Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.
Changes included in this PR
Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
backend/package.json
backend/package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
Severity
Priority Score (*)
Issue
Breaking Change
Exploit Maturity
548/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 3.1
3e83d1d 1be97b106ca9b87308ca4fba2e8d8abf795c9213 dev: Stop calling save state when loading a state
5047dd5 1eddf57e55486c9e69581f14f77a2c3cd58b43f4 Fix: Polyfill for String.prototype.includes
c12b06c af651f6ab12052c1cb5d67cb73ad3284e2c296cb Fix: Add polyfill for Array.prototype.includes as we use it in extensions now and IE11 (which is still supported) does not have Array.prototype.includes
59a8d3f e835ddc5b800c47f7e9e32a91cc522f8ca7ced5c Fix: If an array was passed to the HTML escape entities function it would not have its contents escaped
622f639 a6ece4b2200e305b761f1ba2a893d8bcc5c5cb52 Fix: Language information being loaded in might not take into account the thousands and decimal separator options if using camelCase style
99d21b5 Include types in package.json and correct folder
498cf42 90d756c563582681fce93859952654d814bf1414 Update: Remove `zoom` hacks for IE6
90d260e c786a08db6bf6a8cd9b9da1707bc0f776b380483 Fix: CSS for nested DataTable in a scrolling DataTable would have its sorting icons removed
42ce8d3 bff756573cff460d180af024046fa12173335650 Example: Add a search-side processing example for `-init search.return`.
3fa2389 92eec59cf594ce7aadba5945031e2442c2086136 DEV tweaks to enter key example
ee3318c b732d779fe8861e16fabf41e83c2b5d7ade6e2b2 new: New initialisation option for search on return.
7917d05 f49883e2fd683142fe688f5670908a443d52c856 Fix: Rather than using Bootstrap 5's default row striping (which is 2n+1 based) we need to use the .odd selector to account for injected rows (child rows, rowgroup, etc).
b2d815b 2c9940c023915984f5325b051af6748a887a8431 DEV tweaks to fuzzy search example
9b9b97c 2bef3655d1427404e06a18720ac380ce989dc9b8 new: New example for fuzzySearch - won't work until js file is added to cdn
feee275 99456a13f37aa243e85d008869439d75f3a4c626 Types: Fix for old style `$().dataTable()` init
36e7f99 bf1f0eb31dfdc5b9790c597b8c63bf4876d9c03f Docs: Add Bootstrap 5 to `-init dom`
b47af93 b5287626fe86319a25e1182ddddf8adf17ed7096 Fix: Scrollbar was showing on tables which had a border on the table
3df71f3 0c7ee29e8de948282be59f640be0d7214c184cfa TEST updated tests for DD02036
f074aa4 01128f168f9b2112ea9e565bef0a67d3afcfc1d4 fix: Make requestChild event run before initComplete
4814bf6 aef9c8080d64820cf72b1fe957e36bff8688df5f fix: Fix mistake in docs by removing a third parameter documented in requestChild event that does not exist
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 3.1
SNYK-JS-DATATABLESNET-1540544
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: datatables.net
The new version differs by 193 commits.- d67ca5d Sync tag release - 1.11.3
- 02aee29 79772b97fe6d45af67057cc13fa6af3f00c873ea 1.11.3 release
- 0ba589b 148ef5aaad0ebbafab2afd5b52e30b09b509301b remove debug
- 3e83d1d 1be97b106ca9b87308ca4fba2e8d8abf795c9213 dev: Stop calling save state when loading a state
- 5047dd5 1eddf57e55486c9e69581f14f77a2c3cd58b43f4 Fix: Polyfill for String.prototype.includes
- c12b06c af651f6ab12052c1cb5d67cb73ad3284e2c296cb Fix: Add polyfill for Array.prototype.includes as we use it in extensions now and IE11 (which is still supported) does not have Array.prototype.includes
- 59a8d3f e835ddc5b800c47f7e9e32a91cc522f8ca7ced5c Fix: If an array was passed to the HTML escape entities function it would not have its contents escaped
- 7e67f10 eb374d15c81375eb82eca6f16a27ecf2b86f0701 Release 1.11.2
- 267d3bf 45b675ba154e93eae3087811c7cd36675c953b10 dev: Only set start position internal property on initialisation
- 90940b2 e5bbe90f5ddb2e0016f6d8c158390b046c7d923a dev: Need columns visibility to be restoreable when using statesave not at initialisation
- d237bed a9f7bdf49784b713583995c0fd1863a279ed6533 return true from loadstate function
- ac873b2 1ae8c6893bd43961c55c3d0dff4a409bbffde3a5 TEST updated case number for disabled tests (was using the old bug tracker)
- 3eb5dab d4d67505a6a80b5645bb1078037e3bcd14816070 update: Move implementstate function so that it is available from the outside
- b5bd164 2496e827205d7a138c2da4456c4926c7bc6c00f8 test: revert the previous commit to add an afterall
- 7980ff7 485a1cff8910a8f953fab52d8950aafba1c92d75 test: Fix issue with tests not cleaning up nicely when they finish
- 3fbab9a b2b0ae8f214878fe08bc3f507624584cb6d3b242 fix: Fix issue with internal function not retrieving filter data where appropriate
- 2d7d3e1 Sync tag release - 1.11.2
- 691e7fc b231df3c8fdf73ee04bcd2a6b75bb94e94322a74
- 46aa22b Update datatables.json to include js files
- d2daf5e b231df3c8fdf73ee04bcd2a6b75bb94e94322a74 TEST changes to support StateRestore
- b72bdde d06d068a421fe57e888d6270166579812f0c2cbd
- 9bd642e d06d068a421fe57e888d6270166579812f0c2cbd
- 5a4328f Sync tag release - 1.11.1
- c13e9aa d06d068a421fe57e888d6270166579812f0c2cbd DataTables 1.11.1
See the full diffPackage name: datatables.net-bs4
The new version differs by 163 commits.- dfc7316 Sync tag release - 1.11.0
- 622f639 a6ece4b2200e305b761f1ba2a893d8bcc5c5cb52 Fix: Language information being loaded in might not take into account the thousands and decimal separator options if using camelCase style
- be7648d 2fbd02e4f168a5b5a4f5e9a7a935230ffc694e05 Readme: Update package manager section
- 190736d 82e29b70c11f82a33c180362fcb7680f6032a624
- 99d21b5 Include types in package.json and correct folder
- 498cf42 90d756c563582681fce93859952654d814bf1414 Update: Remove `zoom` hacks for IE6
- 90d260e c786a08db6bf6a8cd9b9da1707bc0f776b380483 Fix: CSS for nested DataTable in a scrolling DataTable would have its sorting icons removed
- 42ce8d3 bff756573cff460d180af024046fa12173335650 Example: Add a search-side processing example for `-init search.return`.
- 3fa2389 92eec59cf594ce7aadba5945031e2442c2086136 DEV tweaks to enter key example
- ee3318c b732d779fe8861e16fabf41e83c2b5d7ade6e2b2 new: New initialisation option for search on return.
- 7917d05 f49883e2fd683142fe688f5670908a443d52c856 Fix: Rather than using Bootstrap 5's default row striping (which is 2n+1 based) we need to use the .odd selector to account for injected rows (child rows, rowgroup, etc).
- b2d815b 2c9940c023915984f5325b051af6748a887a8431 DEV tweaks to fuzzy search example
- 9b9b97c 2bef3655d1427404e06a18720ac380ce989dc9b8 new: New example for fuzzySearch - won't work until js file is added to cdn
- feee275 99456a13f37aa243e85d008869439d75f3a4c626 Types: Fix for old style `$().dataTable()` init
- b6fd977 e1c071b8e2b3e4ce6d3e508f4851c3a2c8ee9744 Types: Fix jQuery definitions
- 50892ec 6cd6387e6a0c32c3c83f3a91c34ae3eda4cc5fcb Types: Typing for selectors and passing around the data type more
- a5f82a9 4d9ddb4ac48674f01c432d0488e1884db5308d69 Types: Row data type information can be passed around now
- 33c5891 95508a92b2a5c638afbee859e774cd57dab7e135 Docs: Fix names of new static get/set methods
- 06346bc d34661c11a58978b17afdc27bea78acfc5458444 Fix: Remove superflous aria roles
- 36e7f99 bf1f0eb31dfdc5b9790c597b8c63bf4876d9c03f Docs: Add Bootstrap 5 to `-init dom`
- b47af93 b5287626fe86319a25e1182ddddf8adf17ed7096 Fix: Scrollbar was showing on tables which had a border on the table
- 3df71f3 0c7ee29e8de948282be59f640be0d7214c184cfa TEST updated tests for DD02036
- f074aa4 01128f168f9b2112ea9e565bef0a67d3afcfc1d4 fix: Make requestChild event run before initComplete
- 4814bf6 aef9c8080d64820cf72b1fe957e36bff8688df5f fix: Fix mistake in docs by removing a third parameter documented in requestChild event that does not exist
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic