search

jaebradley / react-contact-information

Simple React component for contact information
https://jaebradley.github.io/react-contact-information
MIT License
0 stars 0 forks source link

[Snyk] Security upgrade reactstrap from 5.0.0-beta to 5.0.0 #53

Open snyk-bot opened 3 years ago

snyk-bot commented 3 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-1023599		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: reactstrap The new version differs by 37 commits.
  • ca970cb chore(release): adding 5.0.0
  • 6ec3174 fix(Modal): don't add or remove multi body classes
  • 0a15fe7 fic(Carousel): fix animation direction when using `CarouselIndicators` (#749)
  • 21663c9 chore(readme): add react-reduction link to "in the wild" (#912)
  • 059e7d8 chore(docs): button group spacing (#911)
  • bf3367e test(utils): add missing tests (#917)
  • 7faa32a fix(Modal): Ensure that `this._element` exists before removing it. (#916)
  • 113e6d3 align the dropdown menu for NavbarExampleSource to the right (#922)
  • c89bdea chore(release): adding 5.0.0-beta.3
  • d2ee12d chore(react-popper): upgrade to ^0.8.3 (#914)
  • baa2fa8 docs(*): Add innerRef. (#876)
  • f6aacfa feat(Modal): pass event object to toggle prop (#903)
  • b1f6005 fix(popper): pass event object to toggle prop (#907)
  • dc3bd1a docs(install): Use the minified version of Bootstrap CSS (#900)
  • 45de5c5 feat(Dropdown): Add active prop to Dropdown (#895)
  • 0648cc2 chore(release): adding 5.0.0-beta.2
  • b515e6b chore(build): downgrade react-popper to fix build
  • eaad65e Merge pull request #862 from crissdev/fix-inputgroup-page
  • 95ca7d0 docs(InputGroup): fix InputGroup page is broken (#861)
  • 1493aaf docs(InputGroupAddon): Update example and doc (#833)
  • ba8fc39 feat(Input): add invalid prop (#858)
  • 9c1b71a feat(Modal): add ability to have external content (#854)
  • 7887364 fix(Col): pass cssModule to mapToCSSModules not push (#857)
  • 3484dc3 feat(Modal) Add centered prop to trigger modal-dialog-centered class (#852)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic