[Snyk] Upgrade @redhat-developer/vscode-redhat-telemetry from 0.0.13 to 0.7.1 #14

zygisk-topjohnu · 2024-03-14T21:22:17Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade @redhat-developer/vscode-redhat-telemetry from 0.0.13 to 0.7.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 22 versions ahead of your current version.
The recommended version was released 4 months ago, on 2023-11-13.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-1579269	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Cross-site Request Forgery (CSRF) SNYK-JS-AXIOS-6032459	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-AXIOS-6144788	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Information Exposure SNYK-JS-NODEFETCH-2342118	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-6124857	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @redhat-developer/vscode-redhat-telemetry

0.7.1 - 2023-11-13
Signed-off-by: Fred Bricon fbricon@gmail.com
0.7.0 - 2023-08-29
The function 'getPlatform' is used before its definition. At that point,
the global variable 'linuxes' is not yet initialised, resulting in
errors.

By moving all exports to the bottom, this problem should be fixed.
0.6.1 - 2023-03-28
Signed-off-by: Fred Bricon fbricon@gmail.com
0.6.0 - 2023-03-15
Signed-off-by: Fred Bricon fbricon@gmail.com
0.5.4 - 2023-01-04
Signed-off-by: Fred Bricon fbricon@gmail.com
0.5.3 - 2023-01-04
Signed-off-by: Fred Bricon fbricon@gmail.com
0.5.2 - 2022-11-17
Signed-off-by: Fred Bricon fbricon@gmail.com
0.5.1 - 2022-11-15
Signed-off-by: Fred Bricon fbricon@gmail.com
0.5.0 - 2022-11-14
Signed-off-by: Fred Bricon fbricon@gmail.com
0.4.3 - 2022-07-29
Signed-off-by: Fred Bricon fbricon@gmail.com
0.4.2 - 2021-09-21
0.4.1 - 2021-09-21
0.4.0 - 2021-09-17
0.3.0 - 2021-09-16
0.2.0 - 2021-06-22
0.1.1 - 2021-06-08
0.1.0 - 2021-06-08
0.0.18 - 2021-04-27
0.0.17 - 2021-04-26
0.0.16 - 2021-04-26
0.0.15 - 2021-03-30
0.0.14 - 2021-03-30
0.0.13 - 2021-02-08

from @redhat-developer/vscode-redhat-telemetry GitHub release notes

Commit messages

Package name: @redhat-developer/vscode-redhat-telemetry

f451c20 Don't sanitize technical properties
f00d4ac Upgrade Axios to 1.6.0
f68a5d7 Only include 0.3% of all 'textCompletion' events from 'redhat.java'.
02db55f Prevent initialisation errors on Linux
66930fd Fine-tune ratio precision up to 0.01%
2cc060d Fix the textCompletion telemetry filter.
f9724d1 Only include 30% of all 'textCompletion' events from 'redhat.java'.
9655bbe Don't use ESM version of os-locale
8816d8b Allow configuration of ratio per event
631a25d Typo in readme
03ef92b Bump webpack to 5.76.1
50ceacb Fix webworker example
40e2ed6 Add support for web extensions
583097d Fix typos
5a0c688 Start decoupling code from node platform
303417a update .gitignore
11502bd Make getEmbeddedConfiguration() really webpack-friendly
1545dac Add webpack testing
2e791fe Make getEmbeddedConfiguration() webpack-friendly
edf5798 Update usage data for Ansible
9f5b3a6 Fix: keep identify event hash computation similar to previous versions
da1db87 Fix missing event type, breaking identify events
eb22c1e Add remote configuration support
674a5d1 Add YAML extension to list of other dtata collected by other extension ([Snyk] Upgrade node-fetch from 2.6.1 to 2.7.0 #19)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

… 0.7.1 Snyk has created this PR to upgrade @redhat-developer/vscode-redhat-telemetry from 0.0.13 to 0.7.1. See this package in npm: https://www.npmjs.com/package/@redhat-developer/vscode-redhat-telemetry See this project in Snyk: https://app.snyk.io/org/aimanbinggo/project/dae255e1-e66d-424f-a782-f66e3b553499?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade @redhat-developer/vscode-redhat-telemetry from 0.0.13 to 0.7.1 #14

[Snyk] Upgrade @redhat-developer/vscode-redhat-telemetry from 0.0.13 to 0.7.1 #14

zygisk-topjohnu commented Mar 14, 2024

[Snyk] Upgrade @redhat-developer/vscode-redhat-telemetry from 0.0.13 to 0.7.1 #14

Are you sure you want to change the base?

[Snyk] Upgrade @redhat-developer/vscode-redhat-telemetry from 0.0.13 to 0.7.1 #14

Conversation

zygisk-topjohnu commented Mar 14, 2024

Snyk has created this PR to upgrade @redhat-developer/vscode-redhat-telemetry from 0.0.13 to 0.7.1.