[Snyk] Upgrade ipfs-http-server from 0.1.4 to 0.15.1 #363

X-oss-byte · 2024-02-16T00:31:52Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade ipfs-http-server from 0.1.4 to 0.15.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 231 versions ahead of your current version.
The recommended version was released 9 months ago, on 2023-05-25.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Information Exposure SNYK-JS-NODEFETCH-2342118	539/1000 Why? Has a fix available, CVSS 6.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: ipfs-http-server

0.15.1 - 2023-05-25
Bug Fixes
- add deprecation notice to readmes (#4362) (7b79c1b)
Dependencies
- The following workspace dependencies were updated
  - dependencies
    - ipfs-core-types bumped from ^0.14.0 to ^0.14.1
    - ipfs-message-port-protocol bumped from ^0.15.0 to ^0.15.1
0.15.0 - 2023-01-12
0.15.0-e64813f6 - 2023-05-24
0.15.0-b64d4af0 - 2023-02-01
0.15.0-ab02e8f8 - 2023-01-17
0.15.0-7b79c1b8 - 2023-05-25
0.15.0-6eeb1be5 - 2023-01-13
0.15.0-6d95ce08 - 2023-05-25
0.15.0-4694e806 - 2023-05-25
0.15.0-3bcabe38 - 2023-01-17
0.14.1-a77e40cc.0 - 2022-10-25
0.14.1-6be59068.0 - 2022-11-17
0.14.1-6ae5eb7d.0 - 2022-10-28
0.14.1-58e6f468.0 - 2022-10-25
0.14.0 - 2022-10-24
0.14.0-fa578bac - 2023-01-11
0.14.0-d1c3abb3 - 2023-01-11
0.14.0-789ee585 - 2023-01-11
0.14.0-5f73ecad - 2023-01-10
0.14.0-4b4c124c - 2023-01-11
0.13.3-dfc43d4e.0 - 2022-09-26
0.13.3-d75e0a39.0 - 2022-09-22
0.13.3-d1b0a8a7.0 - 2022-09-22
0.13.3-acbc1c62.0 - 2022-09-22
0.13.3-0cee4a4c.0 - 2022-10-24
0.13.2 - 2022-09-21
0.13.2-7304a0f4.0 - 2022-09-21
0.13.2-2a830bf5.0 - 2022-09-21
0.13.1 - 2022-09-21
Bug Fixes
- add deprecation notice to readmes (#4362) (7b79c1b)
Dependencies
- The following workspace dependencies were updated
  - dependencies
    - ipfs-core-types bumped from ^0.14.0 to ^0.14.1
    - ipfs-http-response bumped from ^6.0.0 to ^6.0.1
0.13.1-b5456882.0 - 2022-09-16
0.13.1-7c676f63.0 - 2022-09-21
0.13.0 - 2022-09-07
0.12.6-a05695fc.0 - 2022-07-20
0.12.6-8f351a89.0 - 2022-08-17
0.12.6-83f9882e.0 - 2022-09-06
0.12.6-39dbf708.0 - 2022-08-17
0.12.6-051da161.0 - 2022-09-07
0.12.5 - 2022-06-24
0.12.5-00bd3dd0.0 - 2022-06-24
0.12.4 - 2022-06-23
0.12.4-7be50bd1.0 - 2022-06-22
0.12.3 - 2022-06-14
0.12.3-70e142ac.0 - 2022-06-13
0.12.2 - 2022-06-01
0.12.2-be025c89.0 - 2022-06-01
0.12.2-87e00a69.0 - 2022-06-01
0.12.2-764b4adc.0 - 2022-06-01
0.12.1 - 2022-05-30
Bug Fixes
- add deprecation notice to readmes (#4362) (7b79c1b)
Dependencies
- The following workspace dependencies were updated
  - dependencies
    - ipfs-core-types bumped from ^0.14.0 to ^0.14.1
    - ipfs-grpc-protocol bumped from ^0.8.0 to ^0.8.1
  - devDependencies
    - ipfs-core bumped from ^0.18.0 to ^0.18.1
0.12.1-ddfb899f.0 - 2022-05-30
0.12.0 - 2022-05-30
0.11.4-919b27a8.0 - 2022-05-27
0.11.4-7165bf71.0 - 2022-05-16
0.11.4-4e93dd5d.0 - 2022-05-27
0.11.3 - 2022-04-26
0.11.3-e90b8f13.0 - 2022-04-05
0.11.3-8f7ce23c.0 - 2022-04-20
0.11.2 - 2022-04-05
0.11.2-df1bd1bb.0 - 2022-03-01
0.11.2-125d42ba.0 - 2022-03-01
0.11.2-1082fce9.0 - 2022-02-18
0.11.1 - 2022-02-07
0.11.1-8d260215.0 - 2022-01-27
0.11.1-709831f6.0 - 2022-02-06
0.11.1-3a74c110.0 - 2022-02-04
0.11.1-3a5d61d4.0 - 2022-01-27
0.11.1-383dc07d.0 - 2022-02-04
0.11.1-2c8ec080.0 - 2022-01-28
0.11.1-2afef2eb.0 - 2022-01-27
0.11.0 - 2022-01-27
0.10.1-rc.5 - 2022-01-21
0.10.1-rc.4 - 2022-01-20
0.10.1-rc.3 - 2022-01-13
0.10.1-rc.2 - 2021-12-17
0.10.1-rc.1 - 2021-12-16
0.10.1-rc.0 - 2021-12-15
0.10.1-fbe14923.0 - 2022-01-27
0.10.1-cca6e321.0 - 2022-01-27
0.10.1-a6b201af.0 - 2022-01-27
0.10.1-7fe0da57f.0 - 2022-01-26
0.10.1-6cb3a87e.0 - 2022-01-27
0.10.1-5439a0e.0 - 2022-01-26
0.10.0 - 2021-12-15
0.9.3-rc.13 - 2021-12-15
0.9.3-rc.12 - 2021-12-15
0.9.3-rc.11 - 2021-12-15
0.9.3-rc.10 - 2021-12-15
0.9.3-rc.9 - 2021-12-13
0.9.3-rc.8 - 2021-12-13
0.9.3-rc.7 - 2021-12-06
0.9.3-rc.6 - 2021-12-06
0.9.3-rc.5 - 2021-12-06
0.9.3-rc.4 - 2021-12-03
0.9.3-rc.3 - 2021-12-03
0.9.3-rc.2 - 2021-12-03
0.9.3-rc.1 - 2021-12-03
0.9.3-rc.0 - 2021-11-24
0.9.2 - 2021-11-24
0.9.2-rc.3 - 2021-11-24
0.9.2-rc.2 - 2021-11-22
0.9.2-rc.1 - 2021-11-19
0.9.2-rc.0 - 2021-11-19
0.9.1 - 2021-11-19
0.9.1-rc.1 - 2021-11-19
0.9.1-rc.0 - 2021-11-12
0.9.0 - 2021-11-12
0.8.2-rc.6 - 2021-11-12
0.8.2-rc.5 - 2021-11-04
0.8.2-rc.4 - 2021-10-08
0.8.2-rc.3 - 2021-10-02
0.8.2-rc.2 - 2021-09-30
0.8.2-rc.1 - 2021-09-30
0.8.2-rc.0 - 2021-09-28
0.8.1 - 2021-09-28
Bug Fixes
- add deprecation notice to readmes (#4362) (7b79c1b)
0.8.1-rc.5 - 2021-09-28
0.8.1-rc.3 - 2021-09-27
0.8.1-rc.2 - 2021-09-25
0.8.1-rc.1 - 2021-09-25
0.8.1-rc.0 - 2021-09-24
0.8.0 - 2021-09-24
0.7.7-rc.18 - 2021-09-24
0.7.7-rc.17 - 2021-09-24
0.7.7-rc.16 - 2021-09-23
0.7.7-rc.15 - 2021-09-23
0.7.7-rc.14 - 2021-09-23
0.7.7-rc.13 - 2021-09-23
0.7.7-rc.12 - 2021-09-23
0.7.7-rc.1 - 2021-09-21
0.7.7-rc.0 - 2021-09-17
0.7.6 - 2021-09-17
0.7.6-rc.0 - 2021-09-17
0.7.5 - 2021-09-17
0.7.5-rc.4 - 2021-09-17
0.7.5-rc.1 - 2021-09-14
0.7.4 - 2021-09-08
0.7.4-rc.5 - 2021-09-08
0.7.4-rc.4 - 2021-09-07
0.7.4-rc.2 - 2021-09-06
0.7.4-rc.1 - 2021-09-06
0.7.3 - 2021-09-02
0.7.3-rc.8 - 2021-09-02
0.7.3-rc.7 - 2021-09-02
0.7.3-rc.6 - 2021-08-31
0.7.3-rc.5 - 2021-08-26
0.7.3-rc.4 - 2021-08-26
0.7.3-rc.3 - 2021-08-26
0.7.3-rc.2 - 2021-08-26
0.7.2 - 2021-08-25
0.7.2-rc.7 - 2021-08-25
0.7.2-rc.6 - 2021-08-25
0.7.2-rc.4 - 2021-08-17
0.7.2-rc.1 - 2021-08-17
0.7.1 - 2021-08-17
0.7.1-rc.10 - 2021-08-17
0.7.1-rc.9 - 2021-08-17
0.7.1-rc.7 - 2021-08-16
0.7.1-rc.6 - 2021-08-12
0.7.1-rc.5 - 2021-08-12
0.7.1-rc.4 - 2021-08-12
0.7.0 - 2021-08-11
0.6.2-rc.11 - 2021-08-11
0.6.2-rc.10 - 2021-08-10
0.6.2-rc.8 - 2021-08-10
0.6.2-rc.6 - 2021-08-09
0.6.2-rc.3 - 2021-08-05
0.6.2-rc.2 - 2021-08-04
0.6.2-rc.1 - 2021-07-30
0.6.1 - 2021-07-30
0.6.1-rc.7 - 2021-07-30
0.6.1-rc.5 - 2021-07-28
0.6.1-rc.2 - 2021-07-28
0.6.1-rc.1 - 2021-07-28
0.6.0 - 2021-07-27
0.5.3-rc.17 - 2021-07-27
0.5.3-rc.14 - 2021-07-27
0.5.3-rc.11 - 2021-07-27
0.5.3-rc.9 - 2021-07-27
0.5.3-rc.8 - 2021-07-27
0.5.3-rc.6 - 2021-07-19
0.5.3-rc.3 - 2021-07-01
0.5.3-rc.2 - 2021-06-25
0.5.3-rc.1 - 2021-06-18
0.5.2 - 2021-06-18
0.5.2-rc.4 - 2021-06-18
0.5.2-rc.3 - 2021-06-18
0.5.2-rc.2 - 2021-06-15
0.5.2-rc.1 - 2021-06-10
0.5.1 - 2021-06-05
0.5.1-rc.4 - 2021-06-05
0.5.1-rc.3 - 2021-06-01
0.5.1-rc.1 - 2021-05-26
0.5.0 - 2021-05-26
0.4.1-rc.11 - 2021-05-25
0.4.1-rc.7 - 2021-05-25
0.4.1-rc.6 - 2021-05-13
0.4.1-rc.5 - 2021-05-11
0.4.1-rc.1 - 2021-05-11
0.4.0 - 2021-05-10
0.3.5 - 2021-05-07
0.3.5-rc.32 - 2021-05-10
0.3.5-rc.31 - 2021-05-10
0.3.5-rc.30 - 2021-05-07
0.3.5-rc.29 - 2021-05-07
0.3.5-rc.28 - 2021-05-06
0.3.5-rc.27 - 2021-05-06
0.3.5-rc.26 - 2021-05-04
0.3.5-rc.25 - 2021-05-04
0.3.5-rc.24 - 2021-05-04
0.3.5-rc.22 - 2021-05-04
0.3.5-rc.21 - 2021-05-02
0.3.5-rc.20 - 2021-05-01
0.3.5-rc.19 - 2021-04-30
0.3.5-rc.18 - 2021-04-30
0.3.5-rc.17 - 2021-04-29
0.3.5-rc.14 - 2021-04-28
0.3.5-rc.11 - 2021-04-28
0.3.5-rc.3 - 2021-03-31
0.3.4 - 2021-03-10
0.3.3 - 2021-03-09
0.3.3-rc.5 - 2021-02-22
0.3.3-rc.4 - 2021-02-21
0.3.2 - 2021-02-08
0.3.1 - 2021-02-02
0.3.0 - 2021-02-01
0.2.3-rc.3 - 2021-01-30
0.2.2 - 2021-01-22
0.2.1 - 2021-01-20
0.2.0 - 2021-01-15
0.1.5-rc.6 - 2021-01-15
0.1.5-rc.5 - 2021-01-13
0.1.5-rc.4 - 2020-12-18
0.1.5-rc.1 - 2020-12-18
0.1.4 - 2020-12-16

from ipfs-http-server GitHub release notes

Commit messages

Package name: ipfs-http-server

bf1bc8b chore: release master (#4364)
7b79c1b fix: add deprecation notice to readmes (feat: add --flavor feature (ganache chain plugins) trufflesuite/ganache#4362)
410725b chore: disable dependabot.yml (get help trufflesuite/ganache#4363)
b64d4af docs: update README.md (build(deps-dev): bump webpack from 5.65.0 to 5.76.0 in /src/chains/filecoin/options trufflesuite/ganache#4307)
3bcabe3 chore: fix link to ci results (Improve ganache interactive docs header so it says what it is in the header, not just the main body section trufflesuite/ganache#4299)
ab02e8f docs: update readmes to fix ci badges (System Error when running Ganache 2.5.4 on win32 trufflesuite/ganache#4296)
c5e76b7 update-ipfs-http-client (Transaction simulation takes too long to return trufflesuite/ganache#4293)
6eeb1be deps(dev): update interop, ipfsd-ctl and kubo-rpc-client (interactive docs: backspacing at line 1 char 0 causes an issue with our export {/*magic*/};\n hack trufflesuite/ganache#4294)
6e94067 chore: release master (#4252)
d1c3abb deps: update libp2p to 0.42.x (#4288)
0cfcaf6 fix: allow reading rawLeaves in MFS (build(deps): bump dns-packet from 5.3.0 to 5.4.0 in /src/chains/filecoin/filecoin trufflesuite/ganache#4282)
fa578ba fix: disallow publishing pubsub messages to zero peers (Can ganache be used to run full privatenet? trufflesuite/ganache#4286)
789ee58 deps: update dag-jose to 4.0.0 (#4289)
4b4c124 deps: update ipfs-utils for node 18 compatibility (fix: use adjusted time on estimate gas when latest block is being used trufflesuite/ganache#4287)
5f73eca chore: do not double-build interface tests
1916ca8 chore: interface tests should run after build
115a405 fix: fix publish step
6d90cbf fix: use aegir to publish RCs (v7.7.6 trufflesuite/ganache#4284)
2a6fede fix: update lerna config for rc publishing (build(deps): bump minimist from 1.2.5 to 1.2.8 in /src/packages/core trufflesuite/ganache#4283)
e85e5b6 deps: update @ chainsafe/libp2p-gossipsub to 6.0.0 (build(deps): bump minimist from 1.2.5 to 1.2.8 in /src/chains/ethereum/ethereum trufflesuite/ganache#4280)
563806f fix: restore lerna for preleases (build(deps): bump minimist and mkdirp in /src/chains/filecoin/filecoin trufflesuite/ganache#4281)
521c84a fix!: update multiformats to v11.x.x and related depenendcies (build(deps): bump minimist from 1.2.5 to 1.2.8 in /src/chains/ethereum/transaction trufflesuite/ganache#4277)
6be5906 fix: mfs blob import for files larger than 262144b (Connecting MetaMask to remote detached Ganache CLI trufflesuite/ganache#4251)
b722041 docs: DisableNatPortMap should be true to disable port mapping (#4244)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade ipfs-http-server from 0.1.4 to 0.15.1. See this package in npm: https://www.npmjs.com/package/ipfs-http-server See this project in Snyk: https://app.snyk.io/org/sammyfilly/project/0778148f-8a59-4afb-bcbf-e9bdb110ac13?utm_source=github&utm_medium=referral&page=upgrade-pr

stackblitz · 2024-02-16T00:31:55Z

Run & review this pull request in StackBlitz Codeflow.

changeset-bot · 2024-02-16T00:31:56Z

⚠️ No Changeset found

Latest commit: 9c99121

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

sourcery-ai

PR Type: Enhancement

PR Summary: This pull request updates the ipfs-http-server dependency from version 0.1.4 to 0.15.1. The update is significant as it jumps over multiple versions, bringing the project up to date with the latest fixes, including addressing a medium severity information exposure vulnerability. The upgrade also includes various bug fixes and dependency updates as detailed in the release notes provided by Snyk.

Decision: Comment

📝 Type: 'Enhancement' - not supported yet.

Sourcery currently only approves 'Typo fix' PRs.

✅ Issue addressed: this change correctly addresses the issue or implements the desired feature.

No details provided.

📝 Complexity: the changes are too large or complex for Sourcery to approve.

Unsupported files: the diff contains files that Sourcery does not currently support during reviews.

General suggestions:

Ensure thorough testing in the staging environment to verify that the upgrade does not introduce any breaking changes or unexpected behavior, especially given the large version jump.
Review the release notes and commit messages for the ipfs-http-server upgrade to understand the changes in depth, including any potential deprecations or breaking changes that could affect the project.
Consider the broader impact of this upgrade on the project's dependencies, particularly those closely tied to ipfs-http-server, to ensure compatibility.

Thanks for using Sourcery. We offer it for free for open source projects and would be very grateful if you could help us grow. If you like it, would you consider sharing Sourcery on your favourite social media? ✨

Share Sourcery

Help me be more useful! Please click 👍 or 👎 on each comment to tell me if it was helpful.

sourcery-ai bot reviewed Feb 16, 2024

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade ipfs-http-server from 0.1.4 to 0.15.1 #363

[Snyk] Upgrade ipfs-http-server from 0.1.4 to 0.15.1 #363

X-oss-byte commented Feb 16, 2024

Bug Fixes

Dependencies

Bug Fixes

Dependencies

Bug Fixes

Dependencies

Bug Fixes

stackblitz bot commented Feb 16, 2024

changeset-bot bot commented Feb 16, 2024

sourcery-ai bot left a comment

[Snyk] Upgrade ipfs-http-server from 0.1.4 to 0.15.1 #363

Are you sure you want to change the base?

[Snyk] Upgrade ipfs-http-server from 0.1.4 to 0.15.1 #363

Conversation

X-oss-byte commented Feb 16, 2024

Snyk has created this PR to upgrade ipfs-http-server from 0.1.4 to 0.15.1.

Bug Fixes

Dependencies

Bug Fixes

Dependencies

Bug Fixes

Dependencies

Bug Fixes

stackblitz bot commented Feb 16, 2024

changeset-bot bot commented Feb 16, 2024

⚠️ No Changeset found

sourcery-ai bot left a comment

Choose a reason for hiding this comment