Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade mdx-deck from 1.10.0 to 2.0.8 #62

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade mdx-deck from 1.10.0 to 2.0.8 #62

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 611/1000
Why? Recently disclosed, Has a fix available, CVSS 6.5		 Information Exposure
SNYK-JS-NODEFETCH-2342118		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: mdx-deck The new version differs by 163 commits.
  • 6f1c3dd v2.0.8
  • 005771a Merge pull request #311 from jxnblk/update-deps
  • f26c94b Edit changelog
  • 555bacc v2.0.7
  • 0da19c3 Merge pull request #295 from pengx17/non-ssr-build
  • d31d355 Update mdx options and snapshots
  • 12bd133 Update to MDX v1 RC
  • d62893b Edit changelog
  • 267378a v2.0.6
  • 9340502 Merge pull request #302 from johno/pin-mdx
  • 211736c Pin MDX version
  • ba9ef19 Merge pull request #298 from avatar-kaleb/patch-1
  • e593999 Update advanced.md
  • 2dffa87 fix: user should be able to overwrite webpack output configs in his webpack config
  • 13ddd8a docs: update docs about no-html option
  • 3a510ec feat: add --no-html flag to disable ssr build
  • 885883e build: add non-ssr-build
  • 112233e Edit changelog
  • 28fc6bc v2.0.5
  • ed34adf Merge pull request #290 from kiurchv/improve-webpack-config-merge
  • 051b98f Merge pull request #289 from kiurchv/bump-remark-unwrap-images
  • 01c01fa Take loaders in account when merging webpack configs
  • 9b4f40a Bump remark-unwrap-images to 0.2.0
  • 36a2b6c Edit changelog

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

@Leko
Copy link
Owner

Leko commented Jan 18, 2022

❌ Deploy Preview for leko failed.

🔨 Explore the source changes: 6725f79

🔍 Inspect the deploy log: https://app.netlify.com/sites/leko/deploys/61e6f2007fe5f80007cadcab

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@snyk-bot @Leko