godaddy / svgs

svgs is a compatiblity layer between svg and react-native-svg
MIT License
191 stars 31 forks source link

[Snyk] Security upgrade prop-types from 15.6.0 to 15.6.2 #58

Closed snyk-bot closed 3 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 591/1000
Why? Recently disclosed, Has a fix available, CVSS 5.9
Denial of Service
SNYK-JS-NODEFETCH-674311
No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: prop-types The new version differs by 23 commits.
  • fa6fbb7 15.6.2
  • 5115f5c Merge pull request #180 from jaller94/master
  • 2ac742c Merge pull request #171 from barrymichaeldoyle/master
  • a7a5a64 Merge pull request #194 from facebook/no-fbjs
  • d6c9c5c Preserve "Invariant Violation" name
  • 07d1b47 Remove fbjs dependency
  • 3c99d57 Remove trailing spaces
  • a36cda8 Move explanation of `isRequired` and show it in `PropTypes.shape`
  • ba3da12 Show that shapes can have required properties
  • 2bde8eb Add example for `PropTypes.exact`
  • d65f80e Updated vars to consts and lets in PropTypesProductionStandalone-test.js
  • c10c93f Updated vars to consts and lets in PropTypesDevelopmentStandalone-test.js
  • 8e2b34e Updated vars to consts and lets in PropTypesDevelopmentReact15.js
  • c5527c8 Updated vars with consts and lets in PropTypesProductionReact15-test.js
  • 7cc8c81 Add 15.6.1 to CHANGELOG
  • 5df7296 15.6.1
  • b7d03ce Point readme to correct docs for production builds (#153)
  • a94243f Update the repository location (#148)
  • 77c62a7 Fix failing tests (#129)
  • 644844c Merge pull request #140 from flarnie/master
  • 0b5db12 Add `CODE_OF_CONDUCT`
  • a6900f0 Add CONTRIBUTING.md
  • 492e230 Update README.md with improved importing for CDNs (#104)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

coveralls commented 4 years ago

Pull Request Test Coverage Report for Build 97


Totals Coverage Status
Change from base Build 70: 0.5%
Covered Lines: 255
Relevant Lines: 255

💛 - Coveralls
3rd-Eden commented 3 years ago

Fixed in 4.2.0