spark-design-system
spark-design-system copied to clipboard
Published
20 hours ago •
sparkdesignsystem
sparkdesignsystem
[Snyk] Security upgrade babel-plugin-react-docgen from 3.2.0 to 4.0.0
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5 |
Prototype Pollution SNYK-JS-ASYNC-2441827 |
Yes | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: babel-plugin-react-docgen
The new version differs by 12 commits.- be19231 V5 with jest snapshots (#80)
- 37ca6a1 Cleanup and version bump to 4.0.0
- 242961d Normalizing snapshots line endings to LF
- ed4a3ce Update snapshots to work on both windows/unix
- 3411d5f Reduce package size
- a6eff36 Bump package versions
- d512563 Add prettier && force snapshot tests to use posix paths
- dc8d9f2 Upgrade to yarn/jest
- d9373be Merge branch 'master' into dd/v5-beta
- 7c3ad5f docs: Update default resolver comment in README.md example (#78)
- 9cfc055 4.0.0-beta.1
- db54699 use react-docgen@5-beta and update test snapshots
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
