report-a-cybercrime icon indicating copy to clipboard operation
report-a-cybercrime copied to clipboard

Published 20 hours ago verified publisher icon cds-snc

[Snyk] Fix for 1 vulnerabilities

Open maxneuvians opened this issue 3 years ago • 0 comments

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • f2/package.json
    • f2/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 661/1000
Why? Recently disclosed, Has a fix available, CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-SSRI-1085630		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: @storybook/react The new version differs by 250 commits.
  • b97e2ee v6.0.0
  • de37d6f Update root, peer deps to 6.0.0
  • ba55375 6.0.0 changelog
  • 30d685c Merge pull request #11877 from storybookjs/chore_add_api_section_snippets
  • e9ec609 Merge pull request #11882 from storybookjs/add_faq_to_docs
  • 7096da8 Merge pull request #11872 from storybookjs/chore_add_workflow_snippets
  • c55b61d Merge pull request #11881 from storybookjs/add-readmes-for-deprecated-content
  • f899683 adds faq to the documentation
  • ab88075 Add deprecated docs to monorepo
  • fe3b3e0 Merge branch 'next' into chore_add_api_section_snippets
  • 6eee72c Merge branch 'next' into chore_add_workflow_snippets
  • d8180f0 component-story-with-query was adjusted.
  • 7a34522 Merge pull request #11867 from storybookjs/add-install-snippet
  • 1a8351e Merge pull request #11878 from storybookjs/documentation_snippets_updates
  • e680f98 Merge pull request #11876 from storybookjs/docs/preview-entries
  • 313a8b7 TS => js
  • d063351 Merge pull request #11880 from storybookjs/6.0-docs-tweaks
  • fbdf836 fix broken markdown
  • 5bddd6f updates per feedback
  • 2581f63 api section feedback changes
  • 9daa2b7 Merge pull request #11879 from storybookjs/remove-angular-dummy-snippet
  • 483a8cf Remove angular dummy snippet
  • 714076b removes the shell and json file references.
  • 99aa694 initial snippets for api section

See the full diff

Package name: natural The new version differs by 11 commits.
  • 63a12e5 2.2.2
  • 930923d Repaired the scripts in package.json. Described the webpack test in README.md
  • 2fe36c5 Small changes to test config for webtesting
  • 4b7344b 2.2.1
  • 6ddcfca Documentation for sentence tokenizer (#559)
  • 86b5433 2.2.0
  • 597d458 WIP Adding a sentence tokenizer based on parsing (#558)
  • 6aaa790 WIP Add Carry stemmer for French (#557)
  • ee8fb27 Fix typo (#540)
  • 0c6db9c [FXD] Dice Coefficient bug when a string is empty (negative value) (#544)
  • ce67fd4 Fix "_ is not a function" error when webpacked (#554)

See the full diff

Package name: react-scripts The new version differs by 125 commits.
  • ed95893 Publish
  • 88ca4f6 Prepare 4.0.0 release
  • d23d615 Update react dom in error overlay
  • 95265c3 Update CHANGELOG
  • 523b416 Add link to Open Collective (#9864)
  • af616ab Update CHANGELOG
  • 014ca01 Prepare 4.0.0 release
  • 2b1161b Pass JSX runtime setting to Babel preset in Jest config (#9865)
  • f2aef41 Prepare 4.0.0 alpha release
  • 4bc639c Upgrade to React 17 (#9863)
  • d61347d Use new JSX setting with TypeScript 4.1.0 (#9734)
  • e63de79 New JSX Transform opt out (#9861)
  • fe785b2 feat: Update all dependencies (#9857)
  • 85ab02b feat: remove unused React imports (#9853)
  • 329f392 feat: Update ESLint dependencies (#9856)
  • 10fa972 feat(eslint-config-react-app): Add jest & testing-library rules (#8963)
  • ed919b1 Make eslint-plugin-jest an optional peerDependency (#9670)
  • 0a93e32 Fix refreshOverlayInterop module scope error (#9805)
  • 7965594 Bump resolve-url-loader version (#9841)
  • b1f8536 Add 3.4.4 to the changelog
  • d07b7d0 Replace deprecated eslint-loader with eslint-webpack-plugin (#9751)
  • 6f3e32e Upgrade Docusaurus to latest version (#9728)
  • 1f2d387 fix: resolve new JSX runtime issues (#9788)
  • 6a51dcd Add AVIF image support (#9611)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

maxneuvians avatar Mar 15 '21 07:03 maxneuvians