search

jaebradley / github-portfolio-component

Basic portfolio component for your GitHub projects
https://jaebradley.github.io/github-portfolio-component
MIT License
0 stars 0 forks source link

[Snyk] Security upgrade showdown from 1.8.6 to 1.9.1 #58

Open snyk-bot opened 3 years ago

snyk-bot commented 3 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 686/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3		 Prototype Pollution
SNYK-JS-Y18N-1021887		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: showdown The new version differs by 41 commits.
  • 483e51f release 1.9.1
  • 5cc3fcc update dev dependencies
  • 1cd281f fix(openLinksInNewWindow): add rel="noopener noreferrer" to links
  • 58208e5 update dependencies
  • 8afa1ff release 1.9.0
  • cc1b955 prep release
  • a894a0e docs: add mention to makeMd() to reamde.md
  • e4b0e69 feat(converter.makeMarkdown): add an HTML to MD converter
  • 5c0d67e fix(italicsAndBold): Make italicsAndBold lazy (#608)
  • afbaec9 docs(donations.md): update
  • 0087148 docs(readme.md): update
  • 69b816e docs(completeHTMLDocument): Change completeHTMLDocument comment (#610)
  • a608114 docs(readme.md): update readme.md
  • 9907c95 add md-page to people who use (#604)
  • 3fe5e9a Update DONATIONS.md
  • 012f8d6 Update DONATIONS.md
  • 47428b7 Update README.md
  • c96c3ef Update README.md
  • dc70e68 docs(emoji): Change emoji comment (#611)
  • 0c6f345 fix(italicsAndBold): Make italicsAndBold lazy (#608)
  • e6aeb61 release 1.8.7
  • 828c32f fix(gfm-codeblocks): leading space no longer breaks gfm codeblocks
  • dfeb1e2 fix(mentions): allow for usernames with dot, underscore and dash
  • 79ed024 test: add test for issue 585
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic