Open snyk-bot opened 3 years ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3
SNYK-JS-ISSVG-1243891
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: imagemin
The new version differs by 19 commits.- 024fc60 5.0.0
- ff8b4e6 Use promise based API (#162)
- 9058626 Merge pull request #144 from ntwb/ci-nodejs-versions
- 421d832 Merge pull request #146 from jorrit/fix-tests
- 76ee13e Fixes tests by using is() instead of assert()
- 3370a9d CI: Test using NodeJS 0.12.x, 4.x.x, and 5.x.x
- 54785c8 Tweak AppVeyor
- 6a548d0 Follow up the syntax changes in ava 0.7.0
- c1df2f6 tweaks
- ad6aa7a 4.0.0
- 8e31603 return passthrough stream if the optional dep is not installed
- 23aa675 Use object stream explicitly
- ab063fb Fix anchors in readme.md
- e647e59 Bump vinyl-fs from 1.x to 2.x
- a2218f0 Test on the latest stable Node
- 4ad7ab3 test with io.js v3.x on AppVeyor
- 5cced74 Add `sudo: false` to `.travis.yml`
- a2330f4 Small tweaks
- b3992a0 Split API and CLI
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic