[Snyk] Upgrade @reactioncommerce/logger from 1.1.3 to 1.1.4 #94

snyk-bot · 2021-09-10T07:00:33Z

Snyk has created this PR to upgrade @reactioncommerce/logger from 1.1.3 to 1.1.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 1 version ahead of your current version.
The recommended version was released 22 days ago, on 2021-08-19.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Remote Code Execution (RCE) SNYK-JS-BUNYAN-573166	310/1000 Why? CVSS 6.2	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @reactioncommerce/logger

1.1.4 - 2021-08-19
1.1.4 (2021-08-19)

Bug Fixes
- upgrade bunyan from 1.8.12 to 1.8.15 (9d4ff9b)
- upgrade node-loggly-bulk from 2.2.4 to 2.2.5 (0015556)
1.1.3 - 2019-11-07
1.1.3 (2019-11-07)

Bug Fixes
- install missing linting modules and fix linting (bbb680c)
- vulnerabilities reported by snyk (dfcba3a)

from @reactioncommerce/logger GitHub release notes

Commit messages

Package name: @reactioncommerce/logger

bb77a30 Merge pull request feat: add insertPrimaryShop test fn #23 from reactioncommerce/snyk-upgrade-82b50d13d67ade1889757d353ddedca3
01f5e2f Merge pull request feat: update most dependencies to latest #24 from reactioncommerce/snyk-upgrade-ede980d8104e2a573067622b6d6972cf
0015556 fix: upgrade node-loggly-bulk from 2.2.4 to 2.2.5
9d4ff9b fix: upgrade bunyan from 1.8.12 to 1.8.15
84e782f Merge pull request Add match operator to support regular expression matching reaction#6512 from reactioncommerce/dependabot/npm_and_yarn/path-parse-1.0.7
7294a7d chore(deps): bump path-parse from 1.0.6 to 1.0.7
7d7ebac Merge pull request CollectionIndex function should account for modified index reaction#6518 from reactioncommerce/dependabot/npm_and_yarn/trim-newlines-3.0.1
83fd000 Merge pull request chore(deps): Bump acorn from 5.7.3 to 5.7.4 #21 from reactioncommerce/dependabot/npm_and_yarn/normalize-url-5.3.1
f2ae5a1 chore(deps): bump normalize-url from 5.3.0 to 5.3.1
0a51698 chore(deps): bump trim-newlines from 3.0.0 to 3.0.1
6b1a30d Merge pull request getPaginatedResponse doesn't support MongoDB aggregate cursor #16 from reactioncommerce/dependabot/npm_and_yarn/y18n-4.0.1
528fef2 Merge pull request Use projection option instead of deprecated fields option #17 from reactioncommerce/dependabot/npm_and_yarn/handlebars-4.7.7
c58f335 Merge pull request Add method that accepts internal database ids as-is or an encoded opaque id #18 from reactioncommerce/dependabot/npm_and_yarn/lodash-4.17.21
6e4f375 Merge pull request Add getPaginatedResponseFromAggregate #19 from reactioncommerce/dependabot/npm_and_yarn/hosted-git-info-2.8.9
ac6ee5d chore(deps): bump hosted-git-info from 2.8.5 to 2.8.9
ac02a90 chore(deps): bump lodash from 4.17.19 to 4.17.21
d7a7a3c chore(deps): bump handlebars from 4.7.6 to 4.7.7
f1d04e4 chore(deps): bump y18n from 4.0.0 to 4.0.1
8188ae2 Merge pull request error message failure when using abbreviated form of map reaction#6513 from reactioncommerce/chore-mpaktiti-fix-circleci-conf
fc684ed chore: fix circleCI conf
1dc9470 Merge pull request fix: update branch name on ci publishing #14 from reactioncommerce/chore-mpaktiti-circleCI-node-version
f15323a chore: upgrade circleCI node version
db4f097 Merge pull request [WIP] Add offset support for arrayJoinPlusRemainingQuery #12 from reactioncommerce/dependabot/npm_and_yarn/semantic-release-17.2.3
f294285 Merge pull request fix: remove legacy auth mockContext functions that aren't needed #13 from reactioncommerce/dependabot/npm_and_yarn/ini-1.3.7