lattice
lattice copied to clipboard
Published
20 hours ago •
latticejs
latticejs
[Snyk] Upgrade yup from 0.27.0 to 0.29.3
Snyk has created this PR to upgrade yup from 0.27.0 to 0.29.3.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is 10 versions ahead of your current version.
- The recommended version was released a month ago, on 2020-08-04.
The recommended version fixes:
| Severity | Issue | PriorityScore (*) | Exploit Maturity |
|---|---|---|---|
 |
Prototype Pollution SNYK-JS-PROPERTYEXPR-598800 |
883/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 9.8 |
Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: yup
-
0.29.3 - 2020-08-04
v0.29.3
-
0.29.2 - 2020-07-27
v0.29.2
-
0.29.1 - 2020-05-27
v0.29.1
-
0.29.0 - 2020-05-19
v0.29.0
-
0.28.5 - 2020-04-30
v0.28.5
-
0.28.4 - 2020-04-20
v0.28.4
-
0.28.3 - 2020-03-06
v0.28.3
-
0.28.2 - 2020-03-05
v0.28.2
-
0.28.1 - 2020-01-28
v0.28.1
-
0.28.0 - 2019-12-16
v0.28.0
- 0.27.0 - 2019-03-14
Commit messages
Package name: yup
- eca4618 Publish v0.29.3
- 19c0c03 chore(deps): update all non-major dependencies (#997)
- 53080e1 Publish v0.29.2
- 0672a9f chore: bump
- 96ffd69 chore: bump deps
- 4283e79 chore(deps): update all non-major dependencies (#989)
- 21dc12a chore(deps): update all non-major dependencies (#980)
- ab6f228 chore: add engines in package.json (#978)
- 4620467 Update .travis.yml (#977)
- d32603a chore(deps): update all non-major dependencies (#973)
- 890583c chore(deps): update all non-major dependencies (#947)
- 4e77348 fix: handle sparse array positions as undefined (#950)
- 27b287b chore(deps): update all non-major dependencies (#941)
- 8f2bd2b feat: string UUID validation via a regex (#909)
- ca0fe10 chore(deps): update all non-major dependencies (#928)
- 02d6f5d docs: fix return value for mixed.concat in README (#921)
- 5e8041d docs: typos
- 4d7ab6f docs: fix confusing sentence
- db3a62a Publish v0.29.1
- ecd8ebe fix: present checks for array and strings
- 82035eb chore(deps): update all non-major dependencies (#898)
- db35920 feat: allow access to parent schema (and unlimited ancestors!) in test context (#556)
- b4e5a00 Publish v0.29.0
- fec814b prepare for release
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🔕 Ignore this dependency or unsubscribe from future upgrade PRs
