fix(deps): pin dependency koromerzhin-dependencies to 1.3.0 - Githubissues

hackariens / prestashop

0 stars 0 forks source link

fix(deps): pin dependency koromerzhin-dependencies to 1.3.0 #1

Closed renovate[bot] closed 2 years ago

renovate[bot] commented 2 years ago

This PR contains the following updates:

Package	Type	Update	Change
koromerzhin-dependencies	dependencies	pin	`^1.3.0` -> `1.3.0`

Add the preset :preserveSemverRanges to your config if you don't want to pin your dependencies.

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by WhiteSource Renovate. View repository job log here.

guardrails[bot] commented 2 years ago

:warning: We detected 1 security issue in this pull request:

Vulnerable Libraries (1)

Severity | Details ----- | -------- High | [koromerzhin-dependencies@1.3.0](https://github.com/koromerzhin/template-prestashop/blob/70ea43c1400a95aa2c817db25fdd4f07381dabf7/package.json#L24) upgrade to: *>=1.0.1* More info on how to fix Vulnerable Libraries in [JavaScript](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/using_vulnerable_libraries.html?utm_source=ghpr).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.