Open snyk-bot opened 3 years ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: đ§ View latest project report
đ Adjust project settings
đ Read more about Snyk's upgrade and patch logic
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Recently disclosed, Has a fix available, CVSS 7.3
SNYK-JS-MQUERY-1050858
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: mquery
The new version differs by 10 commits.- eeaa57c chore: release 3.2.3
- 792e69f fix(utils): avoid copying special properties like `__proto__` when merging and cloning
- 2268a48 Merge pull request #118 from aheckmann/dependabot/npm_and_yarn/mongodb-3.6.1
- 658f66a chore(deps-dev): bump mongodb from 3.1.1 to 3.6.1
- e68f8e1 chore: add tidelift disclosure
- 6d3e0c7 chore: release 3.2.2
- b36dfd8 fix: dont re-call setOptions() when pulling base class options
- d8d94f8 chore: remove istanbul and use eslint 5.x
- ec0f83f chore: get rid of package-lock.json
- 6bd88b7 travis; update node versions
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
đ§ View latest project report
đ Adjust project settings
đ Read more about Snyk's upgrade and patch logic