patternfly-css
patternfly-css copied to clipboard
Published
20 hours ago •
patternfly
patternfly
[Snyk] Security upgrade browser-sync from 2.18.13 to 2.26.4
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5 |
Uncontrolled resource consumption SNYK-JS-BRACES-6838727 |
No | Proof of Concept |
|
661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5 |
Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728 |
No | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: browser-sync
The new version differs by 196 commits.- 47a4d1b v2.26.4
- 05a58db deps: fixes #1677 #1671 #1659 #1648
- 35035df deps: removed nodemon since it includes flat-stream (security)
- 1b2eab5 Merge pull request #1634 from mxschmitt/patch-1
- e35e5dc fix(ui): updated dead links and moved to https
- 85c4ba7 examples: server + proxy
- 924d5e7 v2.26.3
- d60cd91 fix: application/wasm support in Chrome - fixes #1598
- f95dd7a v2.26.2
- 9f3fea4 deps: npm audit fixes across all packages - fixes #1618
- cf7cb3e v2.26.1
- 0a2ff5a fix: deps - ensure previous users of browser-sync-client are not affected by new structure - fixes #1615
- ec7b82d v2.26.0
- f83ba7e lerna whitespace to allow publish
- d7ca182 v2.25.3-alpha.0
- 257fba6 fix: Removing default logger prefix [BS] - fixes #1607
- cc8dfad v2.25.2-alpha.0
- d4c58b8 Merge branch 'master' into 1591-prevent-reload
- abc0124 Merge branch 'johanblumenberg-patch-1'
- dacfc8b fix: proxy: case insensitive matching of cookie domain - fixes #1606
- 11729cc fix: bump chokidar fixing fsevents build - closes #1613
- 9eafa03 v2.25.1-alpha.0
- 0d4ab81 chore: move cypress to top-level dep
- 06ee1b7 fix: Unexpected Page Reload after Pausing in Debugger - fixes #1591
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Uncontrolled resource consumption
