h2o-world-2014-training icon indicating copy to clipboard operation
h2o-world-2014-training copied to clipboard

Published 20 hours ago verified publisher icon h2oai

[Snyk] Upgrade js-yaml from 3.1.0 to 3.14.0

Open snyk-bot opened this issue 4 years ago • 0 comments

Snyk has created this PR to upgrade js-yaml from 3.1.0 to 3.14.0.

merge advice

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 40 versions ahead of your current version.
  • The recommended version was released a month ago, on 2020-05-22.

The recommended version fixes:

Severity Issue Exploit Maturity
Arbitrary Code Execution
SNYK-JS-JSYAML-174129		 No Known Exploit
Denial of Service (DoS)
SNYK-JS-JSYAML-173999		 No Known Exploit
Release notes
Package name: js-yaml
  • 3.14.0 - 2020-05-22

    3.14.0 released

  • 3.13.1 - 2019-04-05

    3.13.1 released

  • 3.13.0 - 2019-03-20

    3.13.0 released

  • 3.12.2 - 2019-02-26

    3.12.2 released

  • 3.12.1 - 2019-01-05

    3.12.1 released

  • 3.12.0 - 2018-06-01

    3.12.0 released

  • 3.11.0 - 2018-03-05

    3.11.0 released

  • 3.10.0 - 2017-09-11

    3.10.0 released

  • 3.9.1 - 2017-07-30

    3.9.1 released

  • 3.9.0 - 2017-07-08

    3.9.0 released

  • 3.8.4 - 2017-05-08
  • 3.8.3 - 2017-04-05
  • 3.8.2 - 2017-03-02
  • 3.8.1 - 2017-02-07
  • 3.8.0 - 2017-02-07
  • 3.7.0 - 2016-11-12
  • 3.6.1 - 2016-05-11
  • 3.6.0 - 2016-04-15
  • 3.5.5 - 2016-03-17
  • 3.5.4 - 2016-03-09
  • 3.5.3 - 2016-02-11
  • 3.5.2 - 2016-01-11
  • 3.5.1 - 2016-01-11
  • 3.5.0 - 2016-01-10
  • 3.4.6 - 2015-11-26
  • 3.4.5 - 2015-11-23
  • 3.4.4 - 2015-11-21
  • 3.4.3 - 2015-10-10
  • 3.4.2 - 2015-09-09
  • 3.4.1 - 2015-09-04
  • 3.4.0 - 2015-08-22
  • 3.3.1 - 2015-05-13
  • 3.3.0 - 2015-04-26
  • 3.2.7 - 2015-02-19
  • 3.2.6 - 2015-02-07
  • 3.2.5 - 2014-12-27
  • 3.2.4 - 2014-12-19
  • 3.2.3 - 2014-11-08
  • 3.2.2 - 2014-09-06
  • 3.2.1 - 2014-08-24
  • 3.1.0 - 2014-07-07
from js-yaml GitHub release notes

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

snyk-bot avatar Jun 17 '20 21:06 snyk-bot