kfang / typescript-fp Goto Github PK
View Code? Open in Web Editor NEWfp stuff for typescript
License: MIT License
typescript-fp's People
Contributors
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
![mend-bolt-for-github[bot] avatar](https://avatars.githubusercontent.com/in/16809?v=4 "mend-bolt-for-github[bot]")
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "renovate[bot]")
Stargazers
Watchers
Forkers
alexwellshstypescript-fp's Issues
Success.map and Success.flatmap on the Try object should catch errors an convert them to Failures
-
I'm submitting a ...
[x] bug report
[ ] feature request
[ ] question about the decisions made in the repository
[ ] question about how to use this project -
Summary
I would like to be able to do
Try.of(() => "some value")
.map((s) => {
if (!validate(s)) {
throw new Error();
}
return s;
});and have it properly convert to a Failure object instead of throwing
- Other information (e.g. detailed explanation, stacktraces, related issues, suggestions how to fix, links for us to have context, eg. StackOverflow, personal fork, etc.)
CVE-2021-43138 (High) detected in async-2.6.3.tgz - autoclosed
CVE-2021-43138 - High Severity Vulnerability
Vulnerable Library - async-2.6.3.tgz
Higher-order functions and common patterns for asynchronous code
Library home page: https://registry.npmjs.org/async/-/async-2.6.3.tgz
Path to dependency file: /package.json
Path to vulnerable library: /node_modules/async/package.json
Dependency Hierarchy:
- gh-pages-3.2.3.tgz (Root Library)
- โ async-2.6.3.tgz (Vulnerable Library)
Found in base branch: master
Vulnerability Details
In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.
Publish Date: 2022-04-06
URL: CVE-2021-43138
CVSS 3 Score Details (7.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2021-43138
Release Date: 2022-04-06
Fix Resolution (async): 2.6.4
Direct dependency fix Resolution (gh-pages): 4.0.0
Step up your Open Source Security Game with Mend here
Dependency Dashboard
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
Warning
These dependencies are deprecated:
| Datasource | Name | Replacement PR? |
|---|---|---|
| npm | npm-run-all |
 |
Edited/Blocked
These updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox.
- chore(deps): Update all non-major dependencies (
@types/jest,@types/node,@typescript-eslint/eslint-plugin,@typescript-eslint/parser,eslint,ts-jest,ts-node,typedoc,typescript)
Open
These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
- chore(deps): Update dependency gh-pages to v5 [SECURITY]
- chore(deps): Replace dependency npm-run-all with npm-run-all2 ^5.0.0
- chore(deps): Update actions/checkout action to v4
- chore(deps): Update actions/setup-node action to v4
- chore(deps): Update dependency @tsconfig/node14 to v14
- chore(deps): Update dependency @types/node to v20
- chore(deps): Update dependency eslint to v9
- chore(deps): Update dependency semantic-release to v24
- chore(deps): Update typescript-eslint monorepo to v7 (major) (
@typescript-eslint/eslint-plugin,@typescript-eslint/parser) - Click on this checkbox to rebase all open PRs at once
Detected dependencies
github-actions
.github/workflows/publish.yml
actions/checkout v3actions/setup-node v3.github/workflows/test.yml
actions/checkout v3actions/setup-node v3
npm
package.json
@tsconfig/node14 ^1.0.3@types/jest ^29.5.5@types/node ^14.18.32@typescript-eslint/eslint-plugin ^6.7.5@typescript-eslint/parser ^6.7.5eslint ^8.51.0gh-pages ^4.0.0jest ^29.7.0npm-run-all ^4.1.5semantic-release ^19.0.5ts-jest ^29.1.1ts-node ^10.9.1typedoc ^0.25.2typescript ^5.2.2
nvm
.nvmrc
- Check this box to trigger a request for Renovate to run again on this repository
CVE-2021-35065 (High) detected in glob-parent-5.1.2.tgz - autoclosed
CVE-2021-35065 - High Severity Vulnerability
Vulnerable Library - glob-parent-5.1.2.tgz
Extract the non-magic parent path from a glob string.
Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz
Path to dependency file: /package.json
Path to vulnerable library: /node_modules/glob-parent/package.json
Dependency Hierarchy:
- parser-5.18.0.tgz (Root Library)
- typescript-estree-5.18.0.tgz
- globby-11.1.0.tgz
- fast-glob-3.2.11.tgz
- โ glob-parent-5.1.2.tgz (Vulnerable Library)
- fast-glob-3.2.11.tgz
- globby-11.1.0.tgz
- typescript-estree-5.18.0.tgz
Found in base branch: master
Vulnerability Details
The package glob-parent before 6.0.1 are vulnerable to Regular Expression Denial of Service (ReDoS)
Publish Date: 2021-06-22
URL: CVE-2021-35065
CVSS 3 Score Details (7.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Origin: GHSA-cj88-88mr-972w
Release Date: 2021-06-22
Fix Resolution (glob-parent): 6.0.1
Direct dependency fix Resolution (@typescript-eslint/parser): 5.19.0
Step up your Open Source Security Game with Mend here
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.