atomist[bot]
commented
3 years ago Pull request auto merged:
- No reviews
- 1 successful check
Closed atomist[bot] closed 3 years ago
atomist[bot]
commented
3 years ago Pull request auto merged:
This pull request fixes security vulnerabilities open on f55693a but 2 moderate vulnerabilities remain open and need manual review.
npm audit fixupdated the following npm dependencies:ansi-regex6.0.0 > 6.0.1Fixed vulnerabilities
Following security vulnerability is fixed:
ansi-regex
Inefficient Regular Expression Complexity in chalk/ansi-regex moderate ·
>=6.0.0 <6.0.1· CVE-2021-3807 · automatic fix availableansi-regex@6.0.0· 1 vulnerable path@atomist/skill > strip-ansi > ansi-regexOpen vulnerabilities
Following security vulnerabilities remain open and need manual review:
ansi-regex
Inefficient Regular Expression Complexity in chalk/ansi-regex moderate ·
>2.1.1 <5.0.1· CVE-2021-3807 · automatic fix availableansi-regex@3.0.0· 4 vulnerable paths@atomist/skill > @graphql-codegen/cli > listr-update-renderer > log-update > wrap-ansi > string-width > strip-ansi > ansi-regex@atomist/skill > @graphql-codegen/cli > listr-update-renderer > log-update > wrap-ansi > strip-ansi > ansi-regex@atomist/skill > @graphql-codegen/cli > listr > listr-update-renderer > log-update > wrap-ansi > string-width > strip-ansi > ansi-regex@atomist/skill > @graphql-codegen/cli > listr > listr-update-renderer > log-update > wrap-ansi > strip-ansi > ansi-regexInefficient Regular Expression Complexity in chalk/ansi-regex moderate ·
>=6.0.0 <6.0.1· CVE-2021-3807 · automatic fix availableansi-regex@6.0.0· 1 vulnerable path@atomist/skill > strip-ansi > ansi-regexFile changed:
package-lock.jsonatomist/npm-vulnerability-scanner-skill · Configure