Open snyk-bot opened 2 years ago
Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches. Find out more.
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
[//]: # (snyk:metadata:{"prId":"e6a59cf8-03ec-4fee-b645-1e48517a552d","prPublicId":"e6a59cf8-03ec-4fee-b645-1e48517a552d...
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches. Find out more.
⚠️ Warning
``` Failed to update the package-lock.json, please update manually before merging. ```Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-ANSIREGEX-1583908
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-BROWSERSLIST-1090194
Why? Proof of Concept exploit, Has a fix available, CVSS 6.5
SNYK-JS-CODECOV-543183
Why? Proof of Concept exploit, Has a fix available, CVSS 6.5
SNYK-JS-CODECOV-548879
Why? Has a fix available, CVSS 6.5
SNYK-JS-CODECOV-585979
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-ENGINEIO-1056749
Why? Has a fix available, CVSS 7.5
SNYK-JS-FILETYPE-2958042
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-GLOBPARENT-1016905
Why? Has a fix available, CVSS 5.4
SNYK-JS-GOT-2932019
Why? Has a fix available, CVSS 5.9
SNYK-JS-JSYAML-173999
Why? Has a fix available, CVSS 8.1
SNYK-JS-JSYAML-174129
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-LODASH-1018905
Why? Proof of Concept exploit, Has a fix available, CVSS 7.2
SNYK-JS-LODASH-1040724
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
SNYK-JS-LODASH-450202
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-LODASH-567746
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
SNYK-JS-LODASH-608086
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
SNYK-JS-LODASH-73638
Why? Proof of Concept exploit, Has a fix available, CVSS 4.4
SNYK-JS-LODASH-73639
Why? Has a fix available, CVSS 5.3
SNYK-JS-NODESASS-1059081
Why? Has a fix available, CVSS 9.8
SNYK-JS-NODESASS-535497
Why? Has a fix available, CVSS 5.9
SNYK-JS-NODESASS-542662
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-NTHCHECK-1586032
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-POSTCSS-1255640
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-PRISMJS-1076581
Why? Has a fix available, CVSS 7.4
SNYK-JS-PRISMJS-1314893
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-PRISMJS-1585202
Why? Has a fix available, CVSS 5.4
SNYK-JS-PRISMJS-2404333
Why? Has a fix available, CVSS 8.3
SNYK-JS-PRISMJS-597628
Why? Proof of Concept exploit, Has a fix available, CVSS 5.6
SNYK-JS-REACTDEVUTILS-1083268
Why? Has a fix available, CVSS 5.3
SNYK-JS-SCSSTOKENIZER-2339884
Why? Has a fix available, CVSS 6.5
SNYK-JS-SHARP-2848109
Why? Has a fix available, CVSS 8.1
SNYK-JS-SHELLQUOTE-1766506
Why? Has a fix available, CVSS 8.2
SNYK-JS-TAR-1536528
Why? Has a fix available, CVSS 8.2
SNYK-JS-TAR-1536531
Why? Has a fix available, CVSS 3.7
SNYK-JS-TAR-1536758
Why? Has a fix available, CVSS 8.5
SNYK-JS-TAR-1579147
Why? Has a fix available, CVSS 8.5
SNYK-JS-TAR-1579152
Why? Has a fix available, CVSS 8.5
SNYK-JS-TAR-1579155
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-TRIM-1017038
Why? Has a fix available, CVSS 7.5
SNYK-JS-TRIMNEWLINES-1298042
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: codecov
The new version differs by 82 commits.- 29dd5b6 3.7.1
- c0711c6 Switch from execSync to execFileSync (#180)
- 5f6cc62 Bump lodash from 4.17.15 to 4.17.19 (#183)
- 0c4d7f3 Merge pull request #182 from codecov/update-readme-badges
- cc5e121 Update depstat image and urls
- b44b44e Update readme with 400 error info (#181)
- bb79335 V3.7.0 (#179)
- 0d7b9b0 Remove `'x-amz-acl': 'public-read'` header (#178)
- eeff4e1 Bump acorn from 5.7.3 to 5.7.4 (#174)
- eb8a527 Merge pull request #172 from RoboCafaz/bugfix/codebuild-pr-parser
- 55d69cd Merge pull request #159 from SaferNodeJS/master
- ef348ec Verify source version before parsing PR
- ebe132e 3.6.5
- 02cf13d [CE-1330] Escaping args (#167)
- e138efe Merge lastest changes
- bac0787 v3.6.4
- 203ff3a Merge pull request #161 from codecov/drazisil-patch-1
- 696562d Merge pull request #147 from iansu/patch-1
- 7856231 v3.6.3
- 96e6d96 Merge pull request #166 from codecov/chore/updates
- c8ea169 update deps
- 7c4cdc4 Merge pull request #149 from aiell0/master
- 62389fa Merge pull request #162 from codecov/dependabot/npm_and_yarn/handlebars-4.5.3
- 73ae008 Add dependabot config
See the full diffPackage name: gatsby
The new version differs by 250 commits.- 2c324f6 chore(release): Publish
- 55c7183 feat(contentful): add support for tables in Rich Text (#33870)
- 053180a fix(gatsby): Better TS compilation error (#35594)
- 0cf0bd9 chore(release): Publish next
- 9a91295 fix(gatsby-plugin-image): fix image flickers (#35226)
- f358dc3 chore(release): Publish next
- 966aca8 feat(gatsby): Improvements to GraphQL TypeScript Generation (#35581)
- 8bad9b3 perf(gatsby): Minify page-data (#35578)
- 39e9840 chore(gatsby): Expose `serverDataStatus` field in SSR type declaration file (#35505)
- ebd63b2 feat(gatsby-source-wordpress): use image cdn for non-resizable images in html (svgs/gifs mainly) (#35529)
- 5e51519 fix(gatsby-source-wordpress): update test deps and fix int tests (#35582)
- 128c7bb feat(gatsby-source-wordpress): always include draft slugs (#35573)
- abc6dca feat(gatsby-plugin-image): add check for node.gatsbyImage in the getImage helper (#35507)
- e51c3a3 chore(release): Publish next
- c9d98a4 feat(gatsby): Initial GraphQL Typegen Implementation (#35487)
- 17cbc7c fix(deps): update minor and patch dependencies for gatsby-source-graphql (#35545)
- 10752ed fix(deps): update dependency fs-extra to ^10.1.0 (#34976)
- 0abdcd6 fix(deps): update dependency coffeescript to ^2.7.0 for gatsby-plugin-coffeescript (#35550)
- 7cda002 fix(deps): update dependency eslint-plugin-import to ^2.26.0 (#35551)
- 3e74a9f fix(deps): update dependency eslint-plugin-react-hooks to ^4.5.0 (#35552)
- fb98116 fix(deps): update minor and patch dependencies for gatsby-source-drupal (#35554)
- c09287a chore(deps): update starters and examples (#35565)
- bf854ca fix(deps): update dependency prop-types to ^15.8.1 for gatsby-link (#35291)
- 71eb414 chore(deps): update dependency typescript to ^4.6.4 (#34984)
See the full diffPackage name: gatsby-plugin-manifest
The new version differs by 250 commits.- f6734b9 chore(release): Publish
- 9a616c0 fix(gatsby): wait for LMDB upserts to finish before emitting ENGINES_READY (#34853) (#34896)
- f5705b9 fix(create-gatsby): Add required deps for theme-ui option (#34885) (#34897)
- 9a579f1 fix(gatsby-core-utils): fix 304 when file does not exists (#34842) (#34888)
- 148d016 fix(gatsby): Remove double enhanced-resolve dep (#34854) (#34889)
- 19b0304 feat(gatsby-core-utils): improve fetch-remote-file (#34758)
- ac1d777 fix(gatsby-source-contentful): avoid confusion of Gatsby node and Contentful node count in logs (#34830)
- ee8c874 refactor(gatsby-source-contentful): remove unnecessary check for existing node (#34829)
- 056b48e test(gatsby): Add a memory test suite command to the memory benchmark (#34810)
- 45cb1f1 chore(release): Publish next
- 4c832bf documentation: Add Third Party Schema (#34820)
- 9f23dec chore(gatsby): cache shouldn't reference nodes strongly (#34821)
- f2d4830 feat(gatsby-core-utils): create proper mutex (#34761)
- 21ef185 chore(changelogs): update changelogs (#34826)
- a2f99af fix(deps): update starters and examples gatsby packages to ^4.7.2 (#34822)
- 76c89d8 chore(release): Publish next
- 54d29c4 chore(gatsby): upgrade from lmdb-store to lmdb (#34576)
- 3df8583 fix(core): Make filter/sort query only hold onto node properties it needs (#34747)
- 3c3362b refactor(core): Make load plugins modular, prepare for TS (#34813)
- 3d74584 feat(gatsby): allow referencing derived types in schema customization (#34787)
- bfd04d3 fix(gatsby): Content Sync DSG bug (#34799)
- 326a483 fix(deps): update dependency sharp to ^0.30.1 (#34755)
- 7b958f9 docs: update typo Forestry (#34805)
- ba8e21c feat(gatsby): Match node manifest pages by page context slug (#34790)
See the full diffPackage name: gatsby-plugin-sharp
The new version differs by 250 commits.- f6734b9 chore(release): Publish
- 9a616c0 fix(gatsby): wait for LMDB upserts to finish before emitting ENGINES_READY (#34853) (#34896)
- f5705b9 fix(create-gatsby): Add required deps for theme-ui option (#34885) (#34897)
- 9a579f1 fix(gatsby-core-utils): fix 304 when file does not exists (#34842) (#34888)
- 148d016 fix(gatsby): Remove double enhanced-resolve dep (#34854) (#34889)
- 19b0304 feat(gatsby-core-utils): improve fetch-remote-file (#34758)
- ac1d777 fix(gatsby-source-contentful): avoid confusion of Gatsby node and Contentful node count in logs (#34830)
- ee8c874 refactor(gatsby-source-contentful): remove unnecessary check for existing node (#34829)
- 056b48e test(gatsby): Add a memory test suite command to the memory benchmark (#34810)
- 45cb1f1 chore(release): Publish next
- 4c832bf documentation: Add Third Party Schema (#34820)
- 9f23dec chore(gatsby): cache shouldn't reference nodes strongly (#34821)
- f2d4830 feat(gatsby-core-utils): create proper mutex (#34761)
- 21ef185 chore(changelogs): update changelogs (#34826)
- a2f99af fix(deps): update starters and examples gatsby packages to ^4.7.2 (#34822)
- 76c89d8 chore(release): Publish next
- 54d29c4 chore(gatsby): upgrade from lmdb-store to lmdb (#34576)
- 3df8583 fix(core): Make filter/sort query only hold onto node properties it needs (#34747)
- 3c3362b refactor(core): Make load plugins modular, prepare for TS (#34813)
- 3d74584 feat(gatsby): allow referencing derived types in schema customization (#34787)
- bfd04d3 fix(gatsby): Content Sync DSG bug (#34799)
- 326a483 fix(deps): update dependency sharp to ^0.30.1 (#34755)
- 7b958f9 docs: update typo Forestry (#34805)
- ba8e21c feat(gatsby): Match node manifest pages by page context slug (#34790)
See the full diffPackage name: gatsby-remark-images
The new version differs by 250 commits.- e98cb62 chore(release): Publish
- 164f9a1 fix(gatsby-source-contentful): De-dupe type names (#30834) (#30850)
- 0b99d00 fix(gatsby): webpack warnings are no longer in object format by default (#30801) (#30853)
- f561724 fix(gatsby): lower memory pressure in SSR (#30793) (#30851)
- 96805d5 fix(gatsby-source-wordpress): change `console.warning` to `console.warn` (#30764) (#30852)
- e40c83d chore(release): Publish next
- a5b5cf8 feat: upgrade to remark 13 (#29678)
- 172cf4d chore(docs): Add link to perf implications siteContext (#30778)
- 4336d04 fix(gatsby-plugin-gatsby-cloud): Add missing index.js (so the plugin can be resolved in workspaces) (#30761)
- 2bdd5a5 fix(gatsby-source-wordpress): only log out duplicate node if we have all the data we want to log (#30751)
- 1a9b830 fix(gatsby-plugin-image): Don't inherit all img styles (#30754)
- e0df4cc chore(docs): Change "whitelist" to "allow list" (#30756)
- 81ec270 chore: Add backport script (#30732)
- 63cc8fa fix(docs): Copy edits for debugging html doc + add React-specific example (#30745)
- eed1d43 fix(docs): Add link to how to enable DEV_SSR for fixing inconsistent css styles between dev/prod (#30746)
- ecd823f perf(gatsby): cache babel config items (#28738)
- a60e92f chore(release): Publish next
- dd9e95c docs(gatsby-plugin-image): Note on tracedSVG options name change (#30736)
- a5869e3 fix(gatsby-plugin-image): Use bare GATSBY___IMAGE global (#30713)
- 0f3fa4e fix(contentful): make gatsby-plugin-image a peer dependency (#30709)
- 6b2fd94 fix(gatsby-source-wordpress): pass missing property helpers to gql fetch util (#30727)
- c6fa488 chore(docs): Update wording of tutorial part 8 (#30606)
- a777367 fix(gatsby-cli): Update docs links in error-map (#30493)
- c473abf chore(docs): include autoprefixer in tailwind install command (#30718)
See the full diffPackage name: gatsby-source-filesystem
The new version differs by 250 commits.- b8eac2d chore(release): Publish
- 3253a38 fix(gatsby-plugin-mdx): Hashing and pluginOptions (#36387) (#36395)
- 1880491 fix(gatsby-script): Reach router import (#36385) (#36394)
- f664ad2 feat(gatsby): Telemetry tracking for Head API (#36352)
- ab55e4e chore: Update `got` (#36366)
- 2b4ff76 fix(gatsby): Make runtime error overlay work in non-v8 browsers (#36365)
- f990e08 fix(test): clear and close lmdb after each test suite (#36343)
- 7fcf580 fix(gatsby): e.remove() is not a function when using Gatsby Head API (#36338)
- 25fb9d1 chore: Fix pipeline tests (#36363)
- a9132a5 chore(deps): update sharp (#35539)
- bc80c23 chore: Add note about rehype-slug-custom-id
- 5b6f1f6 chore(gatsby): upgrade multer (#36359)
- f2f0acf chore(gatsby-telemetry): upgrade git-up (#36358)
- 86a8efc chore(release): Publish next
- 0705ac7 chore(gatsby-plugin-mdx): Update .gitignore
- c92db36 BREAKING CHANGE(gatsby-plugin-mdx): MDX v2 (#35650)
- 3c0dd6d chore(release): Publish next
- 86b6ee9 Revert "chore(gatsby): Make `plugins` in `PluginOptions` type optional (#36351)"
- a2fa5a2 chore(gatsby): Make `plugins` in `PluginOptions` type optional (#36351)
- 6ecfe4a fix(gatsby-source-contentful): Correctly overwrite field type on Assets (#36337)
- 0ed362c chore(docs): Pre-encoded unicode characters can't be used in paths (#36325)
- 2bbe96d fix(deps): update dependency file-type to ^16.5.4 for gatsby-source-filesystem (#36276)
- 2be3fa7 chore(docs): Add first batch of Cloud docs (#36218)
- 4238142 chore(docs): Remove outdated examples and recipes (#36335)
See the full diffPackage name: gatsby-transformer-remark
The new version differs by 250 commits.- e98cb62 chore(release): Publish
- 164f9a1 fix(gatsby-source-contentful): De-dupe type names (#30834) (#30850)
- 0b99d00 fix(gatsby): webpack warnings are no longer in object format by default (#30801) (#30853)
- f561724 fix(gatsby): lower memory pressure in SSR (#30793) (#30851)
- 96805d5 fix(gatsby-source-wordpress): change `console.warning` to `console.warn` (#30764) (#30852)
- e40c83d chore(release): Publish next
- a5b5cf8 feat: upgrade to remark 13 (#29678)
- 172cf4d chore(docs): Add link to perf implications siteContext (#30778)
- 4336d04 fix(gatsby-plugin-gatsby-cloud): Add missing index.js (so the plugin can be resolved in workspaces) (#30761)
- 2bdd5a5 fix(gatsby-source-wordpress): only log out duplicate node if we have all the data we want to log (#30751)
- 1a9b830 fix(gatsby-plugin-image): Don't inherit all img styles (#30754)
- e0df4cc chore(docs): Change "whitelist" to "allow list" (#30756)
- 81ec270 chore: Add backport script (#30732)
- 63cc8fa fix(docs): Copy edits for debugging html doc + add React-specific example (#30745)
- eed1d43 fix(docs): Add link to how to enable DEV_SSR for fixing inconsistent css styles between dev/prod (#30746)
- ecd823f perf(gatsby): cache babel config items (#28738)
- a60e92f chore(release): Publish next
- dd9e95c docs(gatsby-plugin-image): Note on tracedSVG options name change (#30736)
- a5869e3 fix(gatsby-plugin-image): Use bare GATSBY___IMAGE global (#30713)
- 0f3fa4e fix(contentful): make gatsby-plugin-image a peer dependency (#30709)
- 6b2fd94 fix(gatsby-source-wordpress): pass missing property helpers to gql fetch util (#30727)
- c6fa488 chore(docs): Update wording of tutorial part 8 (#30606)
- a777367 fix(gatsby-cli): Update docs links in error-map (#30493)
- c473abf chore(docs): include autoprefixer in tailwind install command (#30718)
See the full diffPackage name: gatsby-transformer-sharp
The new version differs by 250 commits.- f6734b9 chore(release): Publish
- 9a616c0 fix(gatsby): wait for LMDB upserts to finish before emitting ENGINES_READY (#34853) (#34896)
- f5705b9 fix(create-gatsby): Add required deps for theme-ui option (#34885) (#34897)
- 9a579f1 fix(gatsby-core-utils): fix 304 when file does not exists (#34842) (#34888)
- 148d016 fix(gatsby): Remove double enhanced-resolve dep (#34854) (#34889)
- 19b0304 feat(gatsby-core-utils): improve fetch-remote-file (#34758)
- ac1d777 fix(gatsby-source-contentful): avoid confusion of Gatsby node and Contentful node count in logs (#34830)
- ee8c874 refactor(gatsby-source-contentful): remove unnecessary check for existing node (#34829)
- 056b48e test(gatsby): Add a memory test suite command to the memory benchmark (#34810)
- 45cb1f1 chore(release): Publish next
- 4c832bf documentation: Add Third Party Schema (#34820)
- 9f23dec chore(gatsby): cache shouldn't reference nodes strongly (#34821)
- f2d4830 feat(gatsby-core-utils): create proper mutex (#34761)
- 21ef185 chore(changelogs): update changelogs (#34826)
- a2f99af fix(deps): update starters and examples gatsby packages to ^4.7.2 (#34822)
- 76c89d8 chore(release): Publish next
- 54d29c4 chore(gatsby): upgrade from lmdb-store to lmdb (#34576)
- 3df8583 fix(core): Make filter/sort query only hold onto node properties it needs (#34747)
- 3c3362b refactor(core): Make load plugins modular, prepare for TS (#34813)
- 3d74584 feat(gatsby): allow referencing derived types in schema customization (#34787)
- bfd04d3 fix(gatsby): Content Sync DSG bug (#34799)
- 326a483 fix(deps): update dependency sharp to ^0.30.1 (#34755)
- 7b958f9 docs: update typo Forestry (#34805)
- ba8e21c feat(gatsby): Match node manifest pages by page context slug (#34790)
See the full diffPackage name: node-sass
The new version differs by 140 commits.- 3b556c1 7.0.2
- c716359 Bump sass-graph@^4.0.1 (#3292)
- 24741b3 docs(readme): fix docpad plugin link
- 1523330 feat: Drop Node 12
- 365d357 update https://registry.npm.taobao.org to https://registry.npmmirror.com
- 1456114 build(deps): bump actions/upload-artifact from 2 to 3
- b465b69 chore: bump GitHub Actions to Windows 2019 (#3254)
- e6194b1 build(deps): bump make-fetch-happen from 9.1.0 to 10.0.4
- 4edf594 build(deps): bump node-gyp from 8.4.1 to 9.0.0
- 29e2344 build(deps): bump actions/checkout from 2 to 3
- 85b0d22 build(deps): bump actions/setup-node from 2 to 3
- 3bb51da Use make-fetch-happen instead of request (#3193)
- adc2f8b build(deps): bump true-case-path from 1.0.3 to 2.2.1 (#3000)
- 77d12f0 chore: disable Apline for Node 16/17 builds
- 308d533 ci: use Python 3 for Node 12
- c818907 ci: unpin actions/setup-node to v2
- 99242d7 7.0.1
- 77049d1 build(deps): bump sass-graph from 2.2.5 to 4.0.0 (#3224)
- c929f25 build(deps): bump node-gyp from 7.1.2 to 8.4.1 (#3209)
- 918dcb3 Lint fix
- 0a21792 Set rejectUnauthorized to true by default (#3149)
- e80d4af chore: Drop EOL Node 15 (#3122)
- d753397 feat: Add Node 17 support (#3195)
- dcf2e75 build(deps-dev): bump eslint from 7.32.0 to 8.0.0
See the full diffPackage name: prismjs
The new version differs by 250 commits.- 703881e 1.27.0
- 7ac1373 Updated changelog for v1.27.0 (#3342)
- e002e78 Command Line: Escape markup in command line output (#3341)
- 13b56a9 Bump follow-redirects from 1.14.7 to 1.14.8 (#3338)
- f094c4a Bump yargs-parser from 5.0.0 to 5.0.1 (#3334)
- 9fd4c74 Bump ajv from 6.10.0 to 6.12.6 (#3333)
- 3fcca6b Bump pathval from 1.1.0 to 1.1.1 (#3331)
- 1784b17 Command Line: Add support for line continuation and improved colors (#3326)
- f545843 ESLint: Allow `Map` and `Set` in ES5 code (#3328)
- d6c5372 PureBasic: Added missing keyword and fixed constants ending with `$` (#3320)
- 82d0ca1 Command Line: Added span around command and output (#3312)
- 2cc4660 Core: Added better error message for missing grammars (#3311)
- 3f8cc5a Added UO Razor Script (#3309)
- bcb2e2c AutoIt: Allow hyphen in directive (#3308)
- deb3a97 INI: Swap out `header` for `section` (#3304)
- e46501b editorconfig: Change alias of `section` from `keyword` to `selector` (#3305)
- 2eb89e1 Swap out `operator` for `punctuation` (#3306)
- 3a20bdc Bump node-fetch from 2.6.1 to 3.1.1 (#3307)
- 081d515 Bump copy-props from 2.0.4 to 2.0.5 (#3300)
- b90e97c Bump follow-redirects from 1.13.1 to 1.14.7 (#3299)
- 8458c41 MongoDB: Added v5 support (#3297)
- 441a142 Scala: Added support for interpolated strings (#3293)
- 0b6b1e2 1.26.0
- 3ae61a8 Updated changelog for v1.26.0 (#3292)
See the full diffWith a Snyk patch:
Why? Proof of Concept exploit, Has a fix available, CVSS 6.1
SNYK-JS-HTTPSPROXYAGENT-469131
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-LODASH-567746
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
[//]: # (snyk:metadata:{"prId":"e6a59cf8-03ec-4fee-b645-1e48517a552d","prPublicId":"e6a59cf8-03ec-4fee-b645-1e48517a552d...