search

mattermost / desktop

Mattermost Desktop application for Windows, Mac and Linux
Apache License 2.0
2.03k stars 829 forks source link

[Snyk] Security upgrade electron-mocha from 12.2.0 to 13.0.0 #3141

Closed mm-prodsec-bot closed 2 months ago

mm-prodsec-bot commented 2 months ago

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

Vulnerabilities that will be fixed with an upgrade:

Issue Score
medium severity Cross-site Scripting (XSS)
SNYK-JS-SERIALIZEJAVASCRIPT-6147607		   626  

[!IMPORTANT]

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report 📜 Customise PR templates 🛠 Adjust project settings 📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

mm-cloud-bot commented 2 months ago

@mm-prodsec-bot: Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

I understand the commands that are listed [here](https://chewbacca.core.cloud.mattermost.com/command-help.html)
esarafianou commented 2 months ago

Closing as this is a major bump. We'll investigate disabling major updates.

cc. @enzowritescode