likecoin / puttyimages-web

Website for images adopted Like protocol.
https://dev.puttyimages.com/
GNU General Public License v3.0
18 stars 10 forks source link

[Snyk] Security upgrade nuxt from 1.4.1 to 2.0.0 #226

Open snyk-bot opened 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ACORN-559469
Yes No Known Exploit
Commit messages
Package name: nuxt The new version differs by 250 commits.
  • 7a68e1d contributors: Add two new members
  • b69cabe hotfix: use `terser-webpack-plugin` (#3928)
  • e4d7bc7 chore: sync nuxt-legacy and nuxt-start versions
  • a7be634 chore(package): automatically sort dependencies
  • 2f781ea chore(yarn.lock): update postcss-custom-properties to 8.0.4
  • 5c0e9d6 feat: upgade to postcss7 (#3679)
  • 6f5137c chore: upgrade dependencies (babel 7.1) (#3926)
  • 73d1b9d fix: correct typo in "Auth External API" example (#3919)
  • 879ea84 fix: Display stack when unhandled error when generating a route
  • 411bb19 refactor: always use process.client instead of process.browser (#3910)
  • 1c34651 fix: css-loader 1.0 removed alias (#3741)
  • 65432e6 examples: Upgrade to nuxt-edge (#3911)
  • d1f6f0d loading: add throttle option to skip progress for fast loads (#3886)
  • 5af6552 allow plugin in directory with index.js file (#3908)
  • 16898f8 fix: ByLine component props error fixed and other some errors fixed in with-amp example (#3871)
  • 6975655 feat: Overwrite store.registerModule (#3909)
  • 88c9bae feat: add tests to check for changed files (#3893)
  • 2dd2f2a fix: build failure
  • c2cca17 Delete LICENSE.md
  • 034fdab Create LICENSE
  • 0d4f95e readme: Add Tidelift support
  • 226b90d fix: prevent removing project by mistake due to build or generate paths (#3869)
  • 40ad691 chore(release, ci): use npm audit instead of nsp (#3883)
  • 6fc78ea Fix legacy gzip warning (#3884)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic