nasa-images
nasa-images copied to clipboard
minhlucvan
product like nasa images gallery using react - redux
Bumps [minimist](https://github.com/minimistjs/minimist) to 1.2.8 and updates ancestor dependencies [minimist](https://github.com/minimistjs/minimist), [minimist](https://github.com/minimistjs/minimist), [mkdirp](https://github.com/isaacs/node-mkdirp), [extract-zip](https://github.com/maxogden/extract-zip), [loader-fs-cache](https://github.com/viankakrisna/loader-fs-cache) and [handlebars](https://github.com/wycats/handlebars.js). These dependencies need to be updated together. Updates `minimist` from 1.2.0 to 1.2.8 Changelog Sourced...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) to 4.1.1 and updates ancestor dependency [critical](https://github.com/addyosmani/critical). These dependencies need to be updated together. Updates `http-cache-semantics` from 3.8.1 to 4.1.1 Commits 2449650 Update mocha 560b2d8 Don't use regex...
Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode...
Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.20 to 0.7.35. Changelog Sourced from ua-parser-js's changelog. Version 0.7.35 / 1.0.35 Fix result from user-supplied user-agent being altered Add new browser: Heytap, TikTok Add new engine:...
Bumps [qs](https://github.com/ljharb/qs) from 6.9.0 to 6.9.7. Changelog Sourced from qs's changelog. 6.9.7 [Fix] parse: ignore __proto__ keys (#428) [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424) [Robustness]...
检测到 minhlucvan/nasa-images 一共引入了1600个开源组件,存在52个漏洞 ``` 漏洞标题:serialize-javascript 代码问题漏洞 缺陷组件:[email protected] 漏洞编号:CVE-2020-7660 漏洞描述:Verizon serialize-javascript是美国威瑞森电信(Verizon)公司的一款支持将JavaScript序列化为 JSON超集的软件包。 serialize-javascript 3.1.0之前版本中存在代码问题漏洞。远程攻击者可借助index.js文件中的‘deleteFunctions’函数利用该漏洞注入任意代码。 国家漏洞库信息:https://www.cnvd.org.cn/flaw/show/CNVD-2020-53801 影响范围:(∞, 3.1.0) 最小修复版本:3.1.0 缺陷组件引入路径:[email protected]>[email protected]>[email protected] [email protected]>@storybook/[email protected]>[email protected]>[email protected]>[email protected] [email protected]>@storybook/[email protected]>@storybook/[email protected]>[email protected]>[email protected] [email protected]>@storybook/[email protected]>@storybook/[email protected]>[email protected]>[email protected]>[email protected] [email protected]>[email protected]>[email protected] [email protected]>[email protected]>[email protected]>[email protected]>[email protected] [email protected]>[email protected]>[email protected]>[email protected] ``` 另外还有52个漏洞,详细报告:https://mofeisec.com/jr?p=ibc246
![dependasec[bot] avatar](https://avatars.githubusercontent.com/in/180093?v=4 "dependasec[bot] avatar"){kind=avatar}
Bumps [node-sass](https://github.com/sass/node-sass) from 4.13.0 to 7.0.0. Release notes Sourced from node-sass's releases. v7.0.0 Breaking changes Drop support for Node 15 (@nschonni) Set rejectUnauthorized to true by default (@scott-ut, #3149) Features...
Metadata
Owner
Metadata
product like nasa images gallery using react - redux