Closed snyk-bot closed 1 year ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Prototype Pollution
Resolved as a part of #1071
droguljic
commented
1 year ago droguljic
commented
1 year ago
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Recently disclosed, Has a fix available, CVSS 7.5
SNYK-JS-LOADERUTILS-3043105
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: exports-loader
The new version differs by 11 commits.- 8dece9c chore(release): 1.0.0
- fa0b87d feat: better validation string value (#40)
- 0cf1096 feat: object notation (#39)
- 234e4d0 docs: improve (#38)
- 8b03f42 feat: next
- d823dbc feat: validate options
- d947a5c docs: improve (#35)
- d0705ba fix: always rewrite existing exports
- a2541ac chore(defaults): update (#33)
- d43d199 docs(readme): fix CONTRIBUTING link (#25)
- c015150 refactor(defaults): update to latest webpack-defaults (#23)
See the full diffPackage name: imports-loader
The new version differs by 8 commits.- ebfc6ad chore(release): 1.0.0
- 574b5f6 refactor: `wrapper` option (#78)
- c7f8799 fix: respect 'use strict' (#77)
- 9e2cec4 refactor: code
- 7265bc8 refactor: options for commonjs
- bef708f refactor: code
- 754baa8 chore: defaults update (#73)
- 94fda1f ci: test Node.js 6, 8, 10 and 11 (#69)
See the full diffPackage name: sass-loader
The new version differs by 49 commits.- 45bd865 chore(release): 9.0.0
- 0629915 refactor: code before release
- c11478d test: ambiguous imports (#855)
- 73009fd docs: yarn pnp + using `dart-sass` by default (#854)
- d487683 feat: pass the loader context to custom importers under `this.webpackLoaderContext` property (#853)
- b3ffd5b test: resolution logic (#852)
- 3abe3f5 fix: resolution logic
- 20b7a11 docs: fix link for prependData (#847)
- 006c02e refactor: code
- 2a18d5b ci: node@14 (#842)
- 17832fd fix: resolution for `file` scheme
- 744112d fix: perf (#840)
- aeb86f0 fix: resolution logic (#839)
- 7380b7b fix: resolution logic (#838)
- 0c8d3b3 feat: support `process.cwd()` resolution (#837)
- 8376179 feat: support SASS-PATH env variable (#836)
- ddeff88 test: refactor (#835)
- 24c852a docs: options table (#834)
- f892eba refactor: code (#833)
- 68dd278 fix: avoid different content on different os (#832)
- 1655baf fix: resolution logic (#831)
- fe3b33b fix: resolution logic (#830)
- 41e0e45 test: foundation-sites (#829)
- a3dec34 chore: minimum supported Nodejs version is `10.13` (#828)
See the full diffPackage name: val-loader
The new version differs by 21 commits.- 34c7570 chore(release): 2.1.1
- 67ca776 chore(deps): update
- c0eecec docs: example shows how to connect modernizr (#51)
- ae6977e docs: example shows how to build figlet (#52)
- 656f260 chore(release): 2.1.0
- 4ee809e chore(deps): update (#49)
- 011e0b6 docs: clarify type of exported function (#48)
- cd5dd47 feat: pass `loaderContext` as 2nd parameter (#47)
- 2c11d27 chore(release): 2.0.2
- 50fe5d4 refactor: code (#45)
- ea66fef chore(release): 2.0.1
- f234364 fix: link on package (#44)
- e15b1ff chore(defaults): update
- b54fbc7 chore(release): 2.0.0
- 15c2f50 test: migrate on memfs (#42)
- 016c4a3 test: more (#41)
- 077842e refactor: code (#40)
- bbf466b docs(readme): use a consistent filename in the example (#39)
- ed2c487 docs: changed the syntax glitch in the example snipper (#36)
- be73a63 chore(release): 1.1.1
- fea518d fix: add support `webpack@4` (#30)
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Prototype Pollution