recalbox-manager
recalbox-manager copied to clipboard
[Snyk] Security upgrade config from 1.31.0 to 3.3.1
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
Vulnerabilities that will be fixed
With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
---|---|---|---|---|
![]() |
713/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.4 |
Prototype Pollution SNYK-JS-JSON5-3182856 |
Yes | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: config
The new version differs by 83 commits.- c86ba2a Resolved security vulnerability in json5
- dfcd2de Delete _config.yml
- 0ba1d51 Set theme jekyll-theme-minimal
- 080d9f9 Prepare for 3.3.0 publish
- 945aed3 Merge pull request #582 from fostyfost/master
- c42e3fa Allow all defined values in `substituteDeep`
- 9fa7022 Updated copyright dates
- d3616e6 Updated copyright dates
- 21d3094 Prepare for 3.2.5 publish
- 3268b40 Merge pull request #585 from dekelev/master
- dbcddbb Fixed issue with getCustomEnvVars method and multiple config dirs
- 58f8f89 Merge pull request #581 from JMackie80/master
- 9ba0aa0 Update README.md
- 1c59823 Update for 3.2.4 publish
- e8539b7 Merge pull request #579 from leonardovillela/master
- c8d815c Improved error handling of env variables value parse
- 7292a77 For 3.2.3 publish
- e334cfa Improve diagnostic when custom env file can't be read.
- 2565a3f Updates for 3.2.2 publish
- 05fa30c Merge pull request #568 from iMoses/master
- c38a447 Fix #567 - Missing path.delimiter breaks windows absolute paths
- 9b73f6a Prep for 3.2.1 publish
- ced8854 Merge pull request #565 from leosuncin/fix/lorenwest-node-config-564
- df30f74 test: Update util.js to check object with `__proto__ = null` and Map objects
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons: