Open lholmquist opened 1 month ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 8.7
SNYK-JS-ELLIPTIC-8187303
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: ember-qunit
The new version differs by 154 commits.- 443da09 Merge pull request #972 from emberjs/ember-v4-support
- d26de30 Add Ember 4.4 LTS to CI
- 8460250 Drop support for Ember < 3.24
- de6ad72 Drop support for jQuery and Classic
- f945a76 Bump ember-source from 3.28.8 to 4.7.0
- eaacc83 Merge pull request #971 from emberjs/dependabot/npm_and_yarn/ember-angle-bracket-invocation-polyfill-3.0.2
- ddc1f6b Merge pull request #967 from emberjs/dependabot/npm_and_yarn/prettier-2.7.1
- d9737c6 Merge pull request #968 from emberjs/dependabot/npm_and_yarn/eslint-config-prettier-8.5.0
- ca06f9b Bump prettier from 2.4.1 to 2.7.1
- 51280a1 Bump eslint-config-prettier from 8.3.0 to 8.5.0
- cc71184 Merge pull request #966 from emberjs/dependabot/npm_and_yarn/ember-try-2.0.0
- e19270b Bump ember-angle-bracket-invocation-polyfill from 3.0.1 to 3.0.2
- fae667b Bump ember-try from 1.4.0 to 2.0.0
- b0a7bb9 Merge pull request #965 from emberjs/dependabot/npm_and_yarn/release-it-15.5.0
- 7695f05 Merge pull request #964 from emberjs/dependabot/npm_and_yarn/eslint-plugin-prettier-4.2.1
- 0f27243 Merge pull request #959 from emberjs/dependabot/npm_and_yarn/ember-cli-htmlbars-6.1.1
- b427f8f Merge pull request #955 from emberjs/dependabot/npm_and_yarn/validate-peer-dependencies-2.1.0
- 0699f65 Bump release-it from 14.12.4 to 15.5.0
- de21842 Bump validate-peer-dependencies from 1.2.0 to 2.1.0
- f38860e Bump ember-cli-htmlbars from 5.7.2 to 6.1.1
- 55e9249 Bump eslint-plugin-prettier from 4.0.0 to 4.2.1
- 337215a Merge pull request #963 from emberjs/dependabot/npm_and_yarn/ember-cli-dependency-checker-3.3.1
- 7aabf74 Merge pull request #895 from emberjs/dependabot/npm_and_yarn/resolve-package-path-4.0.3
- 57b136d Merge pull request #939 from emberjs/dependabot/npm_and_yarn/ember-auto-import-2.4.2
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.