Skip to content
This repository has been archived by the owner on Mar 21, 2022. It is now read-only.

[Snyk] Fix for 1 vulnerabilities #45

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Fix for 1 vulnerabilities #45

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • examples/package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: chalk The new version differs by 53 commits.
  • 3fca615 2.0.0
  • f66271e Add tagged template literal (#163)
  • 23ef1c7 fix linter errors
  • c015568 add rainbow example
  • 09fb2d8 Re-implement `chalk.enabled` (#160)
  • 608242a spoof supports-color
  • 18f2e7c add host information output
  • 523b998 Revert "TEMPORARY: emergency travis CI fix (see comments)"
  • 54975fb TEMPORARY: emergency travis CI fix (see comments)
  • 1d73b21 Improve readme
  • 6f4d6b3 Bump dependencies
  • 8702496 Remove `chalk.styles`
  • 0412cdf Minor code improvements
  • 249b9ac ES2015ify the codebase
  • cb3f230 Add RGB (256/Truecolor) support (#140)
  • dbae68d Update dependent package count in the readme (#154)
  • 9b60021 Drop support for Node.js 0.10 and 0.12
  • 0d21449 check parent builder object for enabled status (#142)
  • 5a69476 add XO badge
  • 492f11f add example file
  • 4ce73b6 make XO happy
  • 7c02cf4 Add log statement to chalk examples (#129)
  • 835ca3d You've just reached 10,000 dependent modules. (#122)
  • 74c087d minor doc improvements (#120)

See the full diff

Package name: css-loader The new version differs by 27 commits.
  • 43179a8 chore(release): 1.0.0
  • 3d53968 Merge remote-tracking branch 'origin/master'
  • 240db53 version 1.0 (#742)
  • 1b7acf7 Merge remote-tracking branch 'origin/master'
  • 1703721 docs(README): add more context to `localIdentName` (#711)
  • 1c51265 docs(README): fix malformed emoji (#701)
  • 50f8ec0 Merge remote-tracking branch 'origin/master'
  • 07444ad tests: css custom variables (#709)
  • 3de8aa7 tests: css custom variables (#709)
  • df497db chore(release): 0.28.11
  • c788450 fix(lib/processCss): don't check `mode` for `url` handling (`options.modules`) (#698)
  • c35d8bd chore(release): 0.28.10
  • 9f876d2 fix(getLocalIdent): add `rootContext` support (`webpack >= v4.0.0`) (#681)
  • 0452f26 test: hashes inside `@ font-face` url (#678)
  • 630579d chore(release): 0.28.9
  • 604bd4b chore(package): update dependencies
  • d1d8221 fix: ignore invalid URLs (`url()`) (#663)
  • 0fc46c7 chore(release): 0.28.8
  • 333a2ce chore(package): update `dependencies`
  • 39773aa ci(travis): use `npm`
  • 8897d44 fix: proper URL escaping and wrapping (`url()`) (#627)
  • 0dccfa9 fix(loader): correctly check if source map is `undefined` (#641)
  • d999f4a docs: Update importLoaders documentation (#646)
  • 05c36db test: removed redundant `modules` argument (#599)

See the full diff

Package name: webpack-dev-server The new version differs by 250 commits.
  • c9271b9 chore(release): 4.0.0
  • 18bf369 test: fix stability (#3676)
  • cdcabb2 fix: respect protocol from browser for manual setup (#3675)
  • 1768d6b fix: initial reloading for lazy compilation (#3662)
  • 4f5bab1 docs: improve examples (#3672)
  • f2d87fb fix: improve https CLI output (#3673)
  • 0277c5e chore: remove redundant console statements (#3671)
  • 16fcdbc docs: add `ipc` example (#3667)
  • 8915fb8 test: add e2e tests for built in routes (#3669)
  • 4d1cbe1 docs: ask `version` information in issue template (#3668)
  • b6c1881 chore(deps-dev): bump core-js from 3.16.1 to 3.16.2 (#3666)
  • ffa8cc5 chore(deps-dev): bump supertest from 6.1.5 to 6.1.6 (#3665)
  • f1fdaa7 chore(release): 4.0.0-rc.1
  • c4678bc fix: legacy API (#3660)
  • d8bdd03 test: fix stability (#3661)
  • 22b1414 refactor: remove `killable` (#3657)
  • 75bafbf test: add e2e tests for module federation (#3658)
  • 493ccbd chore(deps): update `ws` (#3652)
  • ae8c523 test: add e2e test for universal compiler (#3656)
  • f94b84f chore(deps): update (#3655)
  • 1923132 test: fix cli
  • 2adfd01 test: fix todo (#3653)
  • 6e2cbde fix: proxy logging and allow to pass options without the `target` option (#3651)
  • c9ccc96 fix: respect infastructureLogging.level for client.logging (#3613)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
馃 View latest project report

馃洜 Adjust project settings

馃摎 Read more about Snyk's upgrade and patch logic

@snyk-bot snyk-bot requested a review from a team as a code owner September 12, 2021 23:01
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@snyk-bot