search

hubtype / botonic

Build chatbots and conversational experiences using React
https://botonic.io
MIT License
519 stars 76 forks source link

[Snyk] Upgrade zip-a-folder from 3.1.6 to 3.1.7 #2890

Closed gbarba closed 1 month ago

gbarba commented 1 month ago

snyk-top-banner

Snyk has created this PR to upgrade zip-a-folder from 3.1.6 to 3.1.7.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Server-side Request Forgery (SSRF)
SNYK-JS-AXIOS-7361793		 619 Proof of Concept
medium severity Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116		 619 Proof of Concept
Release notes
Package name: zip-a-folder
  • 3.1.7 - 2024-06-17
  • 3.1.6 - 2024-01-10
from zip-a-folder GitHub release notes

[!IMPORTANT]

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

github-actions[bot] commented 1 month ago

Test Results

30 tests  Β±0   30 :white_check_mark: Β±0   5m 9s :stopwatch: +9s  6 suites Β±0    0 :zzz: Β±0   1 files   Β±0    0 :x: Β±0 

Results for commit 67f66ebd. ± Comparison against base commit e84183ab.