[Snyk] Upgrade @hapi/boom from 7.4.2 to 7.4.11

[Canadatechmanufacturing]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade @hapi/boom from 7.4.2 to 7.4.11.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 9 versions ahead of your current version.
• The recommended version was released 5 years ago, on 2019-09-27.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Denial of Service (DoS) SNYK-JS-ENGINEIO-3136336	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Denial of Service (DoS) SNYK-JS-SOCKETIOPARSER-1056752	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Arbitrary Code Injection SNYK-JS-XMLHTTPREQUESTSSL-1082936	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Access Restriction Bypass SNYK-JS-XMLHTTPREQUESTSSL-1255647	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Directory Traversal SNYK-JS-MOMENT-2440688	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOMENT-2944238	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-HAPIHOEK-548452	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Denial of Service SNYK-JS-NODEFETCH-674311	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Insecure Defaults SNYK-JS-SOCKETIO-1024859	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Improper Input Validation SNYK-JS-SOCKETIOPARSER-3091012	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-NODEFETCH-2342118	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @hapi/boom

• 7.4.11 - 2019-09-27
  

  7.4.11

• 7.4.10 - 2019-09-23
  

  7.4.10

• 7.4.9 - 2019-09-21
  

  7.4.9

• 7.4.8 - 2019-09-20
  

  7.4.8

• 7.4.7 - 2019-09-20
  

  7.4.7

• 7.4.6 - 2019-09-20
  

  7.4.6

• 7.4.5 - 2019-09-19
  

  7.4.5

• 7.4.4 - 2019-09-19
  

  7.4.4

• 7.4.3 - 2019-08-14
  

  7.4.3

• 7.4.2 - 2019-03-29

from @hapi/boom GitHub release notes

Commit messages

Package name: @hapi/boom

• b2e97d2 7.4.11
• 09a3f0b Remove types. Closes Bump @hapi/hoek and @hapi/boom in /server plaid/pattern#248
• e8e9c25 7.4.10
• a989e49 Fix default export. Fixes Update README.md plaid/pattern#244. (Update items sql queries to use plaid_item_id plaid/pattern#245)
• 2ee13f6 Add test for Update README.md plaid/pattern#244
• d941f1b 7.4.9
• feb25bf Improve types. Closes Update update_transactions.js plaid/pattern#243
• 5f6f46a 7.4.8
• 93e02c3 Add missing method. Closes Bump terser from 4.8.0 to 4.8.1 in /client plaid/pattern#242
• f736e89 Ts fix (Bump moment from 2.29.1 to 2.29.4 in /client plaid/pattern#241)
• 283f273 Fix types: Update static isBoom to be a type guard. (Bump moment from 2.24.0 to 2.29.4 in /server plaid/pattern#240)
• 8150c41 7.4.7
• a9f5a67 Fix types. Closes Docker compose configuration doesn't reference local files or docker configuration plaid/pattern#239
• 70f2c61 7.4.6
• fb5b8f0 Fix types: serviceUnavailable -> serverUnavailable. (Bump eventsource from 1.1.0 to 1.1.1 in /client plaid/pattern#238)
• 1225ee9 misc
• 160055a 7.4.5
• 8ea4fae Assert on incompatible error. Closes fix vulnerabilities plaid/pattern#216
• 13bf5b2 Change typeof and reformat to non-enumerable. Closes Bump follow-redirects from 1.14.4 to 1.14.8 in /server plaid/pattern#215
• 77ed175 7.4.4
• 4782135 Cleanup for "No such file or directory" when using "make start" plaid/pattern#233
• 36e02a7 Added TS declarations ("No such file or directory" when using "make start" plaid/pattern#233)
• 87e27bf Update README.md
• 9c51cb9 Update API (Bump nanoid from 3.1.23 to 3.3.4 in /client plaid/pattern#236)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs