search

Leko / WEB-EGG

WEB EGG
https://blog.leko.jp
MIT License
15 stars 0 forks source link

[Snyk] Security upgrade prismjs from 1.18.0 to 1.21.0 #374

Closed snyk-bot closed 3 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
high severity Cross-site Scripting (XSS)
SNYK-JS-PRISMJS-597628		 No No Known Exploit
Commit messages
Package name: prismjs The new version differs by 206 commits.
  • 187c8a6 1.21.0
  • bf4f323 Changelog for v1.21.0 (#2507)
  • 8bba488 Previewers: Fixed XSS (#2506)
  • 158caf5 JSON: Greedy comments (#2479)
  • f0f8210 Batch: Fix escaped double quote (#2485)
  • 649e51e Added support for Dhall (#2473)
  • 453079b Line Numbers: Fixed class name on website
  • a0efa40 Fixed Treeview page (#2484)
  • 78161d6 VB: Added VBA alias (#2469)
  • ed1df1e Added support for YANG (#2467)
  • 447429f Line Numbers: Improved documentation (#2456)
  • 3fcce6f Added support for .gitignore (#2481)
  • 0c30c58 EditorConfig: Trim spaces before key and section title (#2482)
  • 2ff40fe Rust: Improvements (#2464)
  • 2805ae3 JSDoc: Improvements (#2466)
  • 398e294 Added support for Cypher (#2459)
  • 4f55052 JS: Improved regex detection (#2465)
  • 16fbe3e Bump lodash from 4.17.15 to 4.17.19 (#2478)
  • bea7a58 SQL: Added PostgreSQL `RETURNING` keyword (#2476)
  • 67f97e2 Kotlin: Added `kt` and `kts` aliases (#2474)
  • 4028520 Core: Fixed greedy matching bug (#2032)
  • ed8fff9 Added support for EditorConfig (#2471)
  • 278316c SAS: Improved macro string functions (#2463)
  • 537a9e8 CSP: Fixed directives (#2461)
See the full diff
With a Snyk patch:
Severity Issue Exploit Maturity
medium severity Prototype Pollution
SNYK-JS-LODASH-567746		 Proof of Concept

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

codecov-commenter commented 4 years ago

Codecov Report

:exclamation: No coverage uploaded for pull request base (master@cf89904). Click here to learn what that means. The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff            @@
##             master     #374   +/-   ##
=========================================
  Coverage          ?   49.15%           
=========================================
  Files             ?        2           
  Lines             ?      177           
  Branches          ?       39           
=========================================
  Hits              ?       87           
  Misses            ?       77           
  Partials          ?       13

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update cf89904...10310c9. Read the comment docs.

netlify[bot] commented 4 years ago

Deploy preview for webegg ready!

Built with commit 10310c9e48203745c99387d03ba20db3fced7293

https://deploy-preview-374--webegg.netlify.app

Leko commented 3 years ago

@snyk-bot rebase