[Snyk] Upgrade morgan from 1.8.2 to 1.10.0

[snyk-bot]

Snyk has created this PR to upgrade morgan from 1.8.2 to 1.10.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 3 versions ahead of your current version.
• The recommended version was released a year ago, on 2020-03-20.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Arbitrary Code Injection SNYK-JS-MORGAN-72579	661/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.8	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: morgan

• 1.10.0 - 2020-03-20
  
  • Add :total-time token
  • Fix trailing space in colored status code for dev format
  • deps: basic-auth@~2.0.1
    • deps: [email protected]
  • deps: depd@~2.0.0
    • Replace internal eval usage with Function constructor
    • Use instance methods on process to check for listeners
  • deps: on-headers@~1.0.2
    • Fix res.writeHead patch missing return value
• 1.9.1 - 2018-09-11
  
  • Fix using special characters in format
  • deps: depd@~1.1.2
    • perf: remove argument reassignment
• 1.9.0 - 2017-09-27
  
  • Use res.headersSent when available
  • deps: basic-auth@~2.0.0
    • Use safe-buffer for improved Buffer API
  • deps: [email protected]
  • deps: depd@~1.1.1
    • Remove unnecessary Buffer loading
• 1.8.2 - 2017-05-24
  
  • deps: [email protected]
    • Fix DEBUG_MAX_ARRAY_LENGTH
    • deps: [email protected]

from morgan GitHub release notes

Commit messages

Package name: morgan

• c68d2ea 1.10.0
• aa718d7 Add :total-time token
• ce15462 build: remove deprecated Travis CI directive
• e13e0d3 build: [email protected]
• f023828 build: use nyc for test coverage
• 30c0871 build: [email protected]
• 8114639 docs: document success color in dev format
• 5d8176f docs: update rotating-file-stream usage for 2.x
• c54194c tests: ignore branch coverage that varies
• 5659d2f build: [email protected]
• 43518b4 build: [email protected]
• 7a42b31 build: [email protected]
• 397208d build: [email protected]
• 89dffcc build: [email protected]
• 9bf0e8c build: [email protected]
• 3ea521c build: [email protected]
• f72345d build: [email protected]
• 675be35 build: [email protected]
• 9ff523d build: [email protected]
• 23f26c9 build: [email protected]
• f67208d build: [email protected]
• b7496d9 build: [email protected]
• 662aa28 build: [email protected]
• 20a26fe build: support Node.js 13.x

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs