[Snyk] Security upgrade yup from 0.22.1 to 0.28.2 - Githubissues

codingfriend1 / Feathers-Vue

A boiler plate template using Feathers with Email Verification, Vue 2 with Server Side Rendering, stylus, scss, jade, babel, webpack, ES 6-8, login form, user authorization, and SEO

MIT License

197 stars 48 forks source link

[Snyk] Security upgrade yup from 0.22.1 to 0.28.2 #25

Open snyk-bot opened 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	883/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 9.8	Prototype Pollution SNYK-JS-PROPERTYEXPR-598800	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: yup

The new version differs by 174 commits.

8eb03a0 Publish v0.28.2
27e5d68 fix: bump deps, including property-expr for CSP compatible version
e29373d WIP
ad0f073 feat: Add defined() validation to mix (#637)
092a143 docs: fix some typos in the README (#769)
d964642 docs: typo (#765)
053e95f Publish v0.28.1
0302359 chore: clean up build config
c2f307f fix: use lodash-es instead of regular lodash (#756)
033aa83 docs: fix typo in README.md (#762)
820f910 Update README.md
402874a fix: date strings before 1970 too (#748)
7036522 feat: add ESM build (#738)
38841c8 docs: mention the special role of `undefined` in `mixed.oneOf` (#727)
df4976e docs: fix typo (#719)
36e80cf Publish v0.28.0
796ee16 Publish v0.28.0
ab4bada Update bug_report.md
e6e5d5a docs: optional params property in createError (#709)
1426fec docs: fix typo (#681)
4bea2f1 docs: fix typo (#643)
d31e34d fix: array path resolve for descendants (#669)
0d14827 fix: unix epoc bug in date parser (#655)
5f1a3d4 docs: add setLocale examples with functions. (#645)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic