Civil issues

chore(deps): [security] bump sanitize-html from 1.19.1 to 2.3.2

Bumps [sanitize-html](https://github.com/apostrophecms/sanitize-html) from 1.19.1 to 2.3.2. **This update includes security fixes.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Improper Input Validation in sanitize-html Apostrophe Technologies sanitize-html before 2.3.2...

dependabot-preview[bot]

dependencies

security

chore(deps): [security] bump handlebars from 4.1.0 to 4.7.7

Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.1.0 to 4.7.7. **This update includes security fixes.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. High severity vulnerability that affects handlebars Versions of handlebars prior...

dependabot-preview[bot]

dependencies

security

chore(deps): bump ssri from 6.0.1 to 6.0.2 in /packages/kirby

Bumps [ssri](https://github.com/npm/ssri) from 6.0.1 to 6.0.2. Changelog Sourced from ssri's changelog. 6.0.2 (2021-04-07) Bug Fixes backport regex change from 8.0.1 (b30dfdb), closes #19 Commits b7c8c7c chore(release): 6.0.2 b30dfdb fix: backport...

dependabot[bot]

dependencies

chore(deps): [security] bump npm from 6.5.0 to 6.14.13

Bumps [npm](https://github.com/npm/cli) from 6.5.0 to 6.14.13. **This update includes security fixes.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Sensitive information exposure through logs in npm CLI Versions of...

dependabot-preview[bot]

dependencies

security

chore(deps): [security] bump y18n from 3.2.1 to 3.2.2

Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 3.2.2. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype Pollution Overview The npm package y18n before versions...

dependabot-preview[bot]

dependencies

security

chore(deps): [security] bump yargs-parser from 5.0.0 to 5.0.1

Bumps [yargs-parser](https://github.com/yargs/yargs-parser) from 5.0.0 to 5.0.1. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype Pollution in yargs-parser Affected versions of yargs-parser are...

dependabot-preview[bot]

dependencies

security

chore(deps): [security] bump lodash-es from 4.17.11 to 4.17.21

Bumps [lodash-es](https://github.com/lodash/lodash) from 4.17.11 to 4.17.21. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. High severity vulnerability that affects lodash, lodash-es, lodash-amd, lodash.template,...

dependabot-preview[bot]

dependencies

security

chore(deps): [security] bump react-dev-utils from 8.0.0 to 11.0.4

Bumps [react-dev-utils](https://github.com/facebook/create-react-app/tree/HEAD/packages/react-dev-utils) from 8.0.0 to 11.0.4. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Improper Neutralization of Special Elements used in an OS...

dependabot-preview[bot]

dependencies

security

chore(deps): bump elliptic from 6.4.1 to 6.5.3 in /packages/kirby

Bumps [elliptic](https://github.com/indutny/elliptic) from 6.4.1 to 6.5.3. Commits 8647803 6.5.3 856fe4d signature: prevent malleability and overflows 6048941 6.5.2 9984964 package: bump dependencies ec735ed utils: leak less information in getNAF() 71e4e8e 6.5.1...

dependabot[bot]

dependencies

chore(deps): [security] bump nested-object-assign from 1.0.3 to 1.0.4

Bumps [nested-object-assign](https://github.com/Geta/NestedObjectAssign) from 1.0.3 to 1.0.4. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype pollution in nested-object-assign The package nested-object-assign before 1.0.4...

dependabot-preview[bot]

dependencies

security

Civil
Civil copied to clipboard

Metadata

chore(deps): [security] bump sanitize-html from 1.19.1 to 2.3.2

chore(deps): [security] bump handlebars from 4.1.0 to 4.7.7

chore(deps): bump ssri from 6.0.1 to 6.0.2 in /packages/kirby

chore(deps): [security] bump npm from 6.5.0 to 6.14.13

chore(deps): [security] bump y18n from 3.2.1 to 3.2.2

chore(deps): [security] bump yargs-parser from 5.0.0 to 5.0.1

chore(deps): [security] bump lodash-es from 4.17.11 to 4.17.21

chore(deps): [security] bump react-dev-utils from 8.0.0 to 11.0.4

chore(deps): bump elliptic from 6.4.1 to 6.5.3 in /packages/kirby

chore(deps): [security] bump nested-object-assign from 1.0.3 to 1.0.4

← Metadata

Owner

Metadata

Civil Civil copied to clipboard

Metadata

← Metadata

Owner

Metadata

Civil
Civil copied to clipboard