-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Snyk] Upgrade js-yaml from 3.10.0 to 3.14.0 #8
[Snyk] Upgrade js-yaml from 3.10.0 to 3.14.0 #8
Conversation
Snyk has created this PR to upgrade js-yaml from 3.10.0 to 3.14.0. See this package in npm: https://www.npmjs.com/package/js-yaml See this project in Snyk: https://app.snyk.io/org/kadirselcuk/project/da7a914c-29f0-4ae3-b221-c55343aa7b0e?utm_source=github&utm_medium=upgrade-pr
Hard-Coded Secrets (100)
More info on how to fix Hard-Coded Secrets in General. Insecure Use of Regular Expressions (68)
More info on how to fix Insecure Use of Regular Expressions in Javascript. Insecure File Management (11)
flight-manual.atom.io/gulpfile.js Line 86 in 5aaf9d6
flight-manual.atom.io/gulpfile.js Line 89 in 5aaf9d6
flight-manual.atom.io/gulpfile.js Line 93 in 5aaf9d6
flight-manual.atom.io/gulpfile.js Line 96 in 5aaf9d6
flight-manual.atom.io/gulpfile.js Line 100 in 5aaf9d6
flight-manual.atom.io/gulpfile.js Line 125 in 5aaf9d6
flight-manual.atom.io/gulpfile.js Line 136 in 5aaf9d6
More info on how to fix Insecure File Management in Javascript. Insecure Use of Dangerous Function (4)
flight-manual.atom.io/gulpfile.js Line 108 in 5aaf9d6
flight-manual.atom.io/Rakefile Line 98 in 5aaf9d6
More info on how to fix Insecure Use of Dangerous Function in Javascript and Ruby. Insecure Use of Crypto (6)
More info on how to fix Insecure Use of Crypto in Javascript. Vulnerable Libraries (32)
More info on how to fix Vulnerable Libraries in Javascript and Ruby. 👉 Go to the dashboard for detailed results. 📥 Happy? Share your feedback with us. |
Snyk has created this PR to upgrade js-yaml from 3.10.0 to 3.14.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-JSYAML-174129
Why? Has a fix available, CVSS 8.1
SNYK-JS-JSYAML-173999
Why? Has a fix available, CVSS 8.1
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: js-yaml
3.14.0 released
3.13.1 released
3.13.0 released
3.12.2 released
3.12.1 released
3.12.0 released
3.11.0 released
3.10.0 released
Commit messages
Package name: js-yaml
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs