New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 5 vulnerabilities #2

Open

kalbroni7 wants to merge 1 commit into main from snyk-fix-0ea8fa464783101abd280cca64975719

Owner

kalbroni7 commented Sep 6, 2024

Snyk has created this PR to fix 5 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

package.json
package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	235
	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	169
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	124
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	63
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SIDEWAYFORMULA-3317169	59

Important

Check the changes in this PR to ensure they won't cause issues with your project.
Max score is 1000. Note that the real score may have changed since the PR was raised.
This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncontrolled resource consumption


          fix: package.json & package-lock.json to reduce vulnerabilities

78a5287

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-BABELTRAVERSE-5962462
- https://snyk.io/vuln/SNYK-JS-BRACES-6838727
- https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728
- https://snyk.io/vuln/SNYK-JS-HTTPCACHESEMANTICS-3248783
- https://snyk.io/vuln/SNYK-JS-SIDEWAYFORMULA-3317169

socket-security bot commented Sep 6, 2024

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/[email protected]	Transitive: network	`+13`	614 kB	sindresorhus
npm/[email protected]	network	`+10`	2.11 MB	chimurai

🚮 Removed packages: npm/[email protected]), npm/[email protected])

View full report↗︎

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet