paretOS
paretOS copied to clipboard
[Snyk] Security upgrade workbox-build from 7.0.0 to 7.1.0
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
Vulnerabilities that will be fixed
With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
---|---|---|---|---|
![]() |
626/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.1 |
Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607 |
No | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: workbox-build
The new version differs by 12 commits.- 9e69c42 v7.1.0
- e09ea45 Dependencies update (#3311)
- a30d1aa Update README
- eb8a9c0 Bump @ rollup/plugin-node-resolve (#3271)
- 2f38ba4 Create CODE_OF_CONDUCT.md (#3243)
- 70b1088 fix(rollup-plugin): replace package rollup-plugin-terser by @ rollup/plugin-terser (#3170)
- b950cd6 Update README.md
- 1fe2860 Merge pull request #3307 from GoogleChrome/tomayac-patch-1
- 9b234c1 Update README.md
- ee62b5b updating scorecards workflow
- 8c8e240 updating scorecards workflow
- 47f48fe Update scorecards-analysis.yml (#3218)
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons: