Open tirumerla opened 1 month ago
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
Package | New capabilities | Transitives | Size | Publisher |
---|
🚮 Removed packages: npm/@babel/code-frame@7.24.2, npm/@babel/helper-validator-identifier@7.24.5, npm/@babel/highlight@7.24.5, npm/@eslint-community/eslint-utils@4.4.0, npm/@eslint-community/regexpp@4.10.0, npm/@eslint/eslintrc@2.1.4, npm/@eslint/js@8.57.0, npm/@humanwhocodes/config-array@0.11.14, npm/@humanwhocodes/module-importer@1.0.1, npm/@jest/expect-utils@29.7.0, npm/@jest/types@29.6.3, npm/@nodelib/fs.scandir@2.1.5, npm/@nodelib/fs.stat@2.0.5, npm/@nodelib/fs.walk@1.2.8, npm/@npmcli/fs@3.1.0, npm/@types/glob@8.1.0, npm/@types/istanbul-lib-coverage@2.0.6, npm/@types/istanbul-lib-report@3.0.3, npm/@types/istanbul-reports@3.0.4, npm/@types/jest@29.5.12, npm/@types/json-schema@7.0.15, npm/@types/lodash@4.17.4, npm/@types/minimatch@5.1.2, npm/@types/node@16.18.97, npm/@types/semver@7.5.8, npm/@types/stack-utils@2.0.3, npm/@types/yargs-parser@21.0.3, npm/@types/yargs@17.0.32, npm/@typescript-eslint/eslint-plugin@5.62.0, npm/@typescript-eslint/parser@5.62.0, npm/@typescript-eslint/scope-manager@5.62.0, npm/@typescript-eslint/type-utils@5.62.0, npm/@typescript-eslint/types@5.62.0, npm/@typescript-eslint/typescript-estree@5.62.0, npm/@typescript-eslint/utils@5.62.0, npm/@typescript-eslint/visitor-keys@5.62.0, npm/@ungap/structured-clone@1.2.0, npm/ajv@6.12.6, npm/array-union@2.1.0, npm/braces@3.0.3, npm/ci-info@3.9.0, npm/debug@4.3.4, npm/dir-glob@3.0.1, npm/eslint-scope@5.1.1, npm/eslint-visitor-keys@3.4.3, npm/eslint@8.57.0, npm/esrecurse@4.3.0, npm/estraverse@5.3.0, npm/expect@29.7.0, npm/fast-glob@3.3.2, npm/fastq@1.17.1, npm/fill-range@7.1.1, npm/glob-parent@5.1.2, npm/globby@11.1.0, npm/graphemer@1.4.0, npm/is-extglob@2.1.1, npm/is-glob@4.0.3, npm/is-number@7.0.0, npm/jest-matcher-utils@29.7.0, npm/jest-message-util@29.7.0, npm/jest-util@29.7.0, npm/js-tokens@4.0.0, npm/merge2@1.4.1, npm/micromatch@4.0.7, npm/ms@2.1.2, npm/natural-compare-lite@1.4.0, npm/path-type@4.0.0, npm/picocolors@1.0.1, npm/picomatch@2.3.1, npm/queue-microtask@1.2.3, npm/reusify@1.0.4, npm/run-parallel@1.2.0, npm/slash@3.0.0, npm/stack-utils@2.0.6, npm/to-regex-range@5.0.1, npm/tsutils@3.21.0, npm/undici-types@5.26.5
Snyk has created this PR to fix 1 vulnerabilities in the yarn dependencies of this project.
Snyk changed the following file(s):
examples/batch-proposal/package.json
Note for zero-installs users
If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the
.yarn/cache/
directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to runyarn
to update the contents of the./yarn/cache
directory. If you are not using zero-install you can ignore this as your flow should likely be unchanged.⚠️ Warning
``` Failed to update the yarn.lock, please update manually before merging. ```Vulnerabilities that will be fixed with an upgrade:
SNYK-JS-AXIOS-7361793
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report 📜 Customise PR templates 🛠 Adjust project settings 📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Server-side Request Forgery (SSRF)