Open svc-ast-gh-snyk5 opened 11 months ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Improper Input Validation
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Recently disclosed, Has a fix available, CVSS 5.3
SNYK-JS-POSTCSS-5926692
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: postcss-import
The new version differs by 98 commits.- 7cdbb2b 13.0.0
- a189892 Update dependency sugarss to v3 (#433)
- 64d57af Update dependency postcss-scss to v3 (#431)
- 4fb6746 Update dependency postcss-value-parser to v4 (#423)
- 19632bc Update dependency prettier to v2 (#419)
- c5679db Add support for postcss v8 (#432)
- d288ea3 BREAKING: Require Node 10 or later; update CI config (#429)
- 21ad9eb Configure Renovate (#411)
- 614fb64 Fix linting
- 3a7f728 Update prettier to version 1.19.1 (#408)
- 7680182 Update prettier to version 1.18.0 (#398)
- 25013d6 chore(package): update prettier to version 1.17.0 (#393)
- 87f4320 Update eslint-plugin-import to version 2.17.1 (#395)
- 56516e7 Actually fix sourcmap test
- 93b7af8 Fix sourcemap tests
- d68f50a Update ava to version 1.0.1 (#384)
- 00e2d03 Update LICENSE (#383)
- eb7ff85 Update prettier to version 1.15.0 (#382)
- 397cc44 12.0.1
- 67f4553 Set plugin property on dependency messages (#380)
- f98dd1a Update eslint-plugin-prettier to version 3.0.0 (#377)
- 85c7e6a Update sugarss to version 2.0.0 (#375)
- a9a7ab2 Loosen prettier dependency to use ~ instead of pinning versions
- 20dd08f Remove npmpub; doesn't work with npm 2FA --otp
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Improper Input Validation