Open andrewmkrug opened 1 week ago
Hi andrewmkrug! Thank you for contributing to Dashy! โจ
When updating dependencies, take a moment to verify that there are not security issues associated with any added or modified packages. If adding a new dependency, ensure that it is totally necessary, and check the packages size is not too large, as this will increase overall bundle size.
I'm a bot, and this is an automated comment ๐ค
yarn.lock
changesName | Link |
---|---|
Latest commit | 4f9c659973e036f7028b16eceeaa6914848f5581 |
Latest deploy log | https://app.netlify.com/sites/peppy-choux-edbc1e/deploys/66dad398408ba70008845864 |
Deploy Preview | https://deploy-preview-184--peppy-choux-edbc1e.netlify.app |
Preview on mobile | Toggle QR Code...Use your smartphone camera to open QR code link. |
To edit notification comments on pull requests, go to your Netlify site configuration.
New and removed dependencies detected. Learn more about Socket for GitHub โ๏ธ
Package | New capabilities | Transitives | Size | Publisher |
---|---|---|---|---|
npm/axios@1.7.7 | network | 0 |
2.14 MB | jasonsaayman |
npm/follow-redirects@1.15.9 | None | 0 |
29.9 kB | olalonde, rubenverborgh |
npm/proxy-from-env@1.1.0 | environment | 0 |
29.5 kB | rob-w |
๐ฎ Removed packages: npm/axios@0.27.2), npm/follow-redirects@1.15.1), npm/node-forge@0.10.0)
Snyk has created this PR to fix 2 vulnerabilities in the yarn dependencies of this project.
Snyk changed the following file(s):
package.json
yarn.lock
Note for zero-installs users
If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the
.yarn/cache/
directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to runyarn
to update the contents of the./yarn/cache
directory. If you are not using zero-install you can ignore this as your flow should likely be unchanged.Vulnerabilities that will be fixed with an upgrade:
SNYK-JS-FOLLOWREDIRECTS-6141137
SNYK-JS-FOLLOWREDIRECTS-6444610
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: ๐ง View latest project report ๐ Customise PR templates ๐ Adjust project settings ๐ Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
๐ฆ Improper Input Validation