nodeshift-starters / opossum-examples

Example applications using the opossum Node.js circuit breaker
MIT License
10 stars 13 forks source link

[Snyk] Security upgrade ember-qunit from 5.1.4 to 6.0.0 #510

Open lholmquist opened 1 month ago

lholmquist commented 1 month ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 701/1000
Why? Recently disclosed, Has a fix available, CVSS 8.3
Improper Verification of Cryptographic Signature
SNYK-JS-ELLIPTIC-8172694
Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: ember-qunit The new version differs by 154 commits.
  • 443da09 Merge pull request #972 from emberjs/ember-v4-support
  • d26de30 Add Ember 4.4 LTS to CI
  • 8460250 Drop support for Ember < 3.24
  • de6ad72 Drop support for jQuery and Classic
  • f945a76 Bump ember-source from 3.28.8 to 4.7.0
  • eaacc83 Merge pull request #971 from emberjs/dependabot/npm_and_yarn/ember-angle-bracket-invocation-polyfill-3.0.2
  • ddc1f6b Merge pull request #967 from emberjs/dependabot/npm_and_yarn/prettier-2.7.1
  • d9737c6 Merge pull request #968 from emberjs/dependabot/npm_and_yarn/eslint-config-prettier-8.5.0
  • ca06f9b Bump prettier from 2.4.1 to 2.7.1
  • 51280a1 Bump eslint-config-prettier from 8.3.0 to 8.5.0
  • cc71184 Merge pull request #966 from emberjs/dependabot/npm_and_yarn/ember-try-2.0.0
  • e19270b Bump ember-angle-bracket-invocation-polyfill from 3.0.1 to 3.0.2
  • fae667b Bump ember-try from 1.4.0 to 2.0.0
  • b0a7bb9 Merge pull request #965 from emberjs/dependabot/npm_and_yarn/release-it-15.5.0
  • 7695f05 Merge pull request #964 from emberjs/dependabot/npm_and_yarn/eslint-plugin-prettier-4.2.1
  • 0f27243 Merge pull request #959 from emberjs/dependabot/npm_and_yarn/ember-cli-htmlbars-6.1.1
  • b427f8f Merge pull request #955 from emberjs/dependabot/npm_and_yarn/validate-peer-dependencies-2.1.0
  • 0699f65 Bump release-it from 14.12.4 to 15.5.0
  • de21842 Bump validate-peer-dependencies from 1.2.0 to 2.1.0
  • f38860e Bump ember-cli-htmlbars from 5.7.2 to 6.1.1
  • 55e9249 Bump eslint-plugin-prettier from 4.0.0 to 4.2.1
  • 337215a Merge pull request #963 from emberjs/dependabot/npm_and_yarn/ember-cli-dependency-checker-3.3.1
  • 7aabf74 Merge pull request #895 from emberjs/dependabot/npm_and_yarn/resolve-package-path-4.0.3
  • 57b136d Merge pull request #939 from emberjs/dependabot/npm_and_yarn/ember-auto-import-2.4.2
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.