Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.
Changes included in this PR
Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
backend/package.json
backend/package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
Severity
Priority Score (*)
Issue
Breaking Change
Exploit Maturity
768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5
SNYK-JS-ANSIREGEX-1583908
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: eslint
The new version differs by 250 commits.- 145aec1 7.16.0
- 83518a5 Build: changelog update for 7.16.0
- a62ad6f Update: fix false negative of no-extra-parens with NewExpression (#13930)
- f85b4c7 Fix: require-atomic-updates false positive across await (fixes #11954) (#13915)
- 301d0c0 Fix: no-constant-condition false positives with unary expressions (#13927)
- 555c128 Fix: false positive with await and ** in no-extra-parens (fixes #12739) (#13923)
- d93c935 Docs: update JSON Schema links (#13936)
- 8d0c93a Upgrade: table@6.0.4 (#13920)
- 9247683 Docs: Remove for deleted npm run profile script (#13931)
- ab240d4 Fix: prefer-exponentiation-operator invalid autofix with await (#13924)
- dc76911 Chore: Add .pre-commit-hooks.yaml file (#13628)
- 2124e1b Docs: Fix wrong rule name (#13913)
- 06b5809 Sponsors: Sync README with website
- 26fc12f Docs: Update README team and sponsors
- 902a032 7.15.0
- 6356778 Build: changelog update for 7.15.0
- 5c11aab Upgrade: @ eslint/esintrc and espree for bug fixes (refs #13878) (#13908)
- 0eb7957 Upgrade: file-entry-cache@6.0.0 (#13877)
- 683ad00 New: no-unsafe-optional-chaining rule (fixes #13431) (#13859)
- cbc57fb Fix: one-var autofixing for export (fixes #13834) (#13891)
- 110cf96 Docs: Fix a broken link in working-with-rules.md (#13875)
- 0cb81a9 7.14.0
- fb3a594 Build: changelog update for 7.14.0
- 5f09073 Update: fix 'skip' options in no-irregular-whitespace (fixes #13852) (#13853)
See the full diffPackage name: snyk
The new version differs by 250 commits.- 3f52bdc Merge pull request #1669 from snyk/fix/dont-fail-on-request-big-payload
- 47e106e fix: don't fail on request's big payload
- 1228b55 Merge pull request #1624 from snyk/chore/cli-alert-improvement
- fccd907 Merge pull request #1666 from snyk/chore/bump-cpp-test-timeout
- 6772a3e Merge pull request #1649 from snyk/chore/deps-update
- 89a7767 chore: update dependencies
- eaf4915 test: wrap pagerduty await in try-catch, remove condition
- 0576431 test: add pagerduty, check if test is running before attemmpting rerun
- a08a938 chore: bump flaky cpp test timeout
- ebb8dd7 Merge pull request #1656 from snyk/feat/protect-prime-time
- 69cd590 test: fix flakey json output test
- 3021bb2 Merge pull request #1663 from snyk/fix/upgrade-snyk-gradle-plugin
- a988600 Merge pull request #1654 from snyk/feat/iac-experimental-terraform-support
- b455497 feat: iac experimental tf support
- 4848b7e chore: run tests in packages in CI
- 3e7e99e feat: implement snyk protect
- bb233f1 chore: enable prettier formatting in packages
- fe0183d test: enable jest testing in snyk-protect workspace
- 40ec817 test: test fixture for snyk protect
- 7dfd3ea Merge pull request #1661 from snyk/test/fix-flake-with-dev-count-analysis
- 02c99b8 test: remove tests previously migrated to jest
- e203fd1 test: set timeout in beforeAll
- d42f6d9 fix: update snyk-gradle-plugin to 3.13.2
- 8cd9fbf Merge pull request #1662 from snyk/test/add-longer-timeouts
See the full diffPackage name: webpack-dev-server
The new version differs by 250 commits.- c9271b9 chore(release): 4.0.0
- 18bf369 test: fix stability (#3676)
- cdcabb2 fix: respect protocol from browser for manual setup (#3675)
- 1768d6b fix: initial reloading for lazy compilation (#3662)
- 4f5bab1 docs: improve examples (#3672)
- f2d87fb fix: improve https CLI output (#3673)
- 0277c5e chore: remove redundant console statements (#3671)
- 16fcdbc docs: add `ipc` example (#3667)
- 8915fb8 test: add e2e tests for built in routes (#3669)
- 4d1cbe1 docs: ask `version` information in issue template (#3668)
- b6c1881 chore(deps-dev): bump core-js from 3.16.1 to 3.16.2 (#3666)
- ffa8cc5 chore(deps-dev): bump supertest from 6.1.5 to 6.1.6 (#3665)
- f1fdaa7 chore(release): 4.0.0-rc.1
- c4678bc fix: legacy API (#3660)
- d8bdd03 test: fix stability (#3661)
- 22b1414 refactor: remove `killable` (#3657)
- 75bafbf test: add e2e tests for module federation (#3658)
- 493ccbd chore(deps): update `ws` (#3652)
- ae8c523 test: add e2e test for universal compiler (#3656)
- f94b84f chore(deps): update (#3655)
- 1923132 test: fix cli
- 2adfd01 test: fix todo (#3653)
- 6e2cbde fix: proxy logging and allow to pass options without the `target` option (#3651)
- c9ccc96 fix: respect infastructureLogging.level for client.logging (#3613)
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic