NeuralNotes icon indicating copy to clipboard operation
NeuralNotes copied to clipboard
verified publisher icon DarthVanger

[Snyk] Security upgrade babel-plugin-module-resolver from 3.2.0 to 5.0.1

Open DarthVanger opened this issue 1 year ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 631/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 6.2		 Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: babel-plugin-module-resolver The new version differs by 22 commits.
  • dda6640 chore(release): 5.0.1
  • 6a666c8 chore: Update dependencies (#445)
  • ff8a445 chore(release): 5.0.0
  • c43e71c chore: Update dependencies and find-babel-config to fix json5 vulnerabilities (#441)
  • f2daf06 docs: Valid install commands when using Github copy button (#426)
  • f533cc2 chore(release): 4.1.0
  • 57c53c3 chore: Run CI on node >= 10
  • 91c053c chore: Update husky & lint-staged
  • 2a14940 chore: Update standard-version to v9.0.0
  • facf14c feat: Add new jest methods (#419)
  • a3eba3a chore(deps): bump ini from 1.3.5 to 1.3.8 (#418)
  • e4a1165 docs: update readme to include Intellij / Webstorm workaround for resolving aliases (#410)
  • 8a3ac0f chore(deps): bump yargs-parser from 13.1.1 to 13.1.2 (#408)
  • aac96f2 chore(deps-dev): bump standard-version from 7.0.1 to 8.0.1 (#401)
  • 1179e27 chore(deps): bump lodash from 4.17.15 to 4.17.19 (#402)
  • 5e3feaa docs: Add yarn install command (#394)
  • a65c39a chore(release): 4.0.0
  • a5045b0 chore: Add Test github action (#378)
  • 0cef5ee chore: Update dependencies (#377)
  • 8963f88 docs: Add Quasar Framework as a user using this lib (#364)
  • f2173ee feat: Add support for alias with array of paths (#376)
  • 77b1bc1 chore: Update Expo link (#370)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

DarthVanger avatar Apr 18 '24 04:04 DarthVanger