search

BearStudio / start-ui-web

πŸš€ Start UI [web] is an opinionated UI starter with 🟦 TypeScript, βš›οΈ React, ⚫️ NextJS, ⚑️ Chakra UI, 🟦 tRPC, πŸ” Lucia Auth, β–² Prisma, πŸ–οΈ TanStack Query, πŸ“• Storybook, 🎭 Playwright,πŸ“‹ React Hook Form,β—½From the 🐻 BearStudio Team
https://demo.start-ui.com
MIT License
1.39k stars 129 forks source link

[Snyk] Upgrade next from 13.4.4 to 13.5.6 #421

Closed ivan-dalmet closed 11 months ago

ivan-dalmet commented 11 months ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade next from 13.4.4 to 13.5.6.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **203 versions** ahead of your current version. - The recommended version was released **2 months ago**, on 2023-10-18. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Resource Exhaustion
[SNYK-JS-NEXT-6032387](https://snyk.io/vuln/SNYK-JS-NEXT-6032387) | **89/1000**
**Why?** Confidentiality impact: None, Integrity impact: None, Availability impact: Low, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00045, Social Trends: No, Days since published: 44, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 2.35, Likelihood: 3.74, Score Version: V5 | Proof of Concept | Improper Input Validation
[SNYK-JS-POSTCSS-5926692](https://snyk.io/vuln/SNYK-JS-POSTCSS-5926692) | **89/1000**
**Why?** Confidentiality impact: None, Integrity impact: None, Availability impact: Low, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00045, Social Trends: No, Days since published: 44, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 2.35, Likelihood: 3.74, Score Version: V5 | No Known Exploit (*) Note that the real score may have changed since the PR was raised.
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/ivan-dalmet/project/c5dfbf5e-a3fa-46f9-9a36-ec6565c68d21?utm_source=github&utm_medium=referral&page=upgrade-pr) πŸ›  [Adjust upgrade PR settings](https://app.snyk.io/org/ivan-dalmet/project/c5dfbf5e-a3fa-46f9-9a36-ec6565c68d21/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) πŸ”• [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/ivan-dalmet/project/c5dfbf5e-a3fa-46f9-9a36-ec6565c68d21/settings/integration?pkg=next&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
vercel[bot] commented 11 months ago

The latest updates on your projects. Learn more about Vercel for Git β†—οΈŽ

Name Status Preview Comments Updated (UTC)
start-ui ❌ Failed (Inspect) Dec 8, 2023 5:27pm
start-ui-v2 ❌ Failed (Inspect) Dec 8, 2023 5:27pm
sonarcloud[bot] commented 11 months ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication