search

flaviuse / mern-authentication

MERN stack authentication boilerplate: password reset, email verification, server sessions, redux, typescript, hooks and docker for dev and prod.
https://mern-auth-client.herokuapp.com/login
MIT License
439 stars 95 forks source link

[Snyk] Upgrade yup from 0.32.9 to 0.32.11 #113

Closed snyk-bot closed 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to upgrade yup from 0.32.9 to 0.32.11.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2332181		 372/1000
Why? Proof of Concept exploit, CVSS 5.3		 Proof of Concept
Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2396346		 372/1000
Why? Proof of Concept exploit, CVSS 5.3		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: yup from yup GitHub release notes
Commit messages
Package name: yup
  • d072af3 Publish v0.32.11
  • 2015c0f fix: dep ranges
  • 846161e Publish v0.32.10
  • 1d767b4 chore: fix ts compilation
  • 2778b88 Merge pull request #1483 from jquense/bug-bash
  • 4bdc4e4 chore: bump deps and clean up tooling
  • 5334349 fix: carry over excluded edges when concating objects
  • f3056f2 fix: missing transforms on concat
  • 03584f6 feat: add resolved to params (#1437)
  • 7842afb fix: oneOf, notOneOf swallowing multiple errors (#1434)
  • 7576cd8 feat: add types to setLocale (#1427)
  • eab974f Update typescript.md
  • 877f777 chore(deps): update dependency lint-staged to v11 (#1359)
  • 94cfd11 feat: allows custom types to be passed to avoid cast to ObjectSchema (#1358)
  • 70d0b67 fix: update lodash/lodash-es to fix CVEs flagged in 4.17.20 (#1334)
  • acbb8b4 fix(utils): use named functions for default exports (#1329)
  • 5eda549 fix: prevent unhandled Promise rejection when returning rejected Promise inside test function (#1327)
  • 91ace1e fix: SchemaOf<>'s treatment of Date objects. (#1305)
  • 0fca0a4 docs: clarify wording
  • 4c17508 fix: fix the typo for the array length validation (#1287)
  • bbd44d0 chore(deps): update dependency husky to v5 (#1251)
  • 357ffa4 docs: Fix typo (#1272)
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs