vue-oop
vue-oop copied to clipboard
Published
20 hours ago •
matrunchyk
matrunchyk
[Snyk] Fix for 3 vulnerabilities
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3 |
Prototype Pollution SNYK-JS-DOTPROP-543489 |
Yes | Proof of Concept |
 |
686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3 |
Prototype Pollution SNYK-JS-LODASHSET-1320032 |
Yes | Proof of Concept |
|
589/1000 Why? Has a fix available, CVSS 7.5 |
Prototype Pollution SNYK-JS-UNSETVALUE-2400660 |
Yes | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: @commitlint/config-conventional
The new version differs by 225 commits.- 3982e5a v10.0.0
- 0a70592 chore: update dependency eslint to v7.7.0 (#2063)
- 5be34ec chore: update dependency @ types/jest to v26.0.10 (#2064)
- 7b7f9a8 chore: update dependency @ types/semver to v7.3.2 (#2062)
- 25d42f4 fix: update dependency find-up to v5 (#2060)
- 74d54d0 chore: update dependency ts-jest to v26.2.0 (#2059)
- 0772b27 chore: update typescript-eslint monorepo to v3.9.0 (#2058)
- 4895d5f Use read dafult export - requiring with CommonJS (#2057)
- da0c75d build(deps): bump prismjs from 1.20.0 to 1.21.0 (#2055)
- 0329e09 chore: update dependency conventional-changelog-angular to v5.0.11 (#2056)
- d8b6bd6 chore: update dependency @ types/node to v12.12.54 (#2054)
- 08bd3db chore: update dependency @ types/lodash to v4.14.159 (#2053)
- 13382ec chore: update dependency @ types/jest to v26.0.9 (#2052)
- 46c3982 chore: update babel monorepo (#2050)
- 163a789 chore: update typescript-eslint monorepo to v3.8.0 (#2045)
- f4db933 fix: update dependency cosmiconfig to v7 (#2044)
- ca63602 chore: update dependency eslint to v7.6.0 (#2042)
- 964876e chore: update dependency @ types/jest to v26.0.8 (#2041)
- 62f4772 chore: update babel monorepo (#2037)
- ebb57d2 chore: update dependency eslint-plugin-jest to v23.20.0 (#2034)
- 1efce79 chore: update dependency ts-jest to v26.1.4 (#2031)
- 1784ef2 chore: use non-fixed lerna version (#2026)
- 0b08b4d chore: update dependency eslint-plugin-jest to v23.19.0 (#2030)
- 3beacfc chore: update typescript-eslint monorepo to v3.7.1 (#2029)
Package name: danger
The new version differs by 29 commits.- 5d5db62 Release 11.0.2
- 91c0c94 More version faff
- d1119d3 Merge branch 'main' of https://github.com/danger/danger-js into main
- 8655391 Prepare for 2nd shot at a release
- 0dd1379 Release 11.0.0
- 65130b5 Prepare for release
- fff2201 Merge pull request #1204 from danger/fb/bump-octokit-rest
- fbac092 Handle a mocking issue in the ts upgrade
- 248f8c1 Use published memfs
- 50ae51c Bump @ octokit/rest from v16.43.1 to v18.12.0
- 0253cf2 Bump TypeScript from v3.9.7 to v4.5.5
- e22faa1 Upgrade new Buffer to Buffer.from (node v10+)
- 202d727 Release 10.9.0
- 34fe471 Prepare for release
- 06928e3 Merge branch 'adjust-structured-diff-return-value' into main
- fb66c81 Merge pull request #1201 from berlysia/adjust-structured-diff-return-value
- 6303c88 Lock node-fetch to the latest 2.x
- 9049848 Merge pull request #1198 from jonny133/jonny133-node-fetch-2_6_7
- dc54972 now structuredDiffForFile is well-typed
- 0b5865f make structuredDiffForFile for BitBucketServer the same as the others
- ab77e3c Resolve node-fetch to 2.6.7
- a7355a3 Merge pull request #1197 from danger/fb/fix-moved-json-crash
- 3411074 Cleanup debug log
- 99e19f7 Don't crash when danger.git.JSONDiffForFile encounters a moved JSON file
Package name: jest
The new version differs by 250 commits.- be16e47 v27.0.0
- 63102ec chore: update changelog for release
- 564694a docs(blog): Jest 27 blog post (#11131)
- b68d91b feat(pretty-print): add option `printBasicPrototype` (#11441)
- 2226742 chore: minor simplify format results error (#11432)
- 78eb25d chore: remove needless assign (#11433)
- 696c455 chore: update lockfile after publish
- e2eb9ae v27.0.0-next.11
- 3b253f8 Wait for closed resources to actually close before detecting open handles (#11429)
- 27bee72 fix: run GC before collecting open handles (#11278)
- 50451df feat: use fallback if prettier not found (#11400)
- 150dbd8 chore: update lockfile after publish
- 6f44529 v27.0.0-next.10
- cbcec7d Upgrade fsevents in jest-haste-map (#11428)
- 9633a26 feat: support reporters written in ESM (#11427)
- 59f42d8 fix: do not cache modules that throw during evaluation (#11263)
- 57e32e9 Detect open handles with done callbacks (#11382)
- a397607 Document and test dontThrow for custom inline snapshot matchers (#10995)
- 4fa3a0b feat: custom haste (#11107)
- 2047a36 chore: bump deps (#11419)
- a4358d6 chore: run prettier on changelog
- bdd6282 Move all default values into `jest-config` (#9924)
- db643a1 Link to Jest config (#11106)
- b16082c Fix locale issue #10014 (#11412)
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
