Utility to allow customers to migrate existing NRQL-based Loss of Signal conditions into a compliant state with upcoming Loss of Signal Detection capabilities.
Apache License 2.0
1
stars
4
forks
source link
[Snyk] Security upgrade lodash from 4.17.20 to 4.17.21 #16
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.
Changes included in this PR
Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
package.json
package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
Severity
Priority Score (*)
Issue
Breaking Change
Exploit Maturity
658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3
SNYK-JS-LODASH-1018905
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.2
SNYK-JS-LODASH-1040724
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: lodash
The new version differs by 1 commits.Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: š§ View latest project report
š Adjust project settings
š Read more about Snyk's upgrade and patch logic