Open rameshsubramania opened 3 weeks ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: π§ View latest project report
π Adjust project settings
π Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
π¦ Cross-site Scripting (XSS)
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.2
SNYK-JS-DOMPURIFY-8184974
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: swagger-ui
The new version differs by 250 commits.- 04bbeaa fix(config): define missing default options and their types (#9949)
- 10e1a5f fix(swagger-client): fix OpenAPI 3.1.0 dereferencing (#9950)
- fddb2e1 chore(deps-dev): bump sinon from 17.0.2 to 18.0.0 (#9942)
- d5e56e5 chore(deps-dev): bump sass from 1.77.1 to 1.77.2 (#9944)
- 9477492 chore(deps): bump dompurify from 3.1.2 to 3.1.3 (#9943)
- 85c0122 chore(release): cut the v5.17.10 release
- b5c84f4 fix(oas31): fix re-rendering of the Webhooks component (#9938)
- 6d2b88e chore(deps-dev): bump sass from 1.77.0 to 1.77.1 (#9939)
- fc1834c chore(deps-dev): bump postcss-preset-env from 9.5.12 to 9.5.13 (#9940)
- 9037acf fix(components): add support for oneOf/anyOf JSON Schema keywords in parameter-row rendering (#9934)
- dcc87aa chore(deps-dev): bump postcss-preset-env from 9.5.11 to 9.5.12 (#9933)
- b667130 chore(deps-dev): bump rimraf from 5.0.5 to 5.0.7 (#9932)
- 721b5d9 chore(release): cut the v5.17.9 release
- 335372d fix(deps): allow to consolidate deps in downstream projects (#9930)
- 48abfde chore(release): cut the v5.17.8 release
- 94f2d82 fix(components): fix rendering for empty examples in responses (#9926)
- a99be53 chore(deps): bump swagger-client from 3.27.7 to 3.27.8 (#9927)
- 9115678 chore(deps-dev): bump cypress from 13.8.1 to 13.9.0 (#9925)
- 6030483 chore(release): cut the v5.17.7 release
- a3aad9b chore(deps-dev): bump sinon from 17.0.1 to 17.0.2 (#9923)
- 450bb99 fix(json-schema-5): allow collapsing for primitive models (#9639)
- 1367a8f fix(components): render parameter extensions in the description column (#9883)
- 0dd9afa fix: render null values included in enum (#9683)
- 11a6ec8 chore(deps-dev): bump sass from 1.76.0 to 1.77.0 (#9920)
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
π§ View latest project report
π Adjust project settings
π Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
π¦ Cross-site Scripting (XSS)