sendbird-javascript-samples icon indicating copy to clipboard operation
sendbird-javascript-samples copied to clipboard
verified publisher icon sendbird

[Snyk] Fix for 1 vulnerabilities

Open sendbird-security opened this issue 2 years ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • react/react-app-composed/package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 479/1000
Why? Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-CSSWHAT-1298035		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: @svgr/webpack The new version differs by 197 commits.
  • af9a6cb v6.0.0
  • e9469c3 Merge pull request #629 from gregberge/rewriting-docs
  • eb3282b docs: rewriting
  • 6f832f0 Merge pull request #627 from gregberge/support-css-variables
  • cbdb47f fix: support CSS variables
  • 985444d chore: fix package-lock.json
  • a5effba v6.0.0-alpha.4
  • 3f071d6 Merge pull request #626 from gregberge/upgrade-deps
  • daf6a08 chore(deps): upgrade
  • 1c5f163 Merge pull request #625 from gregberge/icon-size
  • 483560d chore: fix package-lock.json
  • 3c0b779 feat: allow to specify icon size
  • 6ba16a3 Merge pull request #624 from gregberge/various-things
  • f61c8ba chore: fix ref following refactoring
  • 261e1b5 v6.0.0-alpha.3
  • fe5c117 Merge pull request #623 from gregberge/webpack
  • 9a4cbce docs(examples): update examples
  • 1a8cc98 fix(webpack): fix webpack 5 behaviour with url-loader
  • a857bb1 feat: support mask-type property (#621)
  • 5966714 fix(template): make it possible to use type in template (#619)
  • 9ea5da4 refactor(core): use exportName transform (#616)
  • 8a1b0aa docs(readme): Fixing CRA link (#618)
  • 00a1d4b chore: fix package-lock.json
  • f729efa v6.0.0-alpha.2

See the full diff

Package name: optimize-css-assets-webpack-plugin The new version differs by 5 commits.
  • 09d29b3 5.0.5
  • d0a7da7 feat(deps): update dependencies (#154)
  • 41d1e23 Redirect to css-minimizer-webpack-plugin for webpack 5 or above
  • e9b84f1 5.0.4
  • b3a3ada Update dependencies (#133)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

sendbird-security avatar May 23 '23 05:05 sendbird-security