ac-react-reddit
ac-react-reddit copied to clipboard
Published
20 hours ago •
abdullahceylan
abdullahceylan
[Snyk] Security upgrade react-markdown from 4.3.1 to 5.0.0
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-TRIM-1017038 |
Yes | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: react-markdown
The new version differs by 18 commits.- 45b9977 5.0.0
- eeea3c2 Update `changelog.md`
- 5d6c9f1 Refactor scripts
- d29478f Add type tests
- 4f5dbe2 Add note
- 7a5e3a1 Add `allowDangerousHtml`, preferred over `escapeHtml`
- 2675ae2 Remove docs on `source`
- 34b0883 Change default branch to `main`
- 22a5e49 Refactor and test for 100% coverage
- b3aa6e0 Rewrite readme for unified, more examples
- a9f163d Move demo to `website` branch
- 4f1a407 Change to clean project, update, refactor scripts
- ebebf51 Upgrade remark to version 8, unified to version 9
- e400f6f Upgrade to remark-parse@6
- 3260f57 Run tests on node 12
- 6eff8d1 Pass AST node to all non-tag/non-fragment renderers as prop
- ca25be1 Fix link to demo in readme
- 9b4eb84 Updated remark-parse github link (#447)
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
