Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Fix for 1 vulnerabilities #55

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link
Contributor

@snyk-bot snyk-bot commented May 3, 2022

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
Prototype Pollution
SNYK-JS-ASYNC-2441827
Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: grunt-contrib-watch The new version differs by 4 commits.
  • 3b7ddf4 v1.1.0
  • 72b1214 Updating dependencies, async, lodash and tiny-lr
  • 5adb27c Merge pull request #543 from digitalbazaar/master
  • f07311b Update tiny-lr dependency to 1.x

See the full diff

Package name: sails The new version differs by 250 commits.
  • d2ad551 1.4.2
  • f720d54 [patch] fix node 14 warnings by upgrading prompt dependency (#7084)
  • 949bb9b 1.4.1
  • 629cb62 Ensure latest deps on CI
  • cc6222b Merge pull request #7101 from jdsapariya18/patch-1
  • 4326343 Update sails-linker.js.md
  • 3535aa4 Merge pull request #7097 from anilbhanushali/patch-1
  • f4ec26f Update sails.config.connections.md
  • 55f2c89 Merge pull request #7078 from balderdashy/model-settings-docs
  • 2bde2fe Update Attributes.md
  • 6a47f3d Merge pull request #7086 from DominusKelvin/fix-typo-on-events-docs
  • 849d427 docs: 📝 fix typo in Events.md
  • afa64da Update README.md
  • 7c9b350 Added more information about the unique attribute setting
  • bd4a063 Merge pull request #7075 from balderdashy/documentation
  • 22300fb Fix adapter specification link
  • 920ef30 Update/fix remaining links referencing where the documentation markdown files live
  • 111ed00 Update or fix several links referencing the location of the documentation markdown files
  • bbc04de Fix "page needed" links in docs
  • 627f497 Rename "sails-docs" folder to "docs"
  • 4e73cad newest translations first
  • d2fdf03 cleanup & updates
  • a29cab7 Update model-settings.md
  • 17bd941 Merge pull request #7070 from balderdashy/sails-docs

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ASYNC-2441827
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant