mpbuild
mpbuild copied to clipboard
Published
20 hours ago •
ximing
ximing
[Snyk] Fix for 2 vulnerabilities
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- packages/mpbuild/package.json
- packages/mpbuild/package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5 |
Uncontrolled resource consumption SNYK-JS-BRACES-6838727 |
Yes | No Known Exploit |
|
661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5 |
Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728 |
Yes | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: gulp
The new version differs by 45 commits.- 5c4c547 chore: Release 5.0.0 (#2762)
- bf72116 chore: Add index.mjs to files list
- b00de68 feat: Provide an ESM export (#2760)
- 72668c6 chore!: Normalize repository, dropping node <10.13 support (#2758)
- 85896d4 chore(docs): Update stream handbook link (#2711)
- 818bd73 Docs: Remove gulp-sourcemaps because it is built-in (#2592)
- 598f971 Docs: Fix broken link in recipe (#2571)
- 9877de0 Docs: Guide CustomRegistries to maintain properties on tasks (fixes #2561) (#2565)
- f91c388 Docs: Remove typo in custom registry docs (#2543)
- df25250 Docs: Fix typo in task docs (#2524)
- b6d6d7c Docs: fix recipe link (#2526)
- c26ebcb Docs: Cleanup registry error message subtitles
- d51c6eb Docs: Rename the automate releases recipe file
- 4c1bead Docs: Add subtitles for registry error messages (#2502)
- 6e56ed8 Docs: Update and refactor release workflow recipe (#2498)
- 131b702 Docs: Remove recipe for using a config file
- c5ff7e0 Docs: Remove recipe for splitting tasks in files
- 147327c Docs: Remove recipe for specifying a CWD
- 1a653a9 Docs: Remove recipe for running shell commands
- e1190ea Docs: Remove recipe for exporting tasks
- c4305df Docs: Remove recipe for running tasks in series
- 486f927 Docs: Remove recipes for selecting changed files
- b7b70b8 Docs: Fix some links
- 93564bd Docs: Add advanced section for creation of custom registries (#2479)
Package name: watchpack
The new version differs by 179 commits.- c42f625 2.0.0
- 39d556d 2.0.0-beta.15
- e8010ae Merge pull request #175 from webpack/bugfix/plan-merging
- dc01813 add time logging to test, make test faster, increase timeout
- fe75d0d wait longer before starting testing
- c25701b avoid recursive watchers in the root of the filesystem
- 295b564 fix priority calculation
- 90a1c98 allow nested watchers in plan
- 8014a39 improve ManyWatcher test for nested watching
- 0f88e2e fix parent connections in reducePlan
- a54e09b check if watchers work as expected
- 9ec3868 Merge pull request #176 from webpack/feature/logging
- 0158fd5 increase timeout for large test
- b4454e4 enable logging on CI
- 994f2b0 add logging
- ce3b818 2.0.0-beta.14
- 84a833e Merge pull request #170 from webpack/bugfix/watcher-limit
- 224fc1f remove console.log
- b6f5b2c update azure to node 14
- 732f8b7 create less watchers when no options are passed
- 7c197b4 bugfix incorrect type
- c48c3d2 improve test case for multiple files
- ff2cdb4 improve how polling is scheduled to reduce load
- eb608fa improve test and cost function
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Uncontrolled resource consumption
