georaster
georaster copied to clipboard
[Snyk] Security upgrade worker-loader from 2.0.0 to 3.0.0
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
Vulnerabilities that will be fixed
With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
---|---|---|---|---|
![]() |
713/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.4 |
Prototype Pollution SNYK-JS-JSON5-3182856 |
Yes | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: worker-loader
The new version differs by 28 commits.- bc99955 chore(release): 3.0.0
- 6aa1eb0 docs: improve (#275)
- 011e4ca refactor: code (#274)
- f72b252 refactor: use ES modules syntax for inline mode (#273)
- 76c63fa refactor: code
- 9079570 fix: unstable `contenthash`
- 4f9b240 fix: cache identifier for webpack@4 (#270)
- 5047abb fix: source maps when `inline` using without fallback (#269)
- f93804e test: refactor (#268)
- f047ad0 refactor: `inline` option (#267)
- bb77346 fix: respect `publicPath` from `output.publicPath` (#265)
- 1e761ed fix: respect `externals` (#264)
- c117a7c feat: default value of `filename` from `output.filename` (#263)
- 905ed7b feat: the `chunkFilename` option
- 8d7cae0 refactor: rename the `name` option (#261)
- e0d9887 fix: compatibility with webpack@5 (#259)
- a8ce4ad feat: switch on es module syntax (#257)
- 152634c fix: support WASM
- 2b9e2fd feat: `worker` option (#255)
- 800b074 refactor: test
- f729e34 fix: memory leak for inline workers (#252)
- f03498d feat: add the `workerType` option (replaces #178) (#247)
- 0efd0e4 test: add test with puppeteer (#246)
- 22d48e4 docs: improve
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons: