add CVEs and refs to fix commits

Kirill89 · Kirill89 · commit aacebfd7c274 · 2021-07-22T14:17:01.000+03:00
diff --git a/dot-prop/META.md b/dot-prop/META.md
@@ -0,0 +1,3 @@
+|CVE|Fix|
+| --- | --- |
+| CVE-2020-8116 | https://github.com/sindresorhus/dot-prop/commit/3039c8c07f6fdaa8b595ec869ae0895686a7a0f2 |
diff --git a/dot-prop/README.md b/dot-prop/README.md
@@ -4,6 +4,10 @@ Get, set, or delete a property from a nested object using a dot path
 
 **Latest version:** `6.0.1`
 
+|CVE|Fix|
+| --- | --- |
+| CVE-2020-8116 | https://github.com/sindresorhus/dot-prop/commit/3039c8c07f6fdaa8b595ec869ae0895686a7a0f2 |
+
 ## Exploits
 
 ```javascript
diff --git a/express-fileupload/META.md b/express-fileupload/META.md
@@ -0,0 +1,3 @@
+|CVE|Fix|
+| --- | --- |
+| CVE-2020-7699 | https://github.com/richardgirges/express-fileupload/commit/9fca550f08a9dc07cc3500921f4fa7879cf88b8f, https://github.com/richardgirges/express-fileupload/pull/237/files |
diff --git a/express-fileupload/README.md b/express-fileupload/README.md
@@ -4,6 +4,10 @@ Simple express file upload middleware that wraps around Busboy
 
 **Latest version:** `1.2.1`
 
+|CVE|Fix|
+| --- | --- |
+| CVE-2020-7699 | https://github.com/richardgirges/express-fileupload/commit/9fca550f08a9dc07cc3500921f4fa7879cf88b8f, https://github.com/richardgirges/express-fileupload/pull/237/files |
+
 ## Exploits
 
 ```javascript
diff --git a/extend/META.md b/extend/META.md
@@ -0,0 +1,3 @@
+|CVE|Fix|
+| --- | --- |
+| CVE-2018-16492 | https://github.com/justmoon/node-extend/commit/0e68e71d93507fcc391e398bc84abd0666b28190 |
diff --git a/ini/META.md b/ini/META.md
@@ -0,0 +1,3 @@
+|CVE|Fix|
+| --- | --- |
+| CVE-2020-7788 | https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1 |
diff --git a/ini/README.md b/ini/README.md
@@ -4,6 +4,10 @@ An ini encoder/decoder for node
 
 **Latest version:** `2.0.0`
 
+|CVE|Fix|
+| --- | --- |
+| CVE-2020-7788 | https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1 |
+
 ## Exploits
 
 ```javascript
diff --git a/make-md.sh b/make-md.sh
@@ -41,7 +41,14 @@ for PACKAGE_VERSION in $PACKAGE_VERSIONS; do
   done
 done
 
-MARKDOWN_OUTPUT="# $PACKAGE_NAME$NL$NL$PACKAGE_DESCRIPTION$NL$NL**Latest version:** $ACCENT$PACKAGE_LATEST_VERSION$ACCENT$NL$NL## Exploits"
+MARKDOWN_OUTPUT="# $PACKAGE_NAME$NL$NL$PACKAGE_DESCRIPTION$NL$NL**Latest version:** $ACCENT$PACKAGE_LATEST_VERSION$ACCENT$NL$NL"
+
+if [ -f "$PACKAGE_NAME/META.md" ]; then
+  META=$(cat "$PACKAGE_NAME/META.md")
+  MARKDOWN_OUTPUT="$MARKDOWN_OUTPUT$META$NL$NL"
+fi
+
+MARKDOWN_OUTPUT="$MARKDOWN_OUTPUT## Exploits"
 
 for EXPLOIT_MD_PATH in $(find "$PACKAGE_NAME" -name \*.js.tmd); do
   MARKDOWN_OUTPUT="$MARKDOWN_OUTPUT$NL$NL$(cat "$EXPLOIT_MD_PATH")"
diff --git a/merge/META.md b/merge/META.md
@@ -0,0 +1,4 @@
+|CVE|Fix|
+| --- | --- |
+| CVE-2020-28499 | https://github.com/yeikos/js.merge/commit/7b0ddc2701d813f2ba289b32d6a4b9d4cc235fb4 |
+| CVE-2018-16469 | https://github.com/yeikos/js.merge/commit/6ad6035b901b3d680beac82de39ca83a93885246 |
diff --git a/merge/README.md b/merge/README.md
@@ -4,6 +4,11 @@
 
 **Latest version:** `2.1.1`
 
+|CVE|Fix|
+| --- | --- |
+| CVE-2020-28499 | https://github.com/yeikos/js.merge/commit/7b0ddc2701d813f2ba289b32d6a4b9d4cc235fb4 |
+| CVE-2018-16469 | https://github.com/yeikos/js.merge/commit/6ad6035b901b3d680beac82de39ca83a93885246 |
+
 ## Exploits
 
 ```javascript

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+\|CVE\|Fix\|`
	`2`	`+\| --- \| --- \|`
	`3`	`+\| CVE-2020-8116 \| https://github.com/sindresorhus/dot-prop/commit/3039c8c07f6fdaa8b595ec869ae0895686a7a0f2 \|`