Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 7 vulnerabilities #975

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Fix for 7 vulnerabilities #975

wants to merge 1 commit into from

Conversation

q1blue
Copy link
Collaborator

@q1blue q1blue commented Nov 5, 2024

snyk-top-banner

Snyk has created this PR to fix 7 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • web/package.json
  • web/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
critical severity Incomplete List of Disallowed Inputs
SNYK-JS-BABELTRAVERSE-5962462		   218  
medium severity Prototype Pollution
SNYK-JS-JSON5-3182856		   179  
high severity Sandbox Bypass
SNYK-JS-WEBPACK-3358798		   165  
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-TRIM-1017038		   161  
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVER-3247795		   159  
medium severity Cross-site Scripting (XSS)
SNYK-JS-SERIALIZEJAVASCRIPT-6147607		   109  
medium severity Improper Input Validation
SNYK-JS-POSTCSS-5926692		   45  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution
🦉 Improper Input Validation
🦉 Regular Expression Denial of Service (ReDoS)
🦉 More lessons are available in Snyk Learn

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Nov 5, 2024

⚠️ No Changeset found

Latest commit: 7a97bea

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@socket-security Socket Security
Copy link

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@babel/[email protected] None 0 2.68 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 3.39 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 7.54 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 202 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 4.32 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 6.47 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 2.54 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 3.45 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 49.6 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 3.29 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 4.25 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 9.86 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 5.01 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 3.24 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 4.33 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 19 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 5.3 kB nicolo-ribaudo
npm/@babel/[email protected] None 0 4.87 kB nicolo-ribaudo
npm/@csstools/[email protected] None 0 63.2 kB jonathantneal
npm/@gar/[email protected] None 0 3.1 kB gar
npm/@npmcli/[email protected] filesystem +1 112 kB nlf
npm/@npmcli/[email protected] filesystem 0 7.89 kB nlf
npm/@types/[email protected] None 0 6.61 kB types
npm/@types/[email protected] None 0 8.2 kB types
npm/@types/[email protected] None 0 1.65 MB types
npm/@types/[email protected] None 0 2.74 kB types
npm/@types/[email protected] None 0 32.2 kB types
npm/@webassemblyjs/[email protected] None 0 180 kB xtuc
npm/@webassemblyjs/[email protected] None 0 6.37 kB xtuc
npm/@webassemblyjs/[email protected] None 0 6.1 kB xtuc
npm/@webassemblyjs/[email protected] None 0 8.7 kB xtuc
npm/@webassemblyjs/[email protected] None 0 4.28 kB xtuc
npm/@webassemblyjs/[email protected] None 0 9.07 kB xtuc
npm/@webassemblyjs/[email protected] None 0 29.8 kB xtuc
npm/@webassemblyjs/[email protected] None 0 24.2 kB xtuc
npm/@webassemblyjs/[email protected] None 0 19 kB xtuc
npm/@webassemblyjs/[email protected] None 0 5.19 kB xtuc
npm/@webassemblyjs/[email protected] None 0 46.1 kB xtuc
npm/@webassemblyjs/[email protected] None 0 11.2 kB xtuc
npm/@webassemblyjs/[email protected] None 0 29.4 kB xtuc
npm/@webassemblyjs/[email protected] None 0 23.9 kB xtuc
npm/@webassemblyjs/[email protected] None 0 9.34 kB xtuc
npm/@webassemblyjs/[email protected] None 0 122 kB xtuc
npm/@webassemblyjs/[email protected] None 0 137 kB xtuc
npm/@webassemblyjs/[email protected] None 0 37.3 kB xtuc
npm/@xtuc/[email protected] None 0 8.57 kB xtuc
npm/@xtuc/[email protected] None 0 190 kB xtuc
npm/[email protected] None 0 1.19 MB marijn
npm/[email protected] None 0 6.69 kB sindresorhus
npm/[email protected] None 0 41.7 kB esp
npm/[email protected] None 0 72.9 kB esp
npm/[email protected] None 0 6.4 kB trysound
npm/[email protected] environment 0 21.2 kB jonschlinkert
npm/[email protected] None 0 20.1 kB mahdyar
npm/[email protected] None 0 5.14 kB sindresorhus
npm/[email protected] None 0 9.37 kB sindresorhus
npm/[email protected] None 0 9.54 kB paulmillr
npm/[email protected] None 0 8.18 kB iarna
npm/[email protected] None 0 7.9 kB jonschlinkert
npm/[email protected] None 0 6.88 kB jonschlinkert
npm/[email protected] None 0 6.66 kB jonschlinkert
npm/[email protected] None 0 6.24 kB blakeembrey
npm/[email protected] None 0 2.47 kB sindresorhus
npm/[email protected] None 0 3.57 kB sindresorhus
npm/[email protected] None 0 7.16 kB jonschlinkert
npm/[email protected] None 0 49.8 kB indutny
npm/[email protected] Transitive: environment +2 84.3 kB goto-bus-stop
npm/[email protected] None 0 5.85 kB phated
npm/[email protected] None 0 3.95 kB paulmillr
npm/[email protected] None 0 6.9 kB strml
npm/[email protected] None 0 541 kB aearly
npm/[email protected] None 0 36.2 kB coolaj86
npm/[email protected] None 0 32.7 kB jonschlinkert
npm/[email protected] None 0 9.62 kB feross
npm/[email protected] None 0 7.29 kB dougwilson
npm/[email protected] None 0 63.9 kB mikemcl
npm/[email protected] None 0 5.36 kB sindresorhus
npm/[email protected] environment, filesystem 0 11.2 kB tootallnate
npm/[email protected] environment, eval, unsafe 0 632 kB esailija
npm/[email protected] None 0 100 kB fanatid
npm/[email protected] network +2 84.5 kB dougwilson
npm/[email protected] network 0 31.5 kB watson
npm/[email protected] None 0 1.33 kB feedic
npm/[email protected] None 0 49.2 kB doowb
npm/[email protected] None +2 42.9 kB cwmma
npm/[email protected] None 0 6.45 kB cwmma
npm/[email protected] None 0 6.27 kB cwmma
npm/[email protected] Transitive: environment +3 148 kB cwmma
npm/[email protected] None 0 192 kB dignifiedquire
npm/[email protected] None 0 18.5 kB soldair
npm/[email protected] None 0 4.83 kB dcousens
npm/[email protected] None 0 264 kB feross
npm/[email protected] network 0 4.5 kB bendrucker
npm/[email protected] None 0 10.8 kB dougwilson
npm/[email protected] None 0 16.4 kB jonschlinkert
npm/[email protected] None 0 14.7 kB ljharb
npm/[email protected] None +1 6.68 kB sindresorhus
npm/[email protected] None 0 2.52 kB sindresorhus
npm/[email protected] None 0 12.2 kB nyalab
npm/[email protected] environment +1 33.6 kB sindresorhus
npm/[email protected] environment, filesystem 0 89.8 kB paulmillr
npm/[email protected] None 0 14.2 kB samccone
npm/[email protected] None 0 19 kB jonschlinkert
npm/[email protected] None 0 5.51 kB sindresorhus
npm/[email protected] None +1 18.8 kB bcoe
npm/[email protected] environment, filesystem 0 72.5 kB qfox
npm/[email protected] None 0 6.85 kB jonschlinkert
npm/[email protected] None 0 27 kB qix
npm/[email protected] None 0 9.36 kB dfcreative
npm/[email protected] None 0 10.2 kB qix
npm/[email protected] None 0 16.6 kB qix
npm/[email protected] filesystem, shell 0 62.4 kB abetomo
npm/[email protected] None 0 4.79 kB substack
npm/[email protected] None 0 8 kB nami-doc
npm/[email protected] None 0 7.36 kB dougwilson
npm/[email protected] Transitive: environment, filesystem, network +2 80.8 kB dougwilson
npm/[email protected] None 0 9.56 kB mafintosh
npm/[email protected] None 0 11.5 kB bripkens
npm/[email protected] None 0 10.3 kB goto-bus-stop
npm/[email protected] None 0 7.46 kB juliangruber
npm/[email protected] None 0 19.1 kB dougwilson
npm/[email protected] None 0 10.2 kB dougwilson

🚮 Removed packages: npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@q1blue @snyk-bot