search

atlassian-labs / react-resource-router

Configuration driven routing solution for React SPAs that managesΒ route matching, data fetching and progressive rendering
https://atlassian-labs.github.io/react-resource-router
Apache License 2.0
198 stars 28 forks source link

[Snyk] Security upgrade path-to-regexp from 6.2.1 to 6.3.0 #243

Closed thombergs closed 1 week ago

thombergs commented 2 weeks ago

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

Vulnerabilities that will be fixed with an upgrade:

Issue Score
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHTOREGEXP-7925106		   738  

[!IMPORTANT]

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report πŸ“œ Customise PR templates πŸ›  Adjust project settings πŸ“š Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

πŸ¦‰ Regular Expression Denial of Service (ReDoS)

changeset-bot[bot] commented 2 weeks ago

πŸ¦‹ Changeset detected

Latest commit: 1be7002733e3165bbbfe2dc9979b86998b8f7e49

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package | Name | Type | | --------------------- | ----- | | react-resource-router | Minor |

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR