Skip to content

fix: package.json, package-lock.json & .snyk to reduce vulnerabilities#1650

Closed
Kirobi92 wants to merge 5 commits intoipfs:masterfrom
Kirobi92:snyk-fix-3fed1d39650de0e32223ab55eee53181
Closed

fix: package.json, package-lock.json & .snyk to reduce vulnerabilities#1650
Kirobi92 wants to merge 5 commits intoipfs:masterfrom
Kirobi92:snyk-fix-3fed1d39650de0e32223ab55eee53181

Conversation

@Kirobi92
Copy link

@Kirobi92 Kirobi92 commented Sep 20, 2020

The following vulnerabilities are fixed with an upgrade:

The following vulnerabilities are fixed with a Snyk patch:

rafaelramalho19 and others added 4 commits May 25, 2020 12:15
@rafaelramalho19
fix: allows async dialogs in auto-updater
9a5f092
@snyk-bot
fix: package.json, package-lock.json & .snyk to reduce vulnerabilities
a617a38 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-I18NEXT-575536
- https://snyk.io/vuln/SNYK-JS-I18NEXT-585930


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
@dependabot @Kirobi92
chore(deps): bump lodash from 4.17.15 to 4.17.19
848473f 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.19.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.15...4.17.19)

Signed-off-by: dependabot[bot] <support@github.com>
@Kirobi92
Merge pull request #1 from Kirobi92/snyk-fix-3fed1d39650de0e32223ab55…
8023924 
…eee53181

[Snyk] Security upgrade i18next from 19.4.4 to 19.6.0
@welcome
Copy link

welcome bot commented Sep 20, 2020

Thank you for submitting this PR!
A maintainer will be here shortly to review it.
We are super grateful, but we are also overloaded! Help us by making sure that:

  • The context for this PR is clear, with relevant discussion, decisions
    and stakeholders linked/mentioned.

  • Your contribution itself is clear (code comments, self-review for the
    rest) and in its best form. Follow the code contribution
    guidelines
    if they apply.

Getting other community members to do a review would be great help too on complex PRs (you can ask in the chats/forums). If you are unsure about something, just leave us a comment.
Next steps:

  • A maintainer will triage and assign priority to this PR, commenting on
    any missing things and potentially assigning a reviewer for high
    priority items.

  • The PR gets reviews, discussed and approvals as needed.

  • The PR is merged by maintainers when it has been approved and comments addressed.

We currently aim to provide initial feedback/triaging within two business days. Please keep an eye on any labelling actions, as these will indicate priorities and status of your contribution.
We are very grateful for your contribution!

@Kirobi92
Merge remote-tracking branch 'upstream/poc/ipfs-desktop-dock-dialog' …
45e5a41 
…into snyk-fix-3fed1d39650de0e32223ab55eee53181
@lidel
Copy link
Member

lidel commented Sep 23, 2020

Closing as a duplicate of #1653

@lidel lidel closed this Sep 23, 2020
This was referenced Apr 7, 2022
Open
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Kirobi92 @lidel @rafaelramalho19 @snyk-bot