Closed snyk-bot closed 2 years ago
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.
Already bumped.
horner
commented
2 years ago horner
commented
2 years ago
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
SNYK-JS-NODEGIT-542720
SNYK-JS-NODEGIT-542721
SNYK-JS-NODEGIT-542722
SNYK-JS-NODEGIT-542723
Commit messages
Package name: nodegit
The new version differs by 9 commits.- bdae091 Fix workflow for node 8 npm issue
- 0de3294 Bump to v0.26.3
- 36856a1 Merge pull request #1743 from implausible/security-fixes
- b5769a2 Bring in security patches from libgit2
- 1047f66 Bupm to v0.26.2
- 0683f2b Update README.md for inactive maintainers
- b66dd42 Merge pull request #1728 from implausible/feature/commit-walk-commit-models
- d7c9860 Use const qualifier more; use static_cast for void *
- 6ecd368 commitWalk optionally returns plain objects with gpgSignature data
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.