Closed snyk-bot closed 4 years ago
Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches. Find out more.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Fix it
donaldboulton
commented
4 years ago donaldboulton
commented
4 years ago
Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project.
Changes included in this PR
Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches. Find out more.
Vulnerabilities that will be fixed
With an upgrade:
SNYK-JS-HTTPSPROXYAGENT-469131
SNYK-JS-LODASH-450202
SNYK-JS-LODASHMERGEWITH-174136
With a Snyk patch:
SNYK-JS-LODASH-450202
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic