search

ROhta / bingo_next

GNU General Public License v3.0
0 stars 0 forks source link

[Snyk] Fix for 1 vulnerabilities #475

Closed ROhta closed 1 month ago

ROhta commented 4 months ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json
⚠️ Warning ``` Failed to update the package-lock.json, please update manually before merging. ```
#### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity") | **631/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 6.2 | Missing Release of Resource after Effective Lifetime
[SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | Yes | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: eslint The new version differs by 250 commits.
  • e0cbc50 9.0.0
  • 75cb5f4 Build: changelog update for 9.0.0
  • 19f9a89 chore: Update dependencies for v9.0.0 (#18275)
  • 7c957f2 chore: package.json update for @ eslint/js release
  • d73a33c chore: ignore `/docs/v8.x` in link checker (#18274)
  • d54a412 feat: Add --inspect-config CLI flag (#18270)
  • e151050 docs: update get-started to the new `@ eslint/create-config` (#18217)
  • 610c148 fix: Support `using` declarations in no-lone-blocks (#18269)
  • 44a81c6 chore: upgrade knip (#18272)
  • 94178ad docs: mention about `name` field in flat config (#18252)
  • 1765c24 docs: add Troubleshooting page (#18181)
  • e80b60c chore: remove code for testing version selectors (#18266)
  • 96607d0 docs: version selectors synchronization (#18260)
  • e508800 fix: rule tester ignore irrelevant test case properties (#18235)
  • a129acb fix: flat config name on ignores object (#18258)
  • 97ce45b feat: Add `reportUsedIgnorePattern` option to `no-unused-vars` rule (#17662)
  • 651ec91 docs: remove `/* eslint-env */` comments from rule examples (#18249)
  • 950c4f1 docs: Update README
  • 3e9fcea feat: Show config names in error messages (#18256)
  • b7cf3bd fix!: correct `camelcase` rule schema for `allow` option (#18232)
  • 12f5746 docs: add info about dot files and dir in flat config (#18239)
  • b93f408 docs: update shared settings example (#18251)
  • 26384d3 docs: fix `ecmaVersion` in one example, add checks (#18241)
  • 7747097 docs: Update PR review process (#18233)
See the full diff
Package name: eslint-config-next The new version differs by 250 commits.
  • 16e7a5b v14.1.0
  • 8a3881f Update labeler.json (#60843)
  • 1b255a6 v14.0.5-canary.68
  • 02c2f11 Enable missing suspense bailout by default (#60840)
  • 2096dfa v14.0.5-canary.67
  • b8d8e6e dx: warn the deprecated cache configs are used (#60836)
  • c192f4e turbopack: rename custom cache handler configs (#60828)
  • 2227ae5 Revert "Fix: Throw an error for empty array return in `generateStaticParams` with `output:export`" (#60831)
  • b7f5107 Fix: respect init.cache if fetch input is request instance (#60821)
  • 752c15e Add metrics names for unstable_cache (#60802)
  • e733853 Ensure request specific caches for revalidate are reset (#60810)
  • ecbc36c Fix error from the auth docs. (#60829)
  • c247347 feat: support custom image loaders in turbopack (#60736)
  • cb71d80 chore(deps): update `browserslist` and `caniuse-lite` (#60827)
  • 54f73a2 Docs: Use JS comment for MDX (#60825)
  • d450ff7 docs: add build worker optout error back with upgrade advice (#60826)
  • afcafcd chore(docs): fix example documentation for Art Direction (#60823)
  • 7472cef Remove the warning for build worker when custom webpack present (#60820)
  • 65fce8a add authentication docs page (#60388)
  • b14c1eb fix(ts): auto-complete `next/headers` (#60817)
  • 8179e70 v14.0.5-canary.66
  • e0399ca Support next/og usage in ESM nextjs app (#60818)
  • 299d145 Use snapshots for component-stack tests (#60768)
  • 486567d Update ReactRefreshRegression test snapshot for Turbopack (#60767)
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/rohta/project/b42e8254-e259-4668-b213-c68c26d4d5c0?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/rohta/project/b42e8254-e259-4668-b213-c68c26d4d5c0?utm_source=github&utm_medium=referral&page=fix-pr/settings) 📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) [//]: # (snyk:metadata:{"prId":"7b9b65c6-a8a8-4d0f-907f-75055548fd05","prPublicId":"7b9b65c6-a8a8-4d0f-907f-75055548fd05","dependencies":[{"name":"eslint","from":"8.31.0","to":"9.0.0"},{"name":"eslint-config-next","from":"13.1.1","to":"14.1.0"}],"packageManager":"npm","projectPublicId":"b42e8254-e259-4668-b213-c68c26d4d5c0","projectUrl":"https://app.snyk.io/org/rohta/project/b42e8254-e259-4668-b213-c68c26d4d5c0?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-INFLIGHT-6095116"],"upgrade":["SNYK-JS-INFLIGHT-6095116"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["pr-warning-shown","priorityScore"],"priorityScoreList":[631],"remediationStrategy":"vuln"}) --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Learn about vulnerability in an interactive lesson of Snyk Learn.](https://learn.snyk.io/?loc=fix-pr)