react-redux-blog icon indicating copy to clipboard operation
react-redux-blog copied to clipboard

Published 20 hours ago verified publisher icon rajaraodv

[Snyk] Security upgrade compression-webpack-plugin from 1.1.12 to 8.0.1

Open rajaraodv opened this issue 1 year ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 698/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.1		 Cross-site Scripting (XSS)
SNYK-JS-SERIALIZEJAVASCRIPT-6147607		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: compression-webpack-plugin The new version differs by 86 commits.
  • 3b63e50 chore(release): 8.0.1
  • e240b95 chore(deps): serialize-javascript and deps updated (#253)
  • 6cc2d31 chore: fix typo (#251)
  • 58037c9 chore(deps): update (#252)
  • ecb6338 chore(release): 8.0.0
  • 99d8b80 refactor: nodejs v10 dropped (#249)
  • 38851ea chore(deps): update (#247)
  • 334cfe0 chore(release): 7.1.2
  • f33424a fix: crash when `filename` and `algorithm` options are functions (#241)
  • 44c16e2 chore(release): 7.1.1
  • 863c340 fix: compatibility with old plugins (#237)
  • d0af551 chore(release): 7.1.0
  • 8f3fadb perf: fix
  • 5d54128 fix: compatibility with `workbox-webpack-plugin` (#234)
  • 72f3093 chore(deps): update (#233)
  • 5b8b356 feat: compress assets added later by plugins
  • efadca8 chore(release): 7.0.0
  • a94aa35 refactor: fix lint (#226)
  • 0e9ef0a refactor: code (#225)
  • 1c37b2f refactor: next
  • 4a10f07 chore(release): 6.1.1
  • fbb57b1 style: prettier default (#220)
  • 5e3bb95 fix: compatibility with child compilations
  • 7eaf1ff chore(release): 6.1.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

rajaraodv avatar Jan 09 '24 18:01 rajaraodv