[Snyk] Upgrade url-loader from 0.5.9 to 0.6.2 #20

snyk-bot · 2020-03-25T02:12:49Z

Snyk has created this PR to upgrade url-loader from 0.5.9 to 0.6.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 3 versions ahead of your current version.
The recommended version was released 2 years ago, on 2017-10-04.

The recommended version fixes:

Severity	Issue	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) npm:mime:20170907	No Known Exploit

Release notes

Package name: url-loader

0.6.2 - 2017-10-04
2017-10-04

Bug Fixes
- allow use limit as string (#96) (b31684d)
0.6.1 - 2017-10-04
2017-10-04

Bug Fixes
- schema: allow additionalProperties (#94) (2b01ea2)
0.6.0 - 2017-10-03
2017-10-03

Features
- index: add options validation (schema-utils) (#78) (ced5990)
- add fallback option (#88) (636ebed)
Security
- Updates Mime pacakge due to Regex DOS security vulnerability (#87) (d19ee2d)
- Reference issue https://nodesecurity.io/advisories/535
0.5.9 - 2017-06-12
2017-06-12

Bug Fixes
- String not being base64 encoded (#67) (e9496b9)
- don't default to 0 (options.limit) (#74) (020c2a8)

from url-loader GitHub release notes

Commit messages

Package name: url-loader

672ba80 chore(release): 0.6.2
b31684d fix: allow use `limit` as string ([Snyk] Fix for 1 vulnerabilities #96)
a8f338e chore(release): 0.6.1
2b01ea2 fix(schema): allow `additionalProperties` ([Snyk] Upgrade jquery from 3.5.1 to 3.6.0 #94)
11dce14 docs: Update changelog with nsp advisory
1934507 chore(release): 0.6.0
a1e1fef chore: Fix mime version
d19ee2d chore: update `mime` package to avoid deprecation mime type with `woff` and `woff2` ([Snyk] Upgrade firebase from 8.2.10 to 8.7.1 #87)
636ebed feat: add `fallback` option ([Snyk] Upgrade snyk from 1.518.0 to 1.663.0 #88)
f3f5fce docs(README): remove confusing `prefix` option (`options.prefix`) ([Snyk] Upgrade underscore from 1.12.0 to 1.13.1 #89)
2de70bb docs(README): fix typo in example ([Snyk] Security upgrade underscore from 1.11.0 to 1.12.1 #81)
ced5990 feat(index): add options validation (`schema-utils`) ([Snyk] Security upgrade webpack from 1.15.0 to 2.2.0 #78)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade url-loader from 0.5.9 to 0.6.2. See this package in NPM: https://www.npmjs.com/package/url-loader See this project in Snyk: https://app.snyk.io/org/yowainwright/project/03b099ed-f55b-4b6c-983e-577944d94ddf?utm_source=github&utm_medium=upgrade-pr

yowainwright approved these changes Mar 26, 2020

View reviewed changes

yowainwright merged commit d78ecc1 into master Mar 26, 2020

yowainwright deleted the snyk-upgrade-3a16df057b07731a8af2d995fb6409a4 branch March 26, 2020 05:52

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade url-loader from 0.5.9 to 0.6.2 #20

[Snyk] Upgrade url-loader from 0.5.9 to 0.6.2 #20

snyk-bot commented Mar 25, 2020

2017-10-04

`Bug Fixes`

2017-10-04

`Bug Fixes`

2017-10-03

`Features`

`Security`

2017-06-12

`Bug Fixes`

[Snyk] Upgrade url-loader from 0.5.9 to 0.6.2 #20

[Snyk] Upgrade url-loader from 0.5.9 to 0.6.2 #20

Conversation

snyk-bot commented Mar 25, 2020

Snyk has created this PR to upgrade url-loader from 0.5.9 to 0.6.2.

2017-10-04

Bug Fixes

2017-10-04

Bug Fixes

2017-10-03

Features

Security

2017-06-12

Bug Fixes

`Bug Fixes`

`Bug Fixes`

`Features`

`Security`

`Bug Fixes`