search

YIZHUANG / react-multi-carousel

A lightweight production-ready Carousel that rocks supports multiple items and server-side rendering with no dependency. Bundle size 2kb.
MIT License
1.25k stars 286 forks source link

[Snyk] Security upgrade snyk from 1.278.2 to 1.324.0 #365

Open snyk-bot opened 1 year ago

snyk-bot commented 1 year ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 643/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5		 Improper Input Validation
SNYK-JS-PARSEURL-3024398		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: snyk The new version differs by 250 commits.
  • b13e371 Merge pull request #1126 from snyk/chore/drop-git-url-parse
  • dd86bc9 feat: remove git-url-parse dependency
  • 2e7ae94 Merge pull request #1134 from snyk/fix/check-image-name
  • 48cbf4a fix: add check if image name undefined
  • 96b6f5a Merge pull request #1129 from snyk/fix/docker-ignore-project-name-oveerride
  • 9d4df01 fix: do not ignore project name override for container projects
  • 2f686a9 Merge pull request #1124 from snyk/fix/include_command_container_as_alias
  • 6bc0085 feat: include command "container" as alias for option "--docker"
  • 95369bd Merge pull request #1125 from snyk/feat/upstream-update-notifier
  • a34b8d5 feat: switch back to upstream configstore
  • eaac36c test: update-notifier fetches info
  • 366c687 feat: switch back to upstream update-notifier
  • 0eabdcf Merge pull request #1123 from snyk/feat/upgrade-nuget
  • ce6940d Merge pull request #1121 from snyk/fix/show-better-error-pip
  • c6c58ba feat: upgrade nuget-plugin, removing core-js
  • d437796 fix: suggest --skip-unresolved for python test
  • bb1c874 Merge pull request #1118 from snyk/fix/wrong-path-multi-project
  • 274618e fix: wrong path to display better test results
  • 6e7fb38 Merge pull request #1119 from snyk/fix/enable-mvn-logging
  • 5414755 fix: enable mvn plugin logging when running with -d
  • 505720d Merge pull request #1117 from snyk/chore/release-notes-review-fix
  • 649c770 chore: release notes preview fix.
  • 6e448ca Merge pull request #1114 from snyk/chore/run-tests-on-linux
  • 9b31d2b Merge pull request #1113 from snyk/fix/circle-to-run-npm-test
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.