[Snyk] Upgrade clamscan from 1.3.3 to 2.1.2

[randytarampi]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade clamscan from 1.3.3 to 2.1.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 13 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2022-03-18.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Access Restriction Bypass SNYK-JS-XMLHTTPREQUESTSSL-1255647	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Arbitrary Code Injection SNYK-JS-XMLHTTPREQUESTSSL-1082936	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Command Injection SNYK-JS-SSH2-1656673	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Denial of Service (DoS) SNYK-JS-SOCKETIOPARSER-1056752	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Information Exposure SNYK-JS-SIMPLEGET-2361683	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-1585624	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-1584358	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PARSELINKHEADER-1582783	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Remote Code Execution (RCE) SNYK-JS-PACRESOLVER-1564857	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Server-side Request Forgery (SSRF) SNYK-JS-NETMASK-1089716	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Directory Traversal SNYK-JS-MOMENT-2440688	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-LODASHSET-1320032	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-INI-1048974	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-HANDLEBARS-1056767	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-COPYPROPS-1082870	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-1579269	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-AWSSDK-1059424	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-ASYNC-2441827	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-ASYNC-2441827	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-ASYNC-2441827	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Directory Traversal SNYK-JS-ADMZIP-1065796	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Denial of Service (DoS) npm:mem:20180117	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-YARGSPARSER-560381	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-YARGSPARSER-560381	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TRIMOFFNEWLINES-1296850	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-2824151	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-PATHVAL-596926	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Information Exposure SNYK-JS-NODEFETCH-2342118	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-JSZIP-1251497	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-JSZIP-1251497	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-JSZIP-1251497	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Reverse Tabnabbing SNYK-JS-ISTANBULREPORTS-2328088	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-HANDLEBARS-1279029	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CONVENTIONALCOMMITSPARSER-1766960	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: clamscan

• 2.1.2 - 2022-03-18
  

  Fixes Vulnerabilities

  • Updated development packages that were flagged as having vulnerabilities to versions that were clean.
• 2.1.1 - 2022-03-18
  

  Bug Fixes

  • Fixed issue when this._clamavSocket is not defined #97
  • Solve the lock due to promise returned in a promise #96
• 2.1.0 - 2022-03-03
  

  Enhancements

  • Add check: If server closes the connection before PONG #95
  • Added new test to check if enhancement above is working
  • Update package-lock to work with NPM v8
• 2.0.6 - 2022-03-01
  

  Bug Fixes

  • Fixes #92
  • Fixed typos in README
  • Updated HISTORY file to point readers to the GitHub Release page for this package for all version after v2.0.0
  • Fixed various other bugs found through testing.
• 2.0.5 - 2022-02-28
  

  Bug Fix

  • Fix #93 - Remove an unexpected curly bracket in console log. - Thank you @ Annubis45
• 2.0.4 - 2022-02-23
  
  • Updated some package due to vulnerabilies
  • Fixed some code quality issues found via CodeQL
• 2.0.3 - 2022-02-22
  

  Minor Fixes

  • Documentation fixed with #89 and #90. Thank you @ vlaurin
• 2.0.2 - 2022-02-17
  

  Bug Fix

  • Fixed #82 with PR #88 (thanks to @ ngraef ) - Fixed bug with the passthrough method not working in some cases in Node v16+ due to ERR_MULTIPLE_CALLBACK error caused by using asyc/await
• 2.0.1 - 2021-09-21
  

  Just updated NPM dependencies to fix some vulnerabilities.

• 2.0.0 - 2021-09-21
  

  This is largely a code-quality / developer-centric overhaul.

  Breaking Changes

  • Node v12+ is now required.
  • Methods names have changed from snake_case to camelCase
  • All variable and object properties have changed from snake_case to camelCase

  General Changes

  • All code now has proper JSDoc documentation
  • New API doc is generated via JSDoc
  • More strictly-defined code formatting via Prettier and ESLint
  • Husky now runs linting on commit and runs tests on push.
  • NodeClamError is now its own file residing in /lib
  • NodeClamTransform is now located in /lib

  New Features

  • Type-hinting should now work because of JSDoc
• 1.4.2 - 2021-05-05
• 1.4.1 - 2021-05-05
• 1.4.0 - 2021-05-05
• 1.3.3 - 2020-08-12

from clamscan GitHub release notes

Commit messages

Package name: clamscan

• 51612ad 2.1.2
• 5f3a3f8 Updated dependencies to remove vulnerabilities.
• 60cfdc5 2.1.1
• 4723e1b Fixed issue when this._clamavSocket is not defined
• cc8dfd5 Apprently rm isn't available at all in Node <=14. Switched to unlinkSync.
• 18196b0 Removed rmSync from test since it's only supported in Node v14 and up.
• 69630c7 Tests working for goodfile, badfile lists.
• 909f97c Added new test for testing deeply nested folders with potential malicious files within them.
• dfbafbf fix: solve the lock due to promise returned in a promise
• 42236a9 General code cleanup and linting.
• 2ba8f89 Added .DS_Store to gitignore.
• 0f9d4c5 Minor prettier formatting enhancements.
• 987ce4e package-lock update.
• 7925282 2.1.0
• 710262e Modified tests for _ping to make sure it responds to the 'end' event.
• 51d5e39 Updated package-lock to be compatible with latest NPM.
• 4eb3319 Check if server closes the connection before PONG
• 7e2c1d8 2.0.6
• 91361c5 Reset and fixed some test config items.
• 2519b29 Un-commented some tests that were commented out for convenience while testing.
• cb6c143 Fixed a number of issues found through testing. Fixes chore(greenkeeper): Update sinon #92
• 657790a WIP: Fixing issue with result parsing.
• 9f746bb 2.0.5
• 6ab2051 Remove an unexpected curly bracket

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs