vue-h5-template icon indicating copy to clipboard operation
vue-h5-template copied to clipboard

Published 20 hours ago verified publisher icon zandko

[Snyk] Security upgrade vconsole from 3.3.4 to 3.15.1

Open snyk-bot opened this issue 1 year ago • 0 comments

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5		 Prototype Pollution
SNYK-JS-VCONSOLE-5487991		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: vconsole The new version differs by 250 commits.
  • 968f3e2 Merge pull request #628 from Tencent/dev
  • 84b4c22 chore: v3.15.1
  • a5270c6 Fix(Log): Compatible with iOS (less than 13.4) that does not support `ResizeObserver`, but there may be a potential performance issue when printing a large number of logs. (issue #610)
  • 547e0a3 chore: fix property
  • 289dd76 chore: fix typings
  • 5229e8e fix: add debug info to EmptyResizeObserver
  • 0d5d149 fix(Core): Fix plugin event `ready` triggering before its HTML finishes rendering. (issue #591)
  • 2e4feb3 fix(Log): Fix fatal error caused by iOS (less than 13.4) which is not support `ResizeObserver` interface. (issue #610)
  • 21fb678 Merge branch 'dev' of https://github.com/Tencent/vConsole into dev
  • 81c104e fix(Log): Reset group state when `console.clear()` is called. (issue #611)
  • d5ed216 fix: Fix possible "Cannot read property" error by `sendBeacon`. (issue #615)
  • eff80a2 Merge pull request #601 from xch1029/patch-1
  • 56efb35 chore: rename hideUrlRegexp to ignoreUrlRegExp
  • f7d9d77 Merge pull request #623 from novlan1/dev
  • b915917 Fix(core): Fix prototype pollution in `vConsole.setOption()`. (issue #616 #621)
  • be8a478 feat(network): add network hide option
  • 5bf6391 fix: jquery not work in plugin demo
  • 05d8039 Merge pull request #578 from Tencent/dev
  • 3d53d44 chore: v3.15.0
  • 5a100ee refactor: move icon component folder.
  • 9966f63 fix: fix spelling
  • 95864fa Merge pull request #577 from nilennoct/fix/trigger_select_click_events
  • fc8a4a9 fix: trigger click event on `<select>` elements correctly
  • ecc524b Fix(Storage): Fix an event bug that overflow content cannot scroll. (issue #542)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

snyk-bot avatar Jun 04 '23 16:06 snyk-bot