[Snyk] Upgrade probot from 10.17.2 to 10.19.0

[snyk-bot]

Snyk has created this PR to upgrade probot from 10.17.2 to 10.19.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 8 versions ahead of your current version.
• The recommended version was released 2 years ago, on 2020-12-15.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Command Injection SNYK-JS-LODASH-1040724	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-HANDLEBARS-1056767	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
	Information Exposure SNYK-JS-NODEFETCH-2342118	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
	Prototype Pollution SNYK-JS-IOREDIS-1567196	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
	Prototype Pollution SNYK-JS-HANDLEBARS-1279029	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: probot

• 10.19.0 - 2020-12-15
  

  10.19.0 (2020-12-15)

  Features

  • un-deprecate (app) => {}. Deprecate ({ app, getRouter }) => {} in favor of (app, { getRouter }) => {} (#1441) (42b043e), closes /github.com/probot/probot/issues/1286#issuecomment-744094299
• 10.18.0 - 2020-12-08
  

  Features

  • createProbot() (#1431) (d315f0c)
  • new Probot({ appId }) (a94fdca)
  • Probot.version, Probot.defaults() (2ff5d21)
  • run(appFn, { env }) (3d90806)
  • createNodeMiddleware (bdbe94e)
  • use new Server class when using probot run binary (8a3599d)

  Deprecations

  • probot.load() (3d4b363)
  • probot.start() / probot.stop() / probot.setup() (7a8f268)
  • Deprecates new Probot({ id }) (a94fdca)

  Bug Fixes

  • `createProbot() without options (8c01e90)
  • load app function only once when using createNodeMiddleware (#1432) (60b702b)
  • server: log error requests as [METHOD] /[PATH] [STATUS] - [NUM]ms, e.g POST / 500 - 123ms (9d767e1)
• 10.18.0-beta.5 - 2020-12-08
  

  10.18.0-beta.5 (2020-12-08)

  Bug Fixes

  • load app function only once when using createNodeMiddleware (#1432) (4a1031e)
• 10.18.0-beta.4 - 2020-12-07
  

  10.18.0-beta.4 (2020-12-07)

  Bug Fixes

  • `createProbot() without options (ea54df3)
• 10.18.0-beta.3 - 2020-12-07
  

  10.18.0-beta.3 (2020-12-07)

  Features

  • createProbot(), createNodeMiddleware(app, { probot }). Deprecates getOptions, createNodeMiddleware(app, { Probot }) (#1431) (50a26fa)
• 10.18.0-beta.2 - 2020-12-06
  

  10.18.0-beta.2 (2020-12-06)

  Bug Fixes

  • app.route() with (app) => {} app function (#1430) (66b8bf1)
• 10.18.0-beta.1 - 2020-11-27
• 10.17.3 - 2020-12-06
  

  10.17.3 (2020-12-06)

  Bug Fixes

  • app.route() with (app) => {} app function (#1430) (d203219)
• 10.17.2 - 2020-11-22

from probot GitHub release notes

Commit messages

Package name: probot

• 42b043e feat: un-deprecate `(app) => {}`. Deprecate `({ app, getRouter }) => {}` in favor of `(app, { getRouter }) => {}` (#1441)
• 41820c3 docs(webhooks): typo in usage example (#1445) thanks @ homeles
• a028c3d build(deps): bump highlight.js from 10.3.1 to 10.4.1 (#1429)
• 3aa0d5f docs: log stubbing (#1355)
• f6a7970 refactor: `webhooks.on("*")` is now `webhooks.onAny()` (#1401)
• 60b702b fix: load app function only once when using createNodeMiddleware (#1432)
• 8c01e90 fix: `createProbot() without options
• d315f0c feat: `createProbot()`, `createNodeMiddleware(app, { probot })`. Deprecates `getOptions`, `createNodeMiddleware(app, { Probot })` (#1431)
• d1a66fc test: remove `test/fixtures/test-private-key.pem` from gitignore
• 0343d51 docs(Serverless deployment): add node middleware
• bdbe94e feat: createNodeMiddleware
• a771d25 feat: `getOptions({ env, defaults, overrides })`
• 3d4b363 feat: deprecate `probot.load()`
• 7a8f268 feat: deprecate `probot.start()` / `probot.stop()` / `probot.setup()`
• a5c78b1 docs(testing): remove unused `id` option from code example
• a94fdca feat: `new Probot({ appId })`. Deprecates `new Probot({ id })`
• 2ff5d21 feat: `Probot.version`, `Probot.defaults()`
• e0d34c7 test: move server tests into `test/server.test.ts`
• 3d90806 feat: `run(appFn, { env })`
• 5c2d3c3 test: rewrite server tests to test new `Server` class
• 9d767e1 fix(server): log error requests as `[METHOD] /[PATH] [STATUS] - [NUM]ms`, e.g `POST / 500 - 123ms`
• 8a3599d feat: use new `Server` class when using `probot run` binary
• 966ea5a test: rename `test/index.ts` to `test/probot.ts`
• 6af93d0 test(run): move tests to `test/run.test.js`

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs