search

flaviuse / mern-authentication

MERN stack authentication boilerplate: password reset, email verification, server sessions, redux, typescript, hooks and docker for dev and prod.
https://mern-auth-client.herokuapp.com/login
MIT License
439 stars 95 forks source link

[Snyk] Upgrade connected-react-router from 6.9.1 to 6.9.2 #114

Closed snyk-bot closed 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to upgrade connected-react-router from 6.9.1 to 6.9.2.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2332181		 372/1000
Why? Proof of Concept exploit, CVSS 5.3		 Proof of Concept
Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2396346		 372/1000
Why? Proof of Concept exploit, CVSS 5.3		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: connected-react-router
  • 6.9.2 - 2021-11-28

    Security fixes

    • Updated several packages by Dependabot

    Misc

    • Made installation commands in README easy to copy and paste (@ reubenwedsonin #545)
  • 6.9.1 - 2021-02-22

    Fix

from connected-react-router GitHub release notes
Commit messages
Package name: connected-react-router
  • c6609e3 Bump version to 6.9.2
  • 8629b14 update immutable version
  • 5da1f1b Bump tmpl from 1.0.4 to 1.0.5 in /examples/react-native (#542)
  • 3d342fa Bump tmpl from 1.0.4 to 1.0.5 (#541)
  • 22ff15c Made installation commands in README easy to copy and paste (#545)
  • 56fdf00 Bump yargs-parser from 13.1.1 to 13.1.2 in /examples/react-native (#540)
  • e12e12a Bump browserslist from 4.7.2 to 4.17.0 in /examples/immutable (#539)
  • b68ad80 Bump ws from 5.2.2 to 5.2.3 (#537)
  • 665d6e4 Bump tar from 4.4.13 to 4.4.19 in /examples/basic (#536)
  • 60649ef Bump tar from 4.4.13 to 4.4.19 in /examples/typescript (#534)
  • 03c91f7 Bump ws from 6.2.1 to 6.2.2 in /examples/typescript (#519)
  • 7e4187e Bump react-native from 0.60.5 to 0.62.3 in /examples/react-native (#525)
  • ac8b31b Bump url-parse from 1.4.7 to 1.5.3 in /examples/typescript (#538)
  • ae29014 Bump tar from 4.4.13 to 4.4.19 in /examples/immutable (#535)
  • 10dc428 Bump path-parse from 1.0.6 to 1.0.7 in /examples/react-native (#532)
  • 39e1d0e Bump path-parse from 1.0.6 to 1.0.7 in /examples/basic (#531)
  • cd00766 Bump path-parse from 1.0.6 to 1.0.7 in /examples/immutable (#530)
  • 27b296b Bump path-parse from 1.0.6 to 1.0.7 (#529)
  • ee87fbe Bump glob-parent from 5.0.0 to 5.1.2 in /examples/react-native (#520)
  • 0a2e14f Bump dns-packet from 1.3.1 to 1.3.4 in /examples/typescript (#517)
  • a274ef6 Bump browserslist from 4.7.2 to 4.16.6 in /examples/basic (#516)
  • 07d794b Bump browserslist from 4.11.0 to 4.16.6 (#514)
  • ce29de1 Bump hosted-git-info from 2.8.4 to 2.8.9 in /examples/react-native (#508)
  • be55012 Bump lodash from 4.17.19 to 4.17.21 in /examples/react-native (#507)
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs