This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade html-react-parser from 1.4.11 to 1.4.12.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **1 version** ahead of your current version.
- The recommended version was released **22 days ago**, on 2022-04-22.
The recommended version fixes:
Severity | Issue | PriorityScore (*) | Exploit Maturity |
:-------------------------:|:-------------------------|-------------------------|:-------------------------
| Prototype Pollution [SNYK-JS-UNSETVALUE-2400660](https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660) | **375/1000** **Why?** CVSS 7.5 | No Known Exploit
| Remote Code Execution (RCE) [SNYK-JS-SHELLQUOTE-1766506](https://snyk.io/vuln/SNYK-JS-SHELLQUOTE-1766506) | **375/1000** **Why?** CVSS 7.5 | No Known Exploit
| Regular Expression Denial of Service (ReDoS) [SNYK-JS-PROMPTS-1729737](https://snyk.io/vuln/SNYK-JS-PROMPTS-1729737) | **375/1000** **Why?** CVSS 7.5 | Proof of Concept
| Prototype Pollution [SNYK-JS-IMMER-1540542](https://snyk.io/vuln/SNYK-JS-IMMER-1540542) | **375/1000** **Why?** CVSS 7.5 | Proof of Concept
| Undesired Behavior [SNYK-JS-EVENTSOURCEPOLYFILL-2429580](https://snyk.io/vuln/SNYK-JS-EVENTSOURCEPOLYFILL-2429580) | **375/1000** **Why?** CVSS 7.5 | Mature
| Regular Expression Denial of Service (ReDoS) [SNYK-JS-DEVCERT-2808183](https://snyk.io/vuln/SNYK-JS-DEVCERT-2808183) | **375/1000** **Why?** CVSS 7.5 | No Known Exploit
| Regular Expression Denial of Service (ReDoS) [SNYK-JS-BROWSERSLIST-1090194](https://snyk.io/vuln/SNYK-JS-BROWSERSLIST-1090194) | **375/1000** **Why?** CVSS 7.5 | Proof of Concept
(*) Note that the real score may have changed since the PR was raised.
Release notes Package name: html-react-parser
ed89b4d Merge pull request #522 from LivDunn/master
4456f6a fix: package.json not defined by exports warning
820f1bf Merge pull request #520 from remarkablemark/dependabot/npm_and_yarn/types/react-18.0.6
b44f0ea build(deps-dev): bump @ types/react from 18.0.5 to 18.0.6
62deaa7 Merge pull request #519 from remarkablemark/dependabot/npm_and_yarn/lint-staged-12.4.0
cc05582 build(deps-dev): bump lint-staged from 12.3.7 to 12.4.0
fdfe1ba Merge pull request #516 from remarkablemark/dependabot/npm_and_yarn/rollup/plugin-commonjs-21.1.0
96a244e build(deps-dev): bump @ rollup/plugin-commonjs from 21.0.3 to 21.1.0
07664e0 Merge pull request #517 from remarkablemark/dependabot/npm_and_yarn/rollup/plugin-node-resolve-13.2.1
4a0e546 build(deps-dev): bump @ rollup/plugin-node-resolve from 13.2.0 to 13.2.1
d00326e Merge pull request #518 from remarkablemark/dependabot/npm_and_yarn/typescript-eslint/parser-5.20.0
9837f61 build(deps-dev): bump @ typescript-eslint/parser from 5.19.0 to 5.20.0
0871421 Merge pull request #515 from remarkablemark/dependabot/npm_and_yarn/rollup-2.70.2
b7329d2 build(deps-dev): bump rollup from 2.70.1 to 2.70.2
Compare
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.*
For more information:
🧐 [View latest project report](https://app.snyk.io/org/martin-starosta/project/e4d1908d-5575-4e33-99b7-5dab9e3a154b?utm_source=github&utm_medium=referral&page=upgrade-pr)
🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/martin-starosta/project/e4d1908d-5575-4e33-99b7-5dab9e3a154b/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)
🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/martin-starosta/project/e4d1908d-5575-4e33-99b7-5dab9e3a154b/settings/integration?pkg=html-react-parser&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade html-react-parser from 1.4.11 to 1.4.12.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **1 version** ahead of your current version. - The recommended version was released **22 days ago**, on 2022-04-22. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:-------------------------
[SNYK-JS-UNSETVALUE-2400660](https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660) | **375/1000**
**Why?** CVSS 7.5 | No Known Exploit
[SNYK-JS-SHELLQUOTE-1766506](https://snyk.io/vuln/SNYK-JS-SHELLQUOTE-1766506) | **375/1000**
**Why?** CVSS 7.5 | No Known Exploit
[SNYK-JS-PROMPTS-1729737](https://snyk.io/vuln/SNYK-JS-PROMPTS-1729737) | **375/1000**
**Why?** CVSS 7.5 | Proof of Concept
[SNYK-JS-IMMER-1540542](https://snyk.io/vuln/SNYK-JS-IMMER-1540542) | **375/1000**
**Why?** CVSS 7.5 | Proof of Concept
[SNYK-JS-EVENTSOURCEPOLYFILL-2429580](https://snyk.io/vuln/SNYK-JS-EVENTSOURCEPOLYFILL-2429580) | **375/1000**
**Why?** CVSS 7.5 | Mature
[SNYK-JS-DEVCERT-2808183](https://snyk.io/vuln/SNYK-JS-DEVCERT-2808183) | **375/1000**
**Why?** CVSS 7.5 | No Known Exploit
[SNYK-JS-BROWSERSLIST-1090194](https://snyk.io/vuln/SNYK-JS-BROWSERSLIST-1090194) | **375/1000**
**Why?** CVSS 7.5 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: html-react-parser
-
1.4.12 - 2022-04-22
- package.json not defined by exports warning (4456f6a)
-
1.4.11 - 2022-04-15
- upgrade html-dom-parser to add support for react-native (50eafcc)
from html-react-parser GitHub release notesBug Fixes
Build System
Commit messages
Package name: html-react-parser
- aaf0e40 Merge pull request #523 from remarkablemark/release-v1.4.12
- 73d05d5 chore: release 1.4.12
- ed89b4d Merge pull request #522 from LivDunn/master
- 4456f6a fix: package.json not defined by exports warning
- 820f1bf Merge pull request #520 from remarkablemark/dependabot/npm_and_yarn/types/react-18.0.6
- b44f0ea build(deps-dev): bump @ types/react from 18.0.5 to 18.0.6
- 62deaa7 Merge pull request #519 from remarkablemark/dependabot/npm_and_yarn/lint-staged-12.4.0
- cc05582 build(deps-dev): bump lint-staged from 12.3.7 to 12.4.0
- fdfe1ba Merge pull request #516 from remarkablemark/dependabot/npm_and_yarn/rollup/plugin-commonjs-21.1.0
- 96a244e build(deps-dev): bump @ rollup/plugin-commonjs from 21.0.3 to 21.1.0
- 07664e0 Merge pull request #517 from remarkablemark/dependabot/npm_and_yarn/rollup/plugin-node-resolve-13.2.1
- 4a0e546 build(deps-dev): bump @ rollup/plugin-node-resolve from 13.2.0 to 13.2.1
- d00326e Merge pull request #518 from remarkablemark/dependabot/npm_and_yarn/typescript-eslint/parser-5.20.0
- 9837f61 build(deps-dev): bump @ typescript-eslint/parser from 5.19.0 to 5.20.0
- 0871421 Merge pull request #515 from remarkablemark/dependabot/npm_and_yarn/rollup-2.70.2
- b7329d2 build(deps-dev): bump rollup from 2.70.1 to 2.70.2
Compare**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: