 2022-07-25
10.11.1 - 2022-07-22
10.11.0 - 2022-07-22
10.10.2 - 2022-07-19
10.10.1 - 2022-07-19
10.10.0 - 2022-07-15
10.9.1 - 2022-07-15
10.9.0 - 2022-07-13
10.8.0 - 2022-07-11
10.7.1 - 2022-07-01
10.7.0 - 2022-06-30
10.6.3 - 2022-06-27
10.6.2 - 2022-06-23
10.6.1 - 2022-06-22
10.6.0 - 2022-06-22
10.5.1 - 2022-06-10
10.5.0 - 2022-06-08
10.4.0 - 2022-05-31
10.3.3 - 2022-05-26
10.3.1 - 2022-05-12
10.3.0 - 2022-05-06
10.2.0 - 2022-05-04
10.1.0 - 2022-04-27
10.0.0 - 2022-04-19
10.0.0-rc.0 - 2022-04-18
9.16.7 - 2022-04-18

from netlify-cli GitHub release notes

Important

Warning: This PR contains a major version upgrade, and may be a breaking change.
Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.
Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"netlify-cli","from":"9.16.7","to":"17.33.4"}],"env":"prod","hasFixes":true,"isBreakingChange":true,"isMajorUpgrade":true,"issuesToFix":[{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ANSIREGEX-1583908","issue_id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-BRACES-6838727","issue_id":"SNYK-JS-BRACES-6838727","priority_score":169,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00045},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon May 13 2024 14:36:53 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.81},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Uncontrolled resource consumption"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-GITCLONE-2434308","issue_id":"SNYK-JS-GITCLONE-2434308","priority_score":165,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00409},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Jun 28 2022 11:38:21 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":97},{"name":"impact","value":9.79},{"name":"likelihood","value":1.68},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-MICROMATCH-6838728","issue_id":"SNYK-JS-MICROMATCH-6838728","priority_score":124,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00045},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon May 13 2024 14:42:05 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.06},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Inefficient Regular Expression Complexity"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-STATICSERVER-5722341","issue_id":"SNYK-JS-STATICSERVER-5722341","priority_score":158,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00071},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Oct 02 2023 12:38:15 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":91},{"name":"impact","value":5.99},{"name":"likelihood","value":2.63},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Directory Traversal"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-UNSETVALUE-2400660","issue_id":"SNYK-JS-UNSETVALUE-2400660","priority_score":115,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01055},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Feb 13 2022 15:26:38 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":1.92},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"no-known-exploit","id":"npm:ansi2html:20151025","issue_id":"npm:ansi2html:20151025","priority_score":100,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00123},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Nov 06 2015 02:09:36 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":86},{"name":"impact","value":5.99},{"name":"likelihood","value":1.67},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-JSONWEBTOKEN-3180022","issue_id":"SNYK-JS-JSONWEBTOKEN-3180022","priority_score":118,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"high"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"low"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00088},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Dec 22 2022 09:13:25 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":7.84},{"name":"likelihood","value":1.5},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Improper Authentication"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-JSONWEBTOKEN-3180024","issue_id":"SNYK-JS-JSONWEBTOKEN-3180024","priority_score":80,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Dec 22 2022 09:16:03 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":4.19},{"name":"likelihood","value":1.89},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Improper Restriction of Security Token Assignment"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-JSONWEBTOKEN-3180026","issue_id":"SNYK-JS-JSONWEBTOKEN-3180026","priority_score":130,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"low"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.001},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Dec 22 2022 10:32:50 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":8.63},{"name":"likelihood","value":1.5},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Use of a Broken or Risky Cryptographic Algorithm"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SERIALIZEJAVASCRIPT-6147607","issue_id":"SNYK-JS-SERIALIZEJAVASCRIPT-6147607","priority_score":109,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"none"},{"name":"scope","value":"changed"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01055},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Jan 09 2024 12:13:57 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":4.54},{"name":"likelihood","value":2.39},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Cross-site Scripting (XSS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-GLOBPARENT-1016905","issue_id":"SNYK-JS-GLOBPARENT-1016905","priority_score":63,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01244},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Jan 12 2021 15:00:42 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.67},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-GOT-2932019","issue_id":"SNYK-JS-GOT-2932019","priority_score":61,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00071},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jun 19 2022 15:33:44 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":4.19},{"name":"likelihood","value":1.45},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Open Redirect"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-GOT-2932019","issue_id":"SNYK-JS-GOT-2932019","priority_score":61,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00071},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jun 19 2022 15:33:44 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":4.19},{"name":"likelihood","value":1.45},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Open Redirect"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-GOT-2932019","issue_id":"SNYK-JS-GOT-2932019","priority_score":61,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00071},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jun 19 2022 15:33:44 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":4.19},{"name":"likelihood","value":1.45},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Open Redirect"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-TAR-6476909","issue_id":"SNYK-JS-TAR-6476909","priority_score":142,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00045},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Mar 22 2024 12:56:33 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.36},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-HTTPCACHESEMANTICS-3248783","issue_id":"SNYK-JS-HTTPCACHESEMANTICS-3248783","priority_score":63,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00116},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Jan 30 2023 14:39:52 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.64},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"}],"prId":"e9a0ad60-88a6-4d0e-b1cb-c299f7f6e085","prPublicId":"e9a0ad60-88a6-4d0e-b1cb-c299f7f6e085","packageManager":"npm","priorityScoreList":[159,169,165,124,158,115,100,118,80,130,109,63,61,142,63],"projectPublicId":"cbb76115-a7f0-4591-9034-49072a66075f","projectUrl":"https://app.snyk.io/org/cachiman/project/cbb76115-a7f0-4591-9034-49072a66075f?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["priorityScore"],"type":"auto","upgrade":["SNYK-JS-ANSIREGEX-1583908","SNYK-JS-BRACES-6838727","SNYK-JS-GITCLONE-2434308","SNYK-JS-MICROMATCH-6838728","SNYK-JS-STATICSERVER-5722341","SNYK-JS-UNSETVALUE-2400660","npm:ansi2html:20151025","SNYK-JS-JSONWEBTOKEN-3180022","SNYK-JS-JSONWEBTOKEN-3180024","SNYK-JS-JSONWEBTOKEN-3180026","SNYK-JS-SERIALIZEJAVASCRIPT-6147607","SNYK-JS-GLOBPARENT-1016905","SNYK-JS-GOT-2932019","SNYK-JS-GOT-2932019","SNYK-JS-GOT-2932019","SNYK-JS-TAR-6476909","SNYK-JS-HTTPCACHESEMANTICS-3248783"],"upgradeInfo":{"versionsDiff":276,"publishedDate":"2024-07-15T18:13:59.042Z"},"vulns":["SNYK-JS-ANSIREGEX-1583908","SNYK-JS-BRACES-6838727","SNYK-JS-GITCLONE-2434308","SNYK-JS-MICROMATCH-6838728","SNYK-JS-STATICSERVER-5722341","SNYK-JS-UNSETVALUE-2400660","npm:ansi2html:20151025","SNYK-JS-JSONWEBTOKEN-3180022","SNYK-JS-JSONWEBTOKEN-3180024","SNYK-JS-JSONWEBTOKEN-3180026","SNYK-JS-SERIALIZEJAVASCRIPT-6147607","SNYK-JS-GLOBPARENT-1016905","SNYK-JS-GOT-2932019","SNYK-JS-GOT-2932019","SNYK-JS-GOT-2932019","SNYK-JS-TAR-6476909","SNYK-JS-HTTPCACHESEMANTICS-3248783"]}'

Snyk has created this PR to upgrade netlify-cli from 9.16.7 to 17.33.4. See this package in npm: netlify-cli See this project in Snyk: https://app.snyk.io/org/cachiman/project/cbb76115-a7f0-4591-9034-49072a66075f?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

google-cla · 2024-08-12T05:24:19Z

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade netlify-cli from 9.16.7 to 17.33.4 #22

[Snyk] Upgrade netlify-cli from 9.16.7 to 17.33.4 #22

snyk-io bot commented Aug 12, 2024

17.33.4 (2024-07-15)

Bug Fixes

17.33.3 (2024-07-12)

Bug Fixes

17.33.2 (2024-07-11)

Bug Fixes

17.33.1 (2024-07-11)

Bug Fixes

17.33.0 (2024-07-05)

Features

17.32.1 (2024-07-04)

Bug Fixes

17.32.0 (2024-07-02)

Features

17.31.0 (2024-07-01)

Features

Bug Fixes

17.30.0 (2024-06-26)

Features

Bug Fixes

17.29.0 (2024-06-20)

Features

Bug Fixes

google-cla bot commented Aug 12, 2024

[Snyk] Upgrade netlify-cli from 9.16.7 to 17.33.4 #22

Are you sure you want to change the base?

[Snyk] Upgrade netlify-cli from 9.16.7 to 17.33.4 #22

Conversation

snyk-io bot commented Aug 12, 2024

Snyk has created this PR to upgrade netlify-cli from 9.16.7 to 17.33.4.

Issues fixed by the recommended upgrade:

17.33.4 (2024-07-15)

Bug Fixes

17.33.3 (2024-07-12)

Bug Fixes

17.33.2 (2024-07-11)

Bug Fixes

17.33.1 (2024-07-11)

Bug Fixes

17.33.0 (2024-07-05)

Features

17.32.1 (2024-07-04)

Bug Fixes

17.32.0 (2024-07-02)

Features

17.31.0 (2024-07-01)

Features

Bug Fixes

17.30.0 (2024-06-26)

Features

Bug Fixes

17.29.0 (2024-06-20)

Features

Bug Fixes

google-cla bot commented Aug 12, 2024