Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 129 vulnerabilities #29

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Fix for 129 vulnerabilities #29

wants to merge 1 commit into from

Conversation

snyk-io[bot]
Copy link

@snyk-io snyk-io bot commented Nov 19, 2024

snyk-top-banner

Snyk has created this PR to fix 129 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • package.json
⚠️ Warning 
Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Use After Free
SNYK-JS-ELECTRON-7707760		   ****  
high severity Type Confusion
SNYK-JS-ELECTRON-8186838		   ****  
critical severity Type Confusion
SNYK-JS-ELECTRON-8186889		   ****  
high severity Out-of-bounds Read
SNYK-JS-ELECTRON-8230426		   ****  
high severity Out-of-bounds Read
SNYK-JS-ELECTRON-8302877		   ****  
medium severity Type Confusion
SNYK-JS-ELECTRON-8302879		   ****  
high severity Use After Free
SNYK-JS-ELECTRON-8302881		   ****  
high severity External Control of Assumed-Immutable Web Parameter
SNYK-JS-ELECTRON-8302883		   ****  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-8302885		   ****  
high severity Use After Free
SNYK-JS-ELECTRON-8302887		   ****  
critical severity Out-of-Bounds Write
SNYK-JS-ELECTRON-8302889		   ****  
high severity Type Confusion
SNYK-JS-ELECTRON-8302891		   ****  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-8302893		   ****  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-8302895		   ****  
medium severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-8302897		   ****  
medium severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-8302899		   ****  
high severity Out-of-bounds Write
SNYK-JS-ELECTRON-8310517		   ****  
medium severity Access of Resource Using Incompatible Type ('Type Confusion')
SNYK-JS-ELECTRON-8310519		   ****  
high severity Improper Access Control
SNYK-JS-ELECTRON-8310521		   ****  
medium severity Access of Resource Using Incompatible Type ('Type Confusion')
SNYK-JS-ELECTRON-8352921		   ****  
high severity Use After Free
SNYK-JS-ELECTRON-8381010		   ****  
medium severity Access Restriction Bypass
SNYK-JS-ELECTRON-8381013		   ****  
medium severity Open Redirect
SNYK-JS-GOT-2932019		   ****  
medium severity Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116		   ****  
high severity Inefficient Regular Expression Complexity
SNYK-JS-MICROMATCH-6838728		   ****  
medium severity Improper Access Control
SNYK-JS-VITE-6531286		   ****  
low severity Cross-site Scripting (XSS)
SNYK-JS-VITE-8022916		   ****  
medium severity Information Exposure
SNYK-JS-VITE-8023174		   ****  
high severity Denial of Service (DoS)
SNYK-JS-WS-7266574		   ****  
high severity Use After Free
SNYK-JS-ELECTRON-3014411		   1000  
high severity Type Confusion
SNYK-JS-ELECTRON-3091122		   1000  
high severity Out-of-bounds Read
SNYK-JS-ELECTRON-6179663		   1000  
high severity Improper Input Validation
SNYK-JS-ELECTRON-3018192		   827  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-3150401		   827  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-5923343		   662  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-6137744		   662  
high severity Use After Free
SNYK-JS-ELECTRON-3039646		   317  
high severity Use After Free
SNYK-JS-ELECTRON-3039648		   313  
high severity Use After Free
SNYK-JS-ELECTRON-3043113		   313  
high severity Out-of-Bounds
SNYK-JS-ELECTRON-5880432		   311  
high severity Privilege Context Switching Error
SNYK-JS-ELECTRON-6854260		   309  
high severity Use After Free
SNYK-JS-ELECTRON-3252475		   305  
high severity Use After Free
SNYK-JS-ELECTRON-3028028		   301  
high severity Use After Free
SNYK-JS-ELECTRON-6146930		   300  
high severity Use After Free
SNYK-JS-ELECTRON-6146932		   300  
high severity Out-of-bounds Write
SNYK-JS-ELECTRON-6613086		   300  
high severity Use After Free
SNYK-JS-ELECTRON-2992453		   298  
high severity Use After Free
SNYK-JS-ELECTRON-2994414		   298  
high severity Use After Free
SNYK-JS-ELECTRON-3014407		   298  
high severity Use After Free
SNYK-JS-ELECTRON-3160317		   298  
high severity Use After Free
SNYK-JS-ELECTRON-3014409		   297  
high severity Use After Free
SNYK-JS-ELECTRON-3057199		   297  
high severity Use After Free
SNYK-JS-ELECTRON-3097832		   297  
high severity Use After Free
SNYK-JS-ELECTRON-3111880		   297  
high severity Access of Resource Using Incompatible Type ('Type Confusion')
SNYK-JS-ELECTRON-3098879		   296  
critical severity Use After Free
SNYK-JS-ELECTRON-6253729		   272  
critical severity Use After Free
SNYK-JS-ELECTRON-6515650		   272  
critical severity Type Confusion
SNYK-JS-ELECTRON-6515651		   272  
high severity Out-of-bounds Write
SNYK-JS-ELECTRON-6173171		   269  
high severity Use After Free
SNYK-JS-ELECTRON-6261583		   269  
high severity Out-of-Bounds
SNYK-JS-ELECTRON-6564965		   269  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-6146931		   264  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-6253728		   264  
high severity Use After Free
SNYK-JS-ELECTRON-6515649		   264  
high severity Use After Free
SNYK-JS-ELECTRON-6515652		   264  
high severity Improper Restriction of Operations within the Bounds of a Memory Buffer
SNYK-JS-ELECTRON-6579648		   264  
high severity Use After Free
SNYK-JS-ELECTRON-6613084		   264  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-6613085		   264  
high severity Use After Free
SNYK-JS-ELECTRON-7411376		   264  
high severity Use After Free
SNYK-JS-ELECTRON-7411377		   264  
high severity Use After Free
SNYK-JS-ELECTRON-7411378		   264  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-7411379		   264  
high severity Out-of-Bounds Write
SNYK-JS-ELECTRON-7411381		   264  
high severity Use After Free
SNYK-JS-ELECTRON-7411382		   264  
high severity Type Confusion
SNYK-JS-ELECTRON-7411383		   264  
high severity Use After Free
SNYK-JS-ELECTRON-7411386		   264  
high severity Use After Free
SNYK-JS-ELECTRON-7411387		   264  
high severity Use After Free
SNYK-JS-ELECTRON-7411388		   264  
high severity Use After Free
SNYK-JS-ELECTRON-7443353		   264  
high severity Use After Free
SNYK-JS-ELECTRON-7443354		   264  
high severity Use After Free
SNYK-JS-ELECTRON-7443355		   264  
high severity Use After Free
SNYK-JS-ELECTRON-7443356		   264  
high severity Use After Free
SNYK-JS-ELECTRON-7577919		   264  
high severity Use After Free
SNYK-JS-ELECTRON-7577921		   264  
high severity Use After Free
SNYK-JS-ELECTRON-7707753		   264  
high severity Use After Free
SNYK-JS-ELECTRON-7707755		   264  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-7707756		   264  
high severity Use After Free
SNYK-JS-ELECTRON-7707757		   264  
high severity Out-of-bounds Read
SNYK-JS-ELECTRON-7707758		   264  
high severity Out-of-bounds Read
SNYK-JS-ELECTRON-7707759		   264  
high severity Improper Access Control
SNYK-JS-ELECTRON-5885098		   253  
medium severity Integer Overflow or Wraparound
SNYK-JS-ELECTRON-6613087		   241  
high severity Use After Free
SNYK-JS-ELECTRON-3111876		   238  
high severity Use After Free
SNYK-JS-ELECTRON-3111881		   238  
high severity Denial of Service (DoS)
SNYK-JS-ELECTRON-3111879		   237  
high severity Use After Free
SNYK-JS-ELECTRON-6146929		   237  
high severity Use After Free
SNYK-JS-ELECTRON-6226524		   237  
medium severity Race Condition
SNYK-JS-ELECTRON-7707754		   234  
high severity Out-of-bounds Read
SNYK-JS-ELECTRON-3370529		   225  
high severity Use After Free
SNYK-JS-ELECTRON-3033159		   223  
high severity Use After Free
SNYK-JS-ELECTRON-3033161		   223  
high severity Use After Free
SNYK-JS-ELECTRON-3033934		   223  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-3370271		   223  
high severity Out-of-bounds Write
SNYK-JS-ELECTRON-3039650		   222  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-3097696		   222  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-3111878		   222  
medium severity Access Control Bypass
SNYK-JS-ELECTRON-2978519		   221  
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-CROSSSPAWN-8303230		   213  
high severity Improper Input Validation
SNYK-JS-ELECTRON-6043905		   212  
high severity Integer Overflow or Wraparound
SNYK-JS-ELECTRON-6043907		   212  
high severity Uncontrolled resource consumption
SNYK-JS-BRACES-6838727		   211  
high severity NULL Pointer Dereference
SNYK-JS-ELECTRON-6476870		   211  
high severity Denial of Service (DoS)
SNYK-JS-ELECTRON-6405830		   206  
medium severity Buffer Overflow
SNYK-JS-ELECTRON-2978483		   197  
high severity Type Confusion
SNYK-JS-ELECTRON-6173170		   193  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-7411384		   193  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-7411385		   193  
high severity Out-of-bounds Read
SNYK-JS-ELECTRON-5734243		   190  
high severity Out-of-bounds Read
SNYK-JS-ELECTRON-7411389		   190  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-3097698		   178  
high severity Heap-based Buffer Overflow
SNYK-JS-ELECTRON-3237489		   178  
high severity Use After Free
SNYK-JS-ELECTRON-6105391		   168  
medium severity Type Confusion
SNYK-JS-ELECTRON-7411390		   168  
medium severity Improper Input Validation
SNYK-JS-ELECTRON-3097694		   162  
medium severity Use After Free
SNYK-JS-ELECTRON-6346758		   158  
medium severity Insufficient Verification of Data Authenticity
SNYK-JS-ELECTRON-6097142		   127  
medium severity Access of Resource Using Incompatible Type ('Type Confusion')
SNYK-JS-ELECTRON-3040396		   93  
medium severity Information Exposure
SNYK-JS-ELECTRON-2977510		   75  
medium severity Improper Input Validation
SNYK-JS-ELECTRON-2977512		   75  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncontrolled resource consumption
🦉 Improper Input Validation
🦉 Access Control Bypass
🦉 More lessons are available in Snyk Learn

@snyk-io
fix: package.json to reduce vulnerabilities
75b6708 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7707760
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8186838
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8186889
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8230426
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8302877
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8302879
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8302881
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8302883
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8302885
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8302887
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8302889
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8302891
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8302893
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8302895
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8302897
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8302899
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8310517
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8310519
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8310521
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8352921
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8381010
- https://snyk.io/vuln/SNYK-JS-ELECTRON-8381013
- https://snyk.io/vuln/SNYK-JS-GOT-2932019
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
- https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728
- https://snyk.io/vuln/SNYK-JS-VITE-6531286
- https://snyk.io/vuln/SNYK-JS-VITE-8022916
- https://snyk.io/vuln/SNYK-JS-VITE-8023174
- https://snyk.io/vuln/SNYK-JS-WS-7266574
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3014411
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3091122
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6179663
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3018192
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3150401
- https://snyk.io/vuln/SNYK-JS-ELECTRON-5923343
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6137744
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3039646
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3039648
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3043113
- https://snyk.io/vuln/SNYK-JS-ELECTRON-5880432
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6854260
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3252475
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3028028
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6146930
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6146932
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6613086
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2992453
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2994414
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3014407
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3160317
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3014409
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3057199
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3097832
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3111880
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3098879
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6253729
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6515650
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6515651
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6173171
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6261583
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6564965
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6146931
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6253728
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6515649
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6515652
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6579648
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6613084
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6613085
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7411376
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7411377
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7411378
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7411379
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7411381
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7411382
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7411383
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7411386
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7411387
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7411388
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7443353
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7443354
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7443355
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7443356
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7577919
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7577921
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7707753
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7707755
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7707756
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7707757
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7707758
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7707759
- https://snyk.io/vuln/SNYK-JS-ELECTRON-5885098
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6613087
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3111876
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3111881
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3111879
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6146929
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6226524
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7707754
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3370529
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3033159
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3033161
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3033934
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3370271
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3039650
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3097696
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3111878
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2978519
- https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6043905
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6043907
- https://snyk.io/vuln/SNYK-JS-BRACES-6838727
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6476870
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6405830
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2978483
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6173170
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7411384
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7411385
- https://snyk.io/vuln/SNYK-JS-ELECTRON-5734243
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7411389
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3097698
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3237489
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6105391
- https://snyk.io/vuln/SNYK-JS-ELECTRON-7411390
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3097694
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6346758
- https://snyk.io/vuln/SNYK-JS-ELECTRON-6097142
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3040396
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2977510
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2977512
@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Nov 19, 2024

⚠️ No Changeset found

Latest commit: 75b6708

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@socket-security Socket Security
Copy link

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@babel/[email protected] None +3 36.2 kB nicolo-ribaudo
npm/@playwright/[email protected] None +1 0 B
npm/@playwright/[email protected] None 0 0 B
npm/@sveltejs/[email protected] None +6 738 kB svelte-admin
npm/@types/[email protected] None +3 135 kB types
npm/@types/[email protected] None +2 219 kB types
npm/@types/[email protected] None +1 10.1 kB types
npm/@types/[email protected] None 0 18.7 kB types
npm/@types/[email protected] None 0 3.51 kB types
npm/@types/[email protected] None 0 8.2 kB types
npm/@types/[email protected] None +1 3.93 MB types
npm/@types/[email protected] None +1 1.69 MB types
npm/@types/[email protected] None +1 1.69 MB types
npm/@types/[email protected] None +1 14.5 kB types
npm/@types/[email protected] None +1 1.68 MB types
npm/@types/[email protected] None 0 33.3 kB types
npm/@types/[email protected] None +3 1.63 MB types
npm/@types/[email protected] None 0 5.44 kB types
npm/@types/[email protected] None +1 1.7 MB types
npm/@types/[email protected] None 0 21.7 kB types
npm/@types/[email protected] None 0 7 kB types
npm/@typescript-eslint/[email protected] Transitive: environment, filesystem +29 6.56 MB jameshenry
npm/@typescript-eslint/[email protected] Transitive: environment, filesystem +22 2.52 MB jameshenry
npm/@typescript-eslint/[email protected] Transitive: environment, filesystem +25 3.25 MB jameshenry
npm/@vitejs/[email protected] None 0 1.19 MB patak
npm/@vitejs/[email protected] Transitive: environment +3 111 kB vitebot
npm/@vitejs/[email protected] environment 0 185 kB vitebot
npm/@vitejs/[email protected] environment 0 115 kB sxzz
npm/@zip.js/[email protected] network 0 3.02 MB gildas-lormeau
npm/[email protected] None +1 137 kB rburns
npm/[email protected] None 0 2.97 MB pavelfeldman
npm/[email protected] environment 0 39.5 kB dabh
npm/[email protected] None +4 635 kB fiddlosopher
npm/[email protected] environment, filesystem Transitive: shell +20 14.2 MB gustavohenke
npm/[email protected] environment Transitive: filesystem, shell +6 81.2 kB kentcdodds
npm/[email protected] environment, filesystem 0 71.6 kB motdotla
npm/[email protected] environment, filesystem, shell Transitive: eval, network +74 7.53 MB electron-nightly
npm/[email protected] environment +2 198 kB jonschlinkert
npm/[email protected] environment, filesystem, network, shell +22 207 MB evanw
npm/[email protected] filesystem +3 1.44 MB nickdeis
npm/[email protected] environment 0 118 kB gnoff
npm/[email protected] filesystem Transitive: environment, eval +92 5.3 MB ljharb
npm/[email protected] environment, filesystem Transitive: eval, shell, unsafe +82 10.5 MB eslintbot
npm/[email protected] filesystem Transitive: eval +16 689 kB tunnckocore
npm/[email protected] environment, filesystem 0 32.5 kB isaacs
npm/[email protected] environment, filesystem, network Transitive: eval, shell +53 5.87 MB thornjad
npm/[email protected] network +1 60.8 kB tootallnate
npm/[email protected] None 0 76 kB patrickhulce
npm/[email protected] filesystem Transitive: environment, shell +41 1.04 MB davglass
npm/[email protected] None 0 60.1 kB broofa
npm/[email protected] None +3 57.8 kB isaacs
npm/[email protected] filesystem 0 53.7 kB antelle
npm/[email protected] environment, filesystem, shell +3 57.6 kB sindresorhus
npm/packages%[email protected] None 0 0 B
npm/packages%[email protected] None 0 0 B
npm/[email protected] None 0 639 kB lukeapage
npm/[email protected] None 0 15.5 kB turbopope
npm/[email protected] environment 0 29.5 kB rob-w
npm/[email protected] environment +2 4.6 MB gnoff
npm/[email protected] None +2 4.48 MB chancestrickland, mjackson, timdorr
npm/[email protected] environment +1 322 kB gnoff
npm/[email protected] None 0 32.2 kB tim-kos
npm/[email protected] environment, filesystem +15 34.8 MB lukastaegert
npm/[email protected] network +4 359 kB kikobeats
npm/[email protected] filesystem, shell Transitive: environment +16 1.21 MB mscdex
npm/[email protected] None +3 3.3 MB ryansolid
npm/[email protected] None 0 355 kB obartra
npm/[email protected] unsafe 0 14.4 kB isaacs
npm/[email protected] Transitive: unsafe +15 6.15 MB svelte-admin
npm/[email protected] None 0 32 MB typescript-bot
npm/[email protected] filesystem, unsafe +10 723 kB ryansolid
npm/[email protected] environment, eval, filesystem, network, shell, unsafe +28 228 MB vitebot
npm/[email protected] environment Transitive: eval, filesystem, unsafe +6 18 MB yyx990803
npm/[email protected] environment, eval Transitive: filesystem, unsafe +16 10.7 MB yyx990803
npm/[email protected] environment, network 0 141 kB lpinca
npm/[email protected] network 0 129 kB lpinca
npm/[email protected] None +2 268 kB leonidas
npm/[email protected] None 0 13.4 kB tyriar
npm/[email protected] None 0 2.34 MB tyriar
npm/[email protected] environment 0 661 kB eemeli

🚮 Removed packages: npm/@vue/[email protected]

View full report↗︎

@socket-security Socket Security
Copy link

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert Package NoteSourceCI
Critical CVE npm/[email protected] ⚠︎

View full report↗︎

Next steps

What is a critical CVE?

Contains a Critical Common Vulnerability and Exposure (CVE).

Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

@openzeppelin-code OpenZeppelin Code
Copy link

[Snyk] Fix for 129 vulnerabilities

Generated at commit: 75b67089f5fa5c04189810c528328a30b2b5cf7b

🚨 Report Summary

Severity Level Results
Contracts Critical
High
Medium
Low
Note
Total		 0
0
0
0
0
0
Dependencies Critical
High
Medium
Low
Note
Total		 0
0
0
0
0
0

For more details view the full report in OpenZeppelin Code Inspector

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants