Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.
Changes included in this PR
Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
package.json
Vulnerabilities that will be fixed
With an upgrade:
Severity
Priority Score (*)
Issue
Breaking Change
Exploit Maturity
661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Recently disclosed, Has a fix available, CVSS 7.5
SNYK-JS-LOADERUTILS-3043105
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: babel-loader
The new version differs by 41 commits.- 1a76476 7.0.0
- 7307226 Point changelog to releases
- 174cb10 Merge branch '7.0'
- 2204871 Add prettier (#409)
- dbec80d Make sure .babelrc is a file, not a directory (#427)
- aa485e4 Use bash codecov (#440)
- 16522b6 yarn.lock
- 660922b Update ava to the latest version 🚀 (#434)
- 5d248b5 Update cross-env to the latest version 🚀 (#431)
- 74ff2e6 Updated documentation to match webpack v2 changes. (#438)
- ed8711d Add note about webpack versions
- a7342de 7.0.0-beta.1
- fb8c271 Merge branch 'fix-options' into 7.0
- 1ed7ff5 Merge branch 'master' into 7.0
- e20f6b6 Changelog for 6.4.1 (#424)
- 87e4e85 target node 4 in preset env (#423)
- 05a31c5 7.0.0-alpha.3
- ad77367 Ensure options are always an object (#413)
- e8aa302 Ensure options are always an object
- b9209e7 7.0.0-alpha.2
- 3f51915 Update yarn.lock
- c18b16a Fix merge conflict
- 906ab55 Merge branch 'master' into 7.0
- 70c8c4a Merge branch 'master' into 7.0
See the full diffPackage name: webpack
The new version differs by 250 commits.- bf4ec9c 3.0.0
- 9feda63 Merge pull request #5028 from webpack/feature/externalize_uglify_plugin
- 49d6e38 Merge pull request #5086 from webpack/ci/node-8
- 3dcb133 OSX test on node.js 8
- f4b8785 Merge pull request #5012 from webpack/TheLarkInn-patch-1
- d26c402 chore(deps): upgrade uglifyjs-webpack-plugin deps to get latest webpack-sources so tests pass
- 3da4f3e Merge pull request #5085 from jbellenger/jbellenger/rawmodule-hash
- 8c9dc14 fix RawModule hashing
- c2c5d73 Update README.md
- 316d4b9 Merge pull request #5084 from timse/remove-duplicate-code
- ae18552 update test case with changed hash due to less clutter in dependencies
- fc20348 unite iteration through modules into one loop
- 083843e remove code that pushes arrays of dependencies into dependencies
- ab636b0 Merge pull request #5075 from andreipfeiffer/master
- 3b3449c Refactor: use const for non reassignable identifier
- 2ba0499 3.0.0-rc.2
- 1769fa2 Merge pull request #5064 from webpack/feature/scope-hoisting-multi-entry
- a73646a Merge pull request #5060 from mikesherov/reason-chunks-as-set
- 28f826a consistent order
- 8a30188 use Set for ModuleReason chunk rewriting
- 5d4ba56 Allow scope hoisting to process modules in multiple chunks
- d6a7594 harmony modules without exports have no exports instead of unknown
- 3ae782d Merge pull request #5049 from KTruong888/ES6_refactoring_multicompiler
- 18cdba8 4099_ES6 refactor lib/MultiCompiler.js
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Prototype Pollution