spotify-api-graphql-console
spotify-api-graphql-console copied to clipboard
Published
20 hours ago •
charlypoly
charlypoly
[Snyk] Fix for 1 vulnerabilities
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908 |
Yes | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: standard-version
The new version differs by 140 commits.- 5c80907 chore(release): 7.1.0
- 00512d0 revert: "chore(deps): bump conventional-changelog to v3.1.17"
- 8168e51 ci(travis): add node 12 to testing matrix
- d1480bd chore(deps): bump conventional-changelog to v3.1.17
- 0273809 docs: correct link in readme
- ba80a0c feat: Adds support for `header` (--header) configuration based on the spec. (#364)
- bc606f8 fix(deps): update dependency conventional-changelog-conventionalcommits to v4.2.3 (#496)
- 0e74e26 chore(deps): update dependency eslint to v6.7.2 (#444)
- 3bbab00 chore(deps): update dependency mocha to v6.2.2 (#458)
- d97e446 chore(deps): update dependency eslint-plugin-node to v10 (#451)
- 35b90c3 fix(deps): update dependency yargs to v15 (#484)
- 564d948 feat: custom 'bumpFiles' and 'packageFiles' support (#372)
- d557372 fix: use require.resolve for the default preset (#465)
- f3e6944 test: add a case for loading a configuration (issueUrlFormat) from package.json. (#486)
- 995e592 chore(deps): update dependency coveralls to v3.0.9 (#489)
- 04ab36a fix(deps): update dependency detect-newline to v3.1.0 (#482)
- ecf26b6 fix(deps): update dependency yargs to v14.2.2 (#488)
- 63300a9 fix(deps): update dependency figures to v3.1.0 (#468)
- dc1fa61 fix(deps): update dependency yargs to v14.2.1 (#483)
- 492e721 fix(deps): update dependency conventional-changelog to v3.1.15 (#479)
- 1e1e215 fix(deps): update dependency conventional-recommended-bump to v6.0.5 (#480)
- 9cc188c fix(deps): update dependency git-semver-tags to v3.0.1 (#485)
- 62d886c chore(release): 7.0.1
- 106d039 chore(deps): update dependency eslint-config-standard to v14 and eslint to v6.2.2 (#438)
Package name: webpack
The new version differs by 250 commits.- 213226e 4.0.0
- fde0183 Merge pull request #6081 from webpack/formating/prettier
- b6396e7 update stats
- f32bd41 fix linting
- 5238159 run prettier on existing code
- 518d1e0 replace js-beautify with prettier
- 4c25bfb 4.0.0-beta.3
- dd93716 Merge pull request #6296 from shellscape/fix/hmr-before-node-stuff
- 7a07901 Merge pull request #6563 from webpack/performance/assign-depth
- c7eb895 Merge pull request #6452 from webpack/update_acorn
- 9179980 Merge pull request #6551 from nveenjain/fix/templatemd
- e52f323 optimize performance of assignDepth
- 6bf5df5 Fixed template.md
- 90ab23a Merge branch 'master' into fix/hmr-before-node-stuff
- b0949cb add integration test for spread operator
- 39438c7 unittest now also walks the ast
- 15ab027 Merge pull request #6536 from jevan0307/sideEffects-selectors
- 1611ce1 Merge pull request #6561 from joshunger/patch-1
- 6e175bc Merge pull request #6549 from webpack/md4_hash
- 0637531 Add a hyperlink to create a new issue
- 0e1f9c6 Merge pull request #6554 from webpack/deps/end-of-beta
- 72477f4 upgrade versions to stable versions
- ed30285 Merge pull request #6546 from webpack/bot/review-permission
- 40ee8c7 Use MD4 for hashing
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
