phantomas
phantomas copied to clipboard
macbre
[Snyk] Security upgrade js-yaml from 4.1.0 to 4.1.1
Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.
Snyk changed the following file(s):
package.jsonpackage-lock.json
Vulnerabilities that will be fixed with an upgrade:
| Issue | Score | |
|---|---|---|
 |
Prototype Pollution SNYK-JS-JSYAML-13961110 |
631 |
[!IMPORTANT]
- Check the changes in this PR to ensure they won't cause issues with your project.
- Max score is 1000. Note that the real score may have changed since the PR was raised.
- This PR was automatically created by Snyk using the credentials of a real user.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
| Diff | Package | Supply Chain Security |
Vulnerability | Quality | Maintenance | License |
|---|---|---|---|---|---|---|
 | js-yaml@4.1.0 ⏵ 4.1.1 |  +1 | +8 | +1 |  | |
![socket-security[bot] avatar](https://avatars.githubusercontent.com/in/156372?v=4 "Published by a pub.dev verified publisher"){kind=small}