Closed snyk-bot closed 3 years ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: π§ View latest project report
π Adjust project settings
π Read more about Snyk's upgrade and patch logic
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-SSRI-1246392
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: @vue/cli-service
The new version differs by 13 commits.- 6e0d846 v4.5.13
- 9a125a2 fix(v4): fix modern mode optional chaining syntax tranpilation (#6459)
- b39726e fix(mocha): workaround the SVGElement issue in Vue (#6400)
- d41fb55 chore: remove the word "Preview" from vue 3 preset (#6310)
- 5a135f6 chore: remove the word "Preview" from vue 3 preset (#6300)
- 0e0ae95 fix(v4): get rid of ssri vulnerability warnings (#6455)
- b0de229 v4.5.12
- 87c35a0 feat: bump default prettier version to 2.x
- fae7ee8 fix: revert to ts 4.2.3 to fix failing ci tests
- 106c323 feat: use TS 4.2+ in newly created projects
- 9ea68a8 chore: bump minimum required jsx preset / plugin versions
- 82ab316 chore: bump vue-codemod to work around a npm hoisting bug
- bef2375 chore: vue-cli-plugin-apollo can be listed as a dev dep
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
π§ View latest project report
π Adjust project settings
π Read more about Snyk's upgrade and patch logic