spotify-api-graphql-console icon indicating copy to clipboard operation
spotify-api-graphql-console copied to clipboard

Published 20 hours ago verified publisher icon charlypoly

[Snyk] Security upgrade webpack from 2.7.0 to 3.11.0

Open snyk-bot opened this issue 5 years ago • 0 comments
trafficstars

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
high severity Prototype Pollution
SNYK-JS-AJV-584908		 Yes No Known Exploit
Commit messages
Package name: webpack The new version differs by 250 commits.
  • f010546 update examples
  • bc840ec 3.11.0
  • 9323ee6 Merge pull request #6398 from addaleax/no-binding
  • c7cbc35 Merge pull request #6430 from jbottigliero/update/ajv
  • 61b75b7 update ajv + ajv-keywords
  • 8da8b93 Work around Node environment variable bug
  • ddb1fad Merge pull request #6408 from ocombe/fix/#6407-empty-array
  • 2aebfbe fix(ConcatenatedModule): don't throw on arrays with empty values
  • 3972d9a Merge pull request #6391 from nerdkid93/patch-1
  • e4375f8 Avoid relying on Node’s internals
  • 0dd1727 change polymer loader link
  • 33f518b Merge pull request #6300 from nename0/fix-6243
  • 80ed1c4 Merge pull request #6335 from Connormiha/banner-plugin-optimize
  • 5d93c53 Minor optimize banner plugin
  • 1895b76 Add Tests checking chunkhash of runtime chunk only changes if needed
  • dc7ebeb Fix #6243: Don't include initial chunks in chunkhash computation
  • b545b51 Merge pull request #6242 from nename0/6239-require-ensure-initial-chunks
  • b059e07 Merge pull request #6176 from mikegreiling/fix-no-fail-on-child-compilation-error
  • 64c4350 Update StatsTestCases
  • 8b0a2ad Merge pull request #6225 from neeharv/feature/async-script-type
  • d1e0bec Fix: the require-ensure only includes non-initial chunks
  • 21b5a02 stringify jsonpScriptType option
  • 8eb0bb6 move default script type option to WebpackOptionsDefaulter
  • be327f9 lint fixes

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

snyk-bot avatar Jul 23 '20 00:07 snyk-bot