Open titanism opened 1 month ago
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
🚮 Removed packages: npm/cheerio@0.22.0, npm/core-util-is@1.0.2, npm/css-select@1.2.0, npm/css-what@2.1.3, npm/dom-serializer@0.1.1, npm/domelementtype@1.3.1, npm/domhandler@2.4.2, npm/domutils@1.7.0, npm/entities@1.1.2, npm/htmlparser2@3.10.1, npm/iconv-lite@0.4.24, npm/lodash.assignin@4.2.0, npm/lodash.bind@4.2.1, npm/lodash.defaults@4.2.0, npm/lodash.filter@4.6.0, npm/lodash.flatten@4.4.0, npm/lodash.foreach@4.5.0, npm/lodash.map@4.6.0, npm/lodash.merge@4.6.2, npm/lodash.pick@4.4.0, npm/lodash.reduce@4.6.0, npm/lodash.reject@4.6.0, npm/lodash.some@4.6.0, npm/nth-check@1.0.2, npm/parse5@1.5.1, npm/readable-stream@3.6.0, npm/string_decoder@1.3.0, npm/whatwg-encoding@1.0.5
Snyk has created this PR to fix 1 vulnerabilities in the yarn dependencies of this project.
Snyk changed the following file(s):
package.json
yarn.lock
Note for zero-installs users
If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the
.yarn/cache/
directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to runyarn
to update the contents of the./yarn/cache
directory. If you are not using zero-install you can ignore this as your flow should likely be unchanged.Vulnerabilities that will be fixed with an upgrade:
SNYK-JS-NTHCHECK-1586032
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report 📜 Customise PR templates 🛠 Adjust project settings 📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS)