flyteconsole [Snyk] Security upgrade webpack-dev-server from 4.15.1 to 5.0.0

[Snyk] Security upgrade webpack-dev-server from 4.15.1 to 5.0.0

Open EngHabu opened this issue 1 year ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	631/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.2	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: webpack-dev-server

The new version differs by 88 commits.

064644a chore(release): 5.0.0
4e4c97f refactor: improve migration (#5040)
b453380 chore(deps): bump (#5035)
975c719 fix: improve error handling for WebsocketServer (#5038)
48f56d5 test: fix
6406db6 test: fix
555bddd test: fix
ba0a2fc test: fix
b087461 test: improve
017dd9d test: update logic
fead975 test: update
d0e092b chore(deps): bump puppeteer
1f3bbfb chore(deps): bump marked
309dfc0 test: skip broken test
e1b6421 chore(deps): update webpack
c6b947e test: update
aaf31e2 test: update
3ed63d2 test: update
0466cf1 test: update
f9615a4 chore(deps): bump
811b01b chore(deps): bump
7c676e2 chore: bump deps
26aae7e fix: clean 'close' event listeners on socket server after generating new proxy config. (#5001)
5ec6a39 chore: update webpack-dev-middleware and other deps (#5032)

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

Learn how to fix vulnerabilities with free interactive lessons:

Feb 12 '24 17:02 EngHabu