search

newrelic / nr1-how-to

Starter applications for programmability how to examples
5 stars 6 forks source link

[Snyk] Upgrade @newrelic/nr1-community from 1.0.1 to 1.2.0 #34

Open snyk-bot opened 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to upgrade @newrelic/nr1-community from 1.0.1 to 1.2.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Regular Expression Denial of Service (ReDoS)
SNYK-JS-NORMALIZEURL-1296539		 375/1000
Why? CVSS 7.5		 No Known Exploit
Prototype Pollution
SNYK-JS-MINIMIST-2429795		 375/1000
Why? CVSS 7.5		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: @newrelic/nr1-community
  • 1.2.0 - 2020-06-09
    • feat: New component GenericError
    • chore: maintenance improvements to EmptyState
    • fix(demo): Timeline display error
  • 1.1.1 - 2020-03-23
  • 1.1.0 - 2020-03-10
  • 1.0.1 - 2020-01-29
    • Updated documentation
    • bugfix in timeRangeToNrql
from @newrelic/nr1-community GitHub release notes
Commit messages
Package name: @newrelic/nr1-community
  • ad17040 chore: version bump to 1.2.0
  • 0fbd2ab fix(Timeline): demo wasn't loading
  • 329b573 Merge pull request #62 from MattIGolden/feat/new-generic-error-component
  • ab8a679 Merge pull request #67 from newrelic/snyk-upgrade-4dfb94c0eb193f63b83a7bbfdb0e6277
  • 203ab6e Merge pull request #65 from newrelic/snyk-upgrade-fb0afd610f2d9972f0b00a2d766495fa
  • bd91b8f Merge pull request #69 from newrelic/snyk-upgrade-7f1323d5114f45181ff854d5ccae32bf
  • 6420a2b Merge pull request #68 from danielgolden/update_proptypes_for_description
  • a3b4464 fix: upgrade date-fns from 2.12.0 to 2.13.0
  • afca4a6 fix: upgrade date-fns from 2.12.0 to 2.13.0
  • 4ef6fc4 feat(EmptyState): Update proptypes for description
  • c63f52b fix: upgrade prism-react-renderer from 1.0.2 to 1.1.0
  • cdda9e1 fix: upgrade prism-react-renderer from 1.0.2 to 1.1.0
  • d63264d fix: upgrade react-bootstrap-table-next from 3.3.3 to 3.3.5
  • a0a5cb8 fix: upgrade react-bootstrap-table-next from 3.3.3 to 3.3.5
  • 0f61372 Update README.md
  • b9c0197 chore: update readme
  • 56bcbe8 Merge pull request #64 from newrelic/security-issues
  • 890d642 Rollback react version to 16.6.3
  • f32da61 fix: addressing security issue in dependency
  • 1d0f900 Merge branch 'master' of https://github.com/newrelic/nr1-community into feat/new-generic-error-component
  • 04dca61 feat: add generic error component
  • 2de35c4 feat: refactor component
  • 5c9129d feat: update generic error component
  • 3a72666 feat: add new component
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs