backstage-plugin-ldap-auth icon indicating copy to clipboard operation
backstage-plugin-ldap-auth copied to clipboard
verified publisher icon immobiliare

[Snyk] Security upgrade @backstage/plugin-auth-backend from 0.22.9 to 0.22.10

Open simonecorsi opened this issue 6 months ago • 2 comments

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

  • packages/ldap-auth-backend/package.json

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory. If you are not using zero-install you can ignore this as your flow should likely be unchanged.

⚠️ Warning 
Failed to update the yarn.lock, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

Issue Score
medium severity Symlink Following
SNYK-JS-TARFS-13045213		   541  

[!IMPORTANT]

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report 📜 Customise PR templates 🛠 Adjust project settings 📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Symlink Following

simonecorsi avatar Oct 01 '25 06:10 simonecorsi

[!IMPORTANT]

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches
🧪 Generate unit tests
  • [ ] Create PR with unit tests
  • [ ] Post copyable unit tests in a comment
  • [ ] Commit unit tests in branch snyk-fix-23d8e762fd06c38c37c277a8c014d4b2

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot] avatar Oct 01 '25 06:10 coderabbitai[bot]

:tada: Snyk checks have passed. No issues have been found so far.

:white_check_mark: security/snyk check is complete. No issues have been found. (View Details)

simonecorsi avatar Oct 01 '25 06:10 simonecorsi

This PR is stale because it has been open 45 days with no activity. Remove stale label or comment or this will be closed in 10 days.

github-actions[bot] avatar Nov 16 '25 03:11 github-actions[bot]