Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
✨What is Merge Advice?
We check thousands of dependency upgrade pull requests and CI tests every day to see which upgrades were successfully merged. After crunching this data, we give a recommendation on how safe we think the change is for you to merge without causing issues. Learn more, and share your feedback to help improve this feature. 🙏
Changes included in this PR
Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
package.json
package-lock.json
Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches.
Find out more.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
✨What is Merge Advice?
We check thousands of dependency upgrade pull requests and CI tests every day to see which upgrades were successfully merged. After crunching this data, we give a recommendation on how safe we think the change is for you to merge without causing issues. Learn more, and share your feedback to help improve this feature. 🙏Changes included in this PR
Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches. Find out more.
Vulnerabilities that will be fixed
With an upgrade:
SNYK-JS-HANDLEBARS-567742
Commit messages
Package name: hbs
The new version differs by 29 commits.With a Snyk patch:
SNYK-JS-LODASH-567746
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic