angular-starterkit icon indicating copy to clipboard operation
angular-starterkit copied to clipboard

Published 20 hours ago โ€ข verified publisher icon rickvandermey

[Snyk] Security upgrade @storybook/core-server from 7.5.3 to 8.2.0

Open rickvandermey opened this issue 1 year ago โ€ข 1 comments

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 601/1000
Why? Recently disclosed, Has a fix available, CVSS 6.3		 Cross-site Scripting (XSS)
SNYK-JS-COOKIE-8163060		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: @storybook/core-server The new version differs by 250 commits.
  • 8b2f2db Bump version from "8.2.0-beta.3" to "8.2.0" [skip ci]
  • 0437828 Merge pull request #28497 from storybookjs/version-non-patch-from-8.2.0-beta.3
  • 7bcafec Docs: Write 8.2 changelog [skip ci]
  • cfd916f Write changelog for 8.2.0 [skip ci]
  • 687560f Merge pull request #28496 from storybookjs/docs_fix_links
  • 3e765ab Merge branch 'next' into docs_fix_links
  • 9f16fe1 Docs: Fix links and assorted fixes
  • ef343c7 Bump version from "8.2.0-beta.2" to "8.2.0-beta.3" [skip ci]
  • 0c7ea98 Merge pull request #28488 from storybookjs/version-non-patch-from-8.2.0-beta.2
  • ce8513c Write changelog for 8.2.0-beta.3 [skip ci]
  • d749cf2 Merge pull request #28485 from storybookjs/fix-regex-escaping
  • 41053bf Merge pull request #28456 from ROCKTAKEY/fix-switch-case-default-typo-on-document
  • 17ce575 Merge branch 'next' into fix-switch-case-default-typo-on-document
  • 40b1c89 Merge pull request #28487 from storybookjs/valentin/export-prop-type-definitions
  • b3a656b Merge pull request #28486 from storybookjs/docs_frameworks_fix_broken_links
  • db53711 vue 3 vite updates
  • fd4d89e Templates: Export ButtonProps and HeaderProps interfaces
  • 1fb6607 Merge branch 'docs_frameworks_fix_broken_links' of https://github.com/storybookjs/storybook into docs_frameworks_fix_broken_links
  • 7fa1dd0 fix the vue 3 vite link
  • cfdf8c6 Merge branch 'next' into docs_frameworks_fix_broken_links
  • d5b0fb7 Merge pull request #28479 from storybookjs/revert/26884
  • e073dff Docs: Fix broken framework links
  • 6d3212b Merge pull request #28465 from kevinfoerster/patch-1
  • bf0a323 Merge branch 'next' into patch-1

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: ๐Ÿง View latest project report

๐Ÿ›  Adjust project settings

๐Ÿ“š Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

๐Ÿฆ‰ Cross-site Scripting (XSS)

rickvandermey avatar Oct 10 '24 04:10 rickvandermey