eloquence / lib.reviews

A free/libre code and information platform for reviews of anything
Creative Commons Zero v1.0 Universal
173 stars 13 forks source link

[Snyk] Fix for 1 vulnerabilities #236

Closed snyk-bot closed 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
medium severity Prototype Pollution
SNYK-JS-DOTPROP-543489
No Proof of Concept
Commit messages
Package name: snyk The new version differs by 250 commits.
  • bc4074a Merge pull request #990 from snyk/fix/dot-prop-vuln-update
  • b74bbe2 fix: use @snyk/update-notifier instead of update-notifier
  • 93845d9 fix: use @snyk/configstore instead of configstore
  • 2c21f03 Merge pull request #984 from snyk/feat/bump-python-plugin
  • 3c06cb6 feat: use latest python plugin
  • 899482f Merge pull request #987 from snyk/robpickerill-master
  • 08cf57d Merge pull request #989 from snyk/feat/report-java-and-mvn-version
  • 98a7031 fix: correct object path to mvn and java version
  • 42fa08c Merge pull request #988 from snyk/feat/report-java-and-mvn-version
  • 23cbd4c feat: add java and maven version to analytics
  • 456696d chore: fix small typo gradle => docker in the README
  • eea5146 Merge pull request #983 from snyk/chore/add-targetfile-to-test-logs
  • e08bc8f Merge pull request #964 from snyk/feat/add-python-to-auto-detect
  • e1651dd feat: add python to auto manifest discovery
  • c25a142 feat: push `targetFileRelativePath` to registry payload
  • c52e45a Merge pull request #982 from snyk/fix/auto-detect-help-text
  • 1f1fd72 fix: move --all-projects help text
  • a295643 Merge pull request #978 from snyk/feat/add-paket-to-all-projects
  • b169bd7 Merge pull request #981 from snyk/chore/update-readme-links
  • db34336 feat: enable paket to be autodetected with --all-projects
  • ff2ee39 Merge pull request #977 from snyk/feat/auto-detect-golang
  • 263fc72 chore: update docs for Python Docker
  • 0bbeda5 Merge pull request #979 from snyk/fix/add-jar-scanning-flag
  • d282b35 Merge pull request #980 from snyk/fix/move-docker-json-before-lang-args
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

eloquence commented 4 years ago

(Resolved via manual update)