Skip to content
This repository has been archived by the owner on Jan 20, 2024. It is now read-only.

[Snyk] Fix for 1 vulnerabilities #472

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

filiptronicek
Copy link
Member

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 661/1000
Why? Recently disclosed, Has a fix available, CVSS 7.5
Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116
Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

Copy link

yarn.lock changes

Summary

Status Count
ADDED 109
UPDATED 84
DOWNGRADED 1
REMOVED 2
Click to toggle table visibility
Name Status Previous Current
@0no-co/graphql.web ADDED - 1.0.4
@ampproject/remapping UPDATED 2.1.2 2.2.1
@babel/code-frame UPDATED 7.16.7 7.23.5
@babel/compat-data UPDATED 7.17.0 7.23.5
@babel/generator UPDATED 7.17.3 7.23.5
@babel/helper-annotate-as-pure UPDATED 7.16.7 7.22.5
@babel/helper-compilation-targets UPDATED 7.16.7 7.22.15
@babel/helper-environment-visitor UPDATED 7.16.7 7.22.20
@babel/helper-function-name UPDATED 7.16.7 7.23.0
@babel/helper-hoist-variables UPDATED 7.16.7 7.22.5
@babel/helper-module-imports UPDATED 7.16.7 7.22.15
@babel/helper-module-transforms UPDATED 7.16.7 7.23.3
@babel/helper-plugin-utils UPDATED 7.16.7 7.22.5
@babel/helper-remap-async-to-generator UPDATED 7.15.4 7.22.20
@babel/helper-simple-access UPDATED 7.16.7 7.22.5
@babel/helper-split-export-declaration UPDATED 7.16.7 7.22.6
@babel/helper-string-parser ADDED - 7.23.4
@babel/helper-validator-identifier UPDATED 7.16.7 7.22.20
@babel/helper-validator-option UPDATED 7.16.7 7.23.5
@babel/helper-wrap-function UPDATED 7.15.4 7.22.20
@babel/helpers UPDATED 7.17.2 7.23.5
@babel/highlight UPDATED 7.16.10 7.23.4
@babel/parser UPDATED 7.17.3 7.23.5
@babel/template UPDATED 7.16.7 7.22.15
@babel/traverse UPDATED 7.17.3 7.23.5
@babel/types UPDATED 7.17.0 7.23.5
@expo/bunyan ADDED - 4.0.0
@expo/cli ADDED - 0.1.7
@expo/code-signing-certificates ADDED - 0.0.2
@expo/config UPDATED 6.0.18 8.1.2
@expo/config-plugins UPDATED 4.0.18 7.2.5
@expo/config-types UPDATED 44.0.0 49.0.0
@expo/configure-splash-screen REMOVED 0.6.0 -
@expo/dev-server ADDED - 0.1.116
@expo/devcert ADDED - 1.1.0
@expo/image-utils UPDATED 0.3.18 0.3.22
@expo/json-file UPDATED 8.2.34 8.2.37
@expo/metro-config UPDATED 0.2.8 0.3.19
@expo/osascript ADDED - 2.0.33
@expo/package-manager ADDED - 0.0.60
@expo/plist UPDATED 0.0.17 0.0.20
@expo/prebuild-config UPDATED 3.0.18 6.2.6
@expo/rudder-sdk-node ADDED - 1.1.1
@expo/spawn-async UPDATED 1.5.0 1.7.2
@expo/vector-icons UPDATED 12.0.5 13.0.0
@expo/xcpretty ADDED - 4.2.2
@gar/promisify ADDED - 1.1.3
@graphql-typed-document-node/core ADDED - 3.2.0
@jridgewell/gen-mapping ADDED - 0.3.3
@jridgewell/resolve-uri UPDATED 3.0.5 3.1.1
@jridgewell/set-array ADDED - 1.1.2
@jridgewell/sourcemap-codec UPDATED 1.4.11 1.4.15
@jridgewell/trace-mapping UPDATED 0.3.4 0.3.20
@npmcli/fs ADDED - 1.1.1
@npmcli/move-file ADDED - 1.1.2
@segment/loosely-validate-event ADDED - 2.0.0
@urql/core ADDED - 2.3.6
@urql/exchange-retry ADDED - 0.3.0
@xmldom/xmldom UPDATED 0.7.5 0.7.13
accepts UPDATED 1.3.7 1.3.8
aggregate-error ADDED - 3.1.0
application-config-path ADDED - 0.1.1
arg ADDED - 4.1.0
array-union ADDED - 2.1.0
babel-preset-expo UPDATED 9.0.2 9.1.0
better-opn ADDED - 3.0.2
body-parser ADDED - 1.19.0
bplist-parser UPDATED 0.2.0 0.3.2
browserslist UPDATED 4.18.1 4.22.1
builtins ADDED - 1.0.3
bytes UPDATED 3.0.0 3.1.0
cacache ADDED - 15.3.0
caniuse-lite UPDATED 1.0.30001282 1.0.30001565
charenc ADDED - 0.0.2
chownr ADDED - 2.0.0
ci-info UPDATED 3.2.0 3.9.0
clean-stack ADDED - 2.2.0
clone UPDATED 1.0.4 2.1.2
component-type ADDED - 1.2.2
content-type ADDED - 1.0.5
convert-source-map UPDATED 1.7.0 2.0.0
crypt ADDED - 0.0.2
crypto-random-string UPDATED 1.0.0 2.0.0
dag-map ADDED - 1.0.2
deep-extend ADDED - 0.6.0
default-gateway ADDED - 4.2.0
define-lazy-prop ADDED - 2.0.0
del ADDED - 6.1.1
dir-glob ADDED - 3.0.1
electron-to-chromium UPDATED 1.3.904 1.4.597
env-editor ADDED - 0.4.2
eol ADDED - 0.9.1
exec-async ADDED - 2.2.0
expo UPDATED 44.0.6 45.0.8
expo-application UPDATED 4.0.2 4.1.0
expo-asset UPDATED 8.4.6 8.5.0
expo-barcode-scanner UPDATED 11.2.1 12.7.0
expo-constants UPDATED 13.0.2 13.1.1
expo-document-picker UPDATED 10.1.3 11.0.1
expo-error-recovery UPDATED 3.0.5 3.1.0
expo-file-system UPDATED 13.1.4 14.0.0
expo-font UPDATED 10.0.5 10.1.0
expo-image-loader UPDATED 3.1.1 4.4.0
expo-image-picker UPDATED 12.0.2 14.0.3
expo-keep-awake UPDATED 10.0.2 10.1.1
expo-modules-autolinking UPDATED 0.5.5 0.9.0
expo-modules-core UPDATED 0.6.5 0.9.2
expo-splash-screen UPDATED 0.14.2 0.20.5
fast-glob UPDATED 3.2.6 3.3.2
fbemitter UPDATED 2.1.1 3.0.0
fetch-retry ADDED - 4.1.1
find-yarn-workspace-root ADDED - 2.0.0
freeport-async ADDED - 2.0.0
fs-minipass ADDED - 2.1.0
get-port ADDED - 3.2.0
globby ADDED - 11.1.0
graphql ADDED - 15.8.0
graphql-tag ADDED - 2.12.6
hosted-git-info ADDED - 3.0.8
indent-string ADDED - 4.0.0
infer-owner ADDED - 1.0.4
ini ADDED - 1.3.8
internal-ip ADDED - 4.3.0
ip-regex ADDED - 2.1.0
ipaddr.js ADDED - 1.9.1
is-docker ADDED - 2.2.1
is-invalid-path ADDED - 0.1.0
is-path-cwd ADDED - 2.2.0
is-path-inside ADDED - 3.0.3
is-root ADDED - 2.1.0
is-valid-path ADDED - 0.1.1
is-wsl UPDATED 1.1.0 2.2.0
join-component ADDED - 1.1.0
json-schema-deref-sync ADDED - 0.13.0
json5 UPDATED 2.2.0 2.2.3
md5 ADDED - 2.3.0
md5hex ADDED - 1.0.0
media-typer ADDED - 0.3.0
memory-cache ADDED - 0.2.0
metro-react-native-babel-preset UPDATED 0.64.0 0.67.0
mime-db UPDATED 1.51.0 1.52.0
mime-types UPDATED 2.1.34 2.1.35
minimist UPDATED 1.2.5 1.2.8
minipass ADDED - 5.0.0
minipass-collect ADDED - 1.0.2
minipass-flush ADDED - 1.0.5
minipass-pipeline ADDED - 1.2.4
minizlib ADDED - 2.1.2
mkdirp UPDATED 0.5.5 1.0.4
mv ADDED - 2.1.1
ncp ADDED - 2.0.0
negotiator UPDATED 0.6.2 0.6.3
nested-error-stacks ADDED - 2.0.1
node-forge ADDED - 1.3.1
node-releases UPDATED 2.0.1 2.0.13
npm-package-arg ADDED - 7.0.0
open UPDATED 6.4.0 8.4.2
os-homedir ADDED - 1.0.2
osenv ADDED - 0.1.5
p-map ADDED - 4.0.0
password-prompt ADDED - 1.1.3
path-type ADDED - 4.0.0
pretty-bytes ADDED - 5.6.0
progress ADDED - 2.0.3
promise-inflight ADDED - 1.0.1
qrcode-terminal ADDED - 0.11.0
raw-body ADDED - 2.4.0
rc ADDED - 1.2.8
remove-trailing-slash ADDED - 0.1.1
requireg ADDED - 0.2.2
safe-json-stringify ADDED - 1.2.0
semver UPDATED 7.3.5 7.5.4
serialize-error UPDATED 2.1.0 6.0.0
split ADDED - 1.0.1
ssri ADDED - 8.0.1
structured-headers ADDED - 0.4.1
sudo-prompt DOWNGRADED 9.2.1 9.1.1
tar ADDED - 6.2.0
temp-dir UPDATED 1.0.0 2.0.0
tempy UPDATED 0.3.0 0.7.1
through ADDED - 2.3.8
tmp ADDED - 0.0.33
traverse ADDED - 0.6.7
tslib UPDATED 2.3.1 2.6.2
type-is ADDED - 1.6.18
unique-filename ADDED - 1.1.1
unique-slug ADDED - 2.0.2
unique-string UPDATED 1.0.0 2.0.0
update-browserslist-db ADDED - 1.0.13
url-join ADDED - 4.0.0
uuid UPDATED 7.0.3 8.3.2
valid-url ADDED - 1.0.9
validate-npm-package-name ADDED - 3.0.0
wonka ADDED - 6.3.4
xml-js REMOVED 1.6.11 -
xml2js UPDATED 0.4.23 0.6.0

Copy link

App is ready for review, you can see it here.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants