pg-generator
pg-generator copied to clipboard
Published
20 hours ago •
ozum
ozum
[Snyk] Security upgrade js-beautify from 1.9.1 to 1.14.10
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5 |
Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116 |
No | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: js-beautify
The new version differs by 250 commits.- 340b577 Release: 1.14.10
- 13bb155 Merge remote-tracking branch 'origin/staging/main' into staging/release
- 4944f58 Bump version numbers for 1.14.10
- 5a27c90 Update Changelog
- a6698f0 Update milestone-publish.yml
- 425755f Merge pull request #2195 from sobolevn/patch-1
- 99347ac Merge pull request #2209 from likendev/fix/sri-hash-update
- 8feaca4 fix: replace dracula to darcula
- 9d638cb fix: updated SRI hash to sha512
- cb270b3 fix: update SRI verification hash
- 8314a12 Merge pull request #2203 from beautify-web/dependabot/npm_and_yarn/webpack-5.89.0
- 48c8ef4 Merge pull request #2206 from beautify-web/dependabot/github_actions/actions/setup-node-4
- f176cec Bump actions/setup-node from 3 to 4
- 5674bd8 Bump webpack from 5.88.2 to 5.89.0
- a101b70 Merge pull request #2200 from beautify-web/dependabot/npm_and_yarn/glob-10.3.10
- d5c8e9c Bump glob from 10.3.4 to 10.3.10
- 33d9bf2 Use raw strings to define a regex in `packer.py`
- 6cf6782 Merge pull request #2192 from beautify-web/dependabot/github_actions/actions/checkout-4
- cb535de Merge pull request #2191 from beautify-web/dependabot/npm_and_yarn/glob-10.3.4
- 97436d8 Bump actions/checkout from 3 to 4
- aac9c87 Bump glob from 10.3.3 to 10.3.4
- 5039472 Merge pull request #2157 from beautify-web/issue/2152-python-test
- 4925cbc Merge pull request #2116 from mhnaeem/json-invalid-wrap-with-line-length-and-signed-number
- 3b5f18a Turn python CSS tests back on
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.
