ReactView
ReactView copied to clipboard
Published
20 hours ago •
OutSystems
OutSystems
[Snyk] Security upgrade webpack-dev-server from 4.15.1 to 5.0.0
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- ViewPacker/tools/package.json
- ViewPacker/tools/package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
141/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Local, EPSS: 0.01055, Social Trends: No, Days since published: 74, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.35, Score Version: V5 |
Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116 |
Yes | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: webpack-dev-server
The new version differs by 88 commits.- 064644a chore(release): 5.0.0
- 4e4c97f refactor: improve migration (#5040)
- b453380 chore(deps): bump (#5035)
- 975c719 fix: improve error handling for WebsocketServer (#5038)
- 48f56d5 test: fix
- 6406db6 test: fix
- 555bddd test: fix
- ba0a2fc test: fix
- b087461 test: improve
- 017dd9d test: update logic
- fead975 test: update
- d0e092b chore(deps): bump puppeteer
- 1f3bbfb chore(deps): bump marked
- 309dfc0 test: skip broken test
- e1b6421 chore(deps): update webpack
- c6b947e test: update
- aaf31e2 test: update
- 3ed63d2 test: update
- 0466cf1 test: update
- f9615a4 chore(deps): bump
- 811b01b chore(deps): bump
- 7c676e2 chore: bump deps
- 26aae7e fix: clean 'close' event listeners on socket server after generating new proxy config. (#5001)
- 5ec6a39 chore: update webpack-dev-middleware and other deps (#5032)
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.
