Skip to content

[Snyk] Upgrade sirv-cli from 1.0.6 to 1.0.14#2

Open
theomart77 wants to merge 1 commit into
masterfrom
snyk-upgrade-f27af2a888d2829fce1f46573f1e9f6c
Open

[Snyk] Upgrade sirv-cli from 1.0.6 to 1.0.14#2
theomart77 wants to merge 1 commit into
masterfrom
snyk-upgrade-f27af2a888d2829fce1f46573f1e9f6c

Conversation

@theomart77

Copy link
Copy Markdown
Owner

snyk-top-banner

Snyk has created this PR to upgrade sirv-cli from 1.0.6 to 1.0.14.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 8 versions ahead of your current version.

  • The recommended version was released 4 years ago.

Release notes
Package name: sirv-cli
  • 1.0.14 - 2021-08-14

    Chores

    • (sirv): Bump @ polka/url to take advantage of this fix
  • 1.0.13 - 2021-08-13

    Patches

    • (sirv) Only use req.path if has req._decoded flag exists (#82):

      The req._decoded check was added & should have always been in there, since this was sirv's way of preventing duplicate decodeURIComponent calls. However, this was only true when it received a request from a polka@next app, since Polka was previously writing the decoded value to req.path – this changed with polka@v1.0.0-next.16

      Now that the latest polka@next (and Express) doesn't decode automatically anymore, req.path isn't trustworthy on its own. It needs req._decoded to be there too in order to trust it.

      This combo-check is backwards compatible for polka@next users who don't upgrade and will unblock Express users for the first time, who have always had a "raw" req.path value set.

  • 1.0.12 - 2021-05-24

    Patches

    • (sirv-cli): Ensure boolean options are parsed as booleans (#97): 8ebca7c
    • (sirv): Bump @ polka/url dependency version: 7c5162a

    Chores

  • 1.0.11 - 2021-01-30

    Patches

  • 1.0.10 - 2020-12-07

    Patches

    • (sirv) Use Cache-Control: no-cache when both dev & etag are enabled (#90): c8fe11b
      By default dev-mode always used no-store – but this also means that any ETag on the response is ignored too. Changing this to no-cache allows the browser to remember the ETag and send if as the If-None-Match header on next request.
  • 1.0.9 - 2020-12-05
  • 1.0.8 - 2020-10-19
  • 1.0.7 - 2020-10-16
  • 1.0.6 - 2020-08-12
from sirv-cli GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Snyk has created this PR to upgrade sirv-cli from 1.0.6 to 1.0.14.

See this package in npm:
sirv-cli

See this project in Snyk:
https://app.snyk.io/org/theomart77/project/75a01a7e-fe3e-4a64-8e12-f0d9d7495c3d?utm_source=github&utm_medium=referral&page=upgrade-pr
@coderabbitai

coderabbitai Bot commented Dec 9, 2025

Copy link
Copy Markdown

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch snyk-upgrade-f27af2a888d2829fce1f46573f1e9f6c

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants