[Snyk] Upgrade express-validator from 6.13.0 to 6.14.2

[snyk-bot]

Snyk has created this PR to upgrade express-validator from 6.13.0 to 6.14.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 3 versions ahead of your current version.
• The recommended version was released 3 months ago, on 2022-06-19.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOMENT-2944238	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Directory Traversal SNYK-JS-MOMENT-2440688	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Session Fixation SNYK-JS-PASSPORT-2840631	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: express-validator

• 6.14.2 - 2022-06-19
  No content.
• 6.14.1 - 2022-05-22
  

  What's Changed

  • Add validationResult() for schema validation example by @ daenamkim in #1120
  • chore(deps): bump shelljs from 0.8.4 to 0.8.5 by @ dependabot in #1128
  • chore(deps): bump ajv from 6.11.0 to 6.12.6 by @ dependabot in #1129
  • chore(deps): bump prismjs from 1.25.0 to 1.27.0 by @ dependabot in #1135
  • docs: remove dependencies status badge by @ gustavohenke in #1131
  • chore(deps): bump minimist from 1.2.5 to 1.2.6 by @ dependabot in #1142
  • chore(deps): bump async from 2.6.3 to 2.6.4 by @ dependabot in #1147
  • Add missing SK postal code - #1144

  New Contributors

  • @ daenamkim made their first contribution in #1120

  Full Changelog: v6.14.0...v6.14.1

• 6.14.0 - 2021-12-11
  

  What's Changed

  • feat: update validator to 13.7 by @ fedeci in #1115
  • chore(deps): bump tmpl from 1.0.4 to 1.0.5 by @ dependabot in #1116
  • chore(deps): bump path-parse from 1.0.6 to 1.0.7 by @ dependabot in #1118
  • chore(deps): bump prismjs from 1.24.0 to 1.25.0 by @ dependabot in #1117

  Full Changelog: v6.13.0...v6.14.0

• 6.13.0 - 2021-10-12
  

  What's Changed

  • docs: warn users about bad practice by @ hariprasadkc in #1094
  • schema usage according to documentation results in Error by @ fkarg in #1095
  • v6.13 features by @ fedeci in #1091

  New Contributors

  • @ hariprasadkc made their first contribution in #1094
  • @ fkarg made their first contribution in #1095

  Full Changelog: v6.12.2...v6.13.0

from express-validator GitHub release notes

Commit messages

Package name: express-validator

• 6b2edda fix: correctly run .matches when passing regex object (#1156)
• 82e4d84 6.14.1
• 199fcf6 Add missing SK postal code
• 1920b8c deps: bump async from 2.6.3 to 2.6.4 (#1147)
• a2e8f2c deps: bump minimist from 1.2.5 to 1.2.6 (#1142)
• e4e33f6 docs: remove dependencies status badge (#1131)
• a331ddb deps: bump prismjs from 1.25.0 to 1.27.0 (#1135)
• 997b950 deps: bump ajv from 6.11.0 to 6.12.6 (#1129)
• 6a124ce chore(deps): bump shelljs from 0.8.4 to 0.8.5 (#1128)
• 9b20675 docs: add `validationResult()` for schema validation (#1120)
• 3e23f5a 6.14.0
• c0137f5 chore(deps): bump prismjs from 1.24.0 to 1.25.0 (#1117)
• eaedcb8 chore(deps): bump path-parse from 1.0.6 to 1.0.7 (#1118)
• d75ace0 chore(deps): bump tmpl from 1.0.4 to 1.0.5 (#1116)
• f3cb5ba feat: update `validator` to `13.7` (#1115)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs