Skip to content
This repository was archived by the owner on Sep 6, 2025. It is now read-only.

[Snyk] Fix for 1 vulnerabilities #31

Open
snyk-bot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Fix for 1 vulnerabilities #31

snyk-bot wants to merge 1 commit into from

Conversation

@snyk-bot
Copy link

@snyk-bot snyk-bot commented Sep 13, 2021

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • example/logo-resize/package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: babel-eslint The new version differs by 43 commits.
  • 0f20099 5.0.0
  • 278579f Update README.md
  • 11c2f03 Merge pull request #255 from deepsweet/npm-ignore
  • 3b5f8f4 include only `index.js` in npm package
  • c0f1110 delete `.npmignore`
  • f399c89 Merge pull request #250 from danez/patch-1
  • c71392e adjust test to also cover issue #239
  • 413b80e 5.0.0-beta10
  • 7a038d5 Merge pull request #246 from babel/escope-patterns
  • c80a386 fixup tests
  • 36f6638 fix typo
  • bd4eee9 check using `__esModule`
  • b26bc58 Prevent escope referencer from traversing into param pattern type annotations
  • 0d30882 5.0.0-beta9
  • 71fadf0 Merge pull request #244 from christophehurpeau/patch-1
  • d8ac8f9 fix #243
  • 3dcb32c 5.0.0-beta8
  • ac4d3f0 Add a test for use strict and directive ast change
  • 937eceb 5.0.0-beta7
  • 880dc03 Merge pull request #241 from jmm/rule-strict
  • 80f7a48 temporarily remove test
  • 04838a2 Add tests for `strict` rule.
  • 4a3a35d Merge pull request #232 from vaibhavmule/patch-1
  • 0cf92d3 update Licenses date

See the full diff

Package name: eslint The new version differs by 250 commits.
  • b7d79b1 7.3.0
  • bf98627 Build: changelog update for 7.3.0
  • 638a6d6 Update: add missing `additionalProperties: false` to some rules' schema (#13198)
  • 949a5cd Update: fix operator-linebreak overrides schema (#13199)
  • 9e1414e New: Add no-promise-executor-return rule (fixes #12640) (#12648)
  • 09cc0a2 Update: max-lines reporting loc improvement (refs #12334) (#13318)
  • ee2fc2e Update: object-property-newline end location (refs #12334) (#13399)
  • d98152a Update: added empty error array check for false negative (#13200)
  • 7fb45cf Fix: clone config before validating (fixes #12592) (#13034)
  • aed46f6 Sponsors: Sync README with website
  • 7686d7f Update: semi-spacing should check do-while statements (#13358)
  • cbd0d00 Update: disallow multiple options in comma-dangle schema (fixes #13165) (#13166)
  • b550330 New: Add no-unreachable-loop rule (fixes #12381) (#12660)
  • 13999d2 Update: curly should check consequent `if` statements (#12947)
  • c42e548 Chore: enable exceptRange option in the yoda rule (#12857)
  • 6cfbd03 Update: Drop @ typescript-eslint/eslint-recommended from `eslint --init` (#13340)
  • 796f269 Chore: update eslint-config-eslint's required node version (#13379)
  • 9d0186e Docs: Fix changelog versions (#13410)
  • 1ee3c42 Docs: On maxEOF with eol-last (fixes #12742) (#13374)
  • 2a21049 Update: key-spacing loc changes for extra space (refs #12334) (#13362)
  • 7ce7988 Chore: Replace the inquirer dependency with enquirer (#13254)
  • 0f1f5ed Docs: Add security policy link to README (#13403)
  • 9e9ba89 Sponsors: Sync README with website
  • ca59fb9 Sponsors: Sync README with website

See the full diff

Package name: webpack-dev-server The new version differs by 250 commits.
  • c9271b9 chore(release): 4.0.0
  • 18bf369 test: fix stability (#3676)
  • cdcabb2 fix: respect protocol from browser for manual setup (#3675)
  • 1768d6b fix: initial reloading for lazy compilation (#3662)
  • 4f5bab1 docs: improve examples (#3672)
  • f2d87fb fix: improve https CLI output (#3673)
  • 0277c5e chore: remove redundant console statements (#3671)
  • 16fcdbc docs: add `ipc` example (#3667)
  • 8915fb8 test: add e2e tests for built in routes (#3669)
  • 4d1cbe1 docs: ask `version` information in issue template (#3668)
  • b6c1881 chore(deps-dev): bump core-js from 3.16.1 to 3.16.2 (#3666)
  • ffa8cc5 chore(deps-dev): bump supertest from 6.1.5 to 6.1.6 (#3665)
  • f1fdaa7 chore(release): 4.0.0-rc.1
  • c4678bc fix: legacy API (#3660)
  • d8bdd03 test: fix stability (#3661)
  • 22b1414 refactor: remove `killable` (#3657)
  • 75bafbf test: add e2e tests for module federation (#3658)
  • 493ccbd chore(deps): update `ws` (#3652)
  • ae8c523 test: add e2e test for universal compiler (#3656)
  • f94b84f chore(deps): update (#3655)
  • 1923132 test: fix cli
  • 2adfd01 test: fix todo (#3653)
  • 6e2cbde fix: proxy logging and allow to pass options without the `target` option (#3651)
  • c9ccc96 fix: respect infastructureLogging.level for client.logging (#3613)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@snyk-bot