Closed atomist[bot] closed 3 years ago
This pull request fixes security vulnerabilities open on 840589b but 2 moderate vulnerabilities remain open and need manual review.
npm audit fix updated the following npm dependencies:
npm audit fix
ansi-regex
Following security vulnerability is fixed:
Inefficient Regular Expression Complexity in chalk/ansi-regex moderate · >=6.0.0 <6.0.1 · CVE-2021-3807 · automatic fix available
>=6.0.0 <6.0.1
ansi-regex@6.0.0
@atomist/skill > strip-ansi > ansi-regex
Following security vulnerabilities remain open and need manual review:
Inefficient Regular Expression Complexity in chalk/ansi-regex moderate · >2.1.1 <5.0.1 · CVE-2021-3807 · automatic fix available
>2.1.1 <5.0.1
ansi-regex@3.0.0
@atomist/skill > @graphql-codegen/cli > listr-update-renderer > log-update > wrap-ansi > string-width > strip-ansi > ansi-regex
@atomist/skill > @graphql-codegen/cli > listr-update-renderer > log-update > wrap-ansi > strip-ansi > ansi-regex
@atomist/skill > @graphql-codegen/cli > listr > listr-update-renderer > log-update > wrap-ansi > string-width > strip-ansi > ansi-regex
@atomist/skill > @graphql-codegen/cli > listr > listr-update-renderer > log-update > wrap-ansi > strip-ansi > ansi-regex
File changed:
package-lock.json
atomist/npm-vulnerability-scanner-skill · Configure
Pull request auto merged:
This pull request fixes security vulnerabilities open on 840589b but 2 moderate vulnerabilities remain open and need manual review.
npm audit fix
updated the following npm dependencies:ansi-regex
6.0.0 > 6.0.1Fixed vulnerabilities
Following security vulnerability is fixed:
ansi-regex
Inefficient Regular Expression Complexity in chalk/ansi-regex moderate ·
>=6.0.0 <6.0.1
· CVE-2021-3807 · automatic fix availableansi-regex@6.0.0
· 1 vulnerable path@atomist/skill > strip-ansi > ansi-regex
Open vulnerabilities
Following security vulnerabilities remain open and need manual review:
ansi-regex
Inefficient Regular Expression Complexity in chalk/ansi-regex moderate ·
>2.1.1 <5.0.1
· CVE-2021-3807 · automatic fix availableansi-regex@3.0.0
· 4 vulnerable paths@atomist/skill > @graphql-codegen/cli > listr-update-renderer > log-update > wrap-ansi > string-width > strip-ansi > ansi-regex
@atomist/skill > @graphql-codegen/cli > listr-update-renderer > log-update > wrap-ansi > strip-ansi > ansi-regex
@atomist/skill > @graphql-codegen/cli > listr > listr-update-renderer > log-update > wrap-ansi > string-width > strip-ansi > ansi-regex
@atomist/skill > @graphql-codegen/cli > listr > listr-update-renderer > log-update > wrap-ansi > strip-ansi > ansi-regex
Inefficient Regular Expression Complexity in chalk/ansi-regex moderate ·
>=6.0.0 <6.0.1
· CVE-2021-3807 · automatic fix availableansi-regex@6.0.0
· 1 vulnerable path@atomist/skill > strip-ansi > ansi-regex
File changed:
package-lock.json
atomist/npm-vulnerability-scanner-skill · Configure