Skip to content
This repository has been archived by the owner on Jun 11, 2024. It is now read-only.

[Snyk] Fix for 1 vulnerabilities #90

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Fix for 1 vulnerabilities #90

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link
Contributor

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 658/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-HOSTEDGITINFO-1088355		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: gulp-clean The new version differs by 2 commits.

See the full diff

Package name: snyk The new version differs by 250 commits.
  • 2bdd4f6 Merge pull request #1564 from snyk/feat/mod-cli-init
  • abd2b9e chore: add dev-release job to pipeline
  • 6340ee7 feat: experimental standalone protect package
  • 9c7b3df feat: initial modular cli
  • b2500d6 Merge pull request #1612 from snyk/fix/gradle-graceful-resolvable-configs
  • ef81907 fix: gradle graceful resolvable configs
  • 40e7136 Merge pull request #1601 from snyk/feat/iac-experimental-local-exec
  • f8bd3f3 feat: iac experimental single k8s file
  • 7775c04 Merge pull request #1595 from snyk/fix/iac-add-file-path
  • 5d6a548 Merge pull request #1606 from snyk/smoke/debug-docker-bundle-install
  • 9922197 test: cat snyk_latest API call to debug docker bundle install
  • 86f4609 Merge pull request #1600 from snyk/fix/flakey-fn-and-test
  • 2b211b9 fix: use sync fs method to avoid race condition
  • d00c437 Merge pull request #1603 from snyk/fix/more-than-one-line-with-jsondeps
  • a8dea5e fix: more than one line with jsondeps
  • c94a0a4 Merge pull request #1602 from snyk/fix/scanning-lock-due-of-unresolved-dependencies
  • 746251e fix: scanning lock due of unresolved deps
  • 88f9d9a fix: add full file path to output file for iac scan
  • 3f4a57e Merge pull request #1596 from snyk/fix/gradle-54-java11-dockerfile
  • 50d34c0 fix: gradle 5.4 Java 11 Dockerfile npm install
  • fb23890 Merge pull request #1594 from snyk/chore/update-help-project-name-prefix
  • c7f31da Merge pull request #1578 from snyk/chore/cli-alert-improvement
  • 2593496 feat: add help for new --project-name-prefix flag
  • 229e12f fix: add filter, use GH name convention

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot