You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CHANGELOG.md
+7Lines changed: 7 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -16,8 +16,15 @@
16
16
17
17
### Core Refactor
18
18
19
+
- Drop old vizion module, refactor to support only git and drop 3 submodules
19
20
- Replace the bundled `pm2-sysmonit` module and `systeminformation` with `lib/tools/SysMetrics.js` (Linux/macOS); `pm2 slist`/`getSystemData` and the Docker metrics path now read this collector. Covered by `test/programmatic/sysmetrics.mocha.js`
20
21
22
+
### Security
23
+
24
+
- Bump `js-yaml` 4.1.1 → 4.3.0 — fixes quadratic-complexity DoS in merge-key handling (GHSA-h67p-54hq-rp68) #6122
25
+
- Bump `ws` 8.20.0 → 8.21.0 — fixes uninitialized-memory disclosure and tiny-fragment DoS (GHSA-58qx-3vcg-4xpx, GHSA-96hv-2xvq-fx4p) #6116
26
+
- Bump `@pm2/js-api` 0.8.0 → 0.8.1, pulling in patched `ws@8.21.0` (its transitive `ws` was pinned to the vulnerable 7.x). Production deps are now advisory-free (`npm audit --omit=dev` clean)
0 commit comments