Recess icon indicating copy to clipboard operation
Recess copied to clipboard
verified publisher icon avinashkranjan

[Snyk] Security upgrade @testing-library/react from 13.3.0 to 14.0.0

Open avinashkranjan opened this issue 9 months ago • 2 comments

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • package.json
  • package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-BABELRUNTIMECOREJS3-9397696		   738  

[!IMPORTANT]

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report 📜 Customise PR templates 🛠 Adjust project settings 📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

Summary by Sourcery

Bug Fixes:

  • Fixes a Regular Expression Denial of Service (ReDoS) vulnerability by upgrading the @testing-library/react dependency.

avinashkranjan avatar Mar 17 '25 05:03 avinashkranjan

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
recess ❌ Failed (Inspect) Mar 17, 2025 5:34am

vercel[bot] avatar Mar 17 '25 05:03 vercel[bot]

Reviewer's Guide by Sourcery

This pull request upgrades the @testing-library/react package to address a security vulnerability (ReDoS). The changes involve updating the package version in package.json and package-lock.json.

No diagrams generated as the changes look simple and do not need a visual representation.

File-Level Changes

Change Details Files
The pull request upgrades the @testing-library/react package from version 13.3.0 to 14.0.0 to address a Regular Expression Denial of Service (ReDoS) vulnerability.
  • Updated @testing-library/react version from 13.3.0 to 14.0.0 in package.json.
  • Updated package-lock.json to reflect the new version of @testing-library/react and its dependencies.
 package.json
package-lock.json
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an issue from a review comment by replying to it. You can also reply to a review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull request title to generate a title at any time. You can also comment @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in the pull request body to generate a PR summary at any time exactly where you want it. You can also comment @sourcery-ai summary on the pull request to (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the pull request to resolve all Sourcery comments. Useful if you've already addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull request to dismiss all existing Sourcery reviews. Especially useful if you want to start fresh with a new review - don't forget to comment @sourcery-ai review to trigger a new review!
  • Generate a plan of action for an issue: Comment @sourcery-ai plan on an issue to generate a plan of action for it.

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

  • Contact our support team for questions or feedback.
  • Visit our documentation for detailed guides and information.
  • Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

sourcery-ai[bot] avatar Mar 17 '25 05:03 sourcery-ai[bot]

Thank you @avinashkranjan for taking out your valuable time in order to contribute to our project. Looking forward for more such amazing contributions :)

github-actions[bot] avatar Oct 22 '25 16:10 github-actions[bot]