:warning: We detected 14 security issues in this pull request:
Vulnerable Libraries (14)
Severity | Details
----- | --------
Medium | [browserslist@4.16.3](https://github.com/koromerzhin/template-vuejs/blob/08c20bc9522e10f004a64d0a9380c11b106a217f/package-lock.json) (t) upgrade to: *>4.16.4*
High | [dns-packet@1.3.1](https://github.com/koromerzhin/template-vuejs/blob/08c20bc9522e10f004a64d0a9380c11b106a217f/package-lock.json) (t) upgrade to: *>=1.3.2*
High | [follow-redirects@1.13.3](https://github.com/koromerzhin/template-vuejs/blob/08c20bc9522e10f004a64d0a9380c11b106a217f/package-lock.json) (t) upgrade to: *>1.14.7*
Medium | [postcss@7.0.35](https://github.com/koromerzhin/template-vuejs/blob/08c20bc9522e10f004a64d0a9380c11b106a217f/package-lock.json) (t) upgrade to: *>7.0.35*
High | [postcss-svgo@4.0.2](https://github.com/koromerzhin/template-vuejs/blob/08c20bc9522e10f004a64d0a9380c11b106a217f/package-lock.json) (t) upgrade to: *>5.0.0-rc.2*
Critical | [url-parse@1.5.1](https://github.com/koromerzhin/template-vuejs/blob/08c20bc9522e10f004a64d0a9380c11b106a217f/package-lock.json) (t) upgrade to: *>1.5.8*
High | [webpack@4.46.0](https://github.com/koromerzhin/template-vuejs/blob/08c20bc9522e10f004a64d0a9380c11b106a217f/package-lock.json) (t) upgrade to: *>4.46.0*
High | [webpack-dev-server@3.11.2](https://github.com/koromerzhin/template-vuejs/blob/08c20bc9522e10f004a64d0a9380c11b106a217f/package-lock.json) (t) upgrade to: *>4.7.2*
Medium | [ws@6.2.1](https://github.com/koromerzhin/template-vuejs/blob/08c20bc9522e10f004a64d0a9380c11b106a217f/package-lock.json) (t) upgrade to: *>6.2.1*
Critical | [eventsource@1.0.7](https://github.com/koromerzhin/template-vuejs/blob/08c20bc9522e10f004a64d0a9380c11b106a217f/package-lock.json) (t) upgrade to: *>=1.1.1*
Critical | [html-webpack-plugin@3.2.0](https://github.com/koromerzhin/template-vuejs/blob/08c20bc9522e10f004a64d0a9380c11b106a217f/package-lock.json) (t) upgrade to: *>3.2.0*
High | [renderkid@2.0.5](https://github.com/koromerzhin/template-vuejs/blob/08c20bc9522e10f004a64d0a9380c11b106a217f/package-lock.json) (t) upgrade to: *>2.0.5*
Critical | [shell-quote@1.7.2](https://github.com/koromerzhin/template-vuejs/blob/08c20bc9522e10f004a64d0a9380c11b106a217f/package-lock.json) (t) upgrade to: *>1.7.2*
High | [terser@4.8.0](https://github.com/koromerzhin/template-vuejs/blob/08c20bc9522e10f004a64d0a9380c11b106a217f/package-lock.json) (t) upgrade to: *>=4.8.1*
More info on how to fix Vulnerable Libraries in [JavaScript](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/using_vulnerable_libraries.html?utm_source=ghpr#).
This PR contains the following updates:
1.2.5
->1.2.6
GitHub Vulnerability Alerts
CVE-2021-44906
Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).
Configuration
π Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.