This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
⚠️ Warning
```
Failed to update the package-lock.json, please update manually before merging.
```
#### Vulnerabilities that will be fixed
##### With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity
:-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------
 | **586/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS) [SNYK-JS-LODASH-1018905](https://snyk.io/vuln/SNYK-JS-LODASH-1018905) | Yes | Proof of Concept
 | **681/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 7.2 | Command Injection [SNYK-JS-LODASH-1040724](https://snyk.io/vuln/SNYK-JS-LODASH-1040724) | Yes | Proof of Concept
 | **731/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 8.2 | Prototype Pollution [SNYK-JS-LODASH-567746](https://snyk.io/vuln/SNYK-JS-LODASH-567746) | Yes | Proof of Concept
 | **686/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 7.3 | Prototype Pollution [SNYK-JS-LODASH-608086](https://snyk.io/vuln/SNYK-JS-LODASH-608086) | Yes | Proof of Concept
 | **768/1000** **Why?** Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5 | Prototype Pollution [SNYK-JS-LODASH-6139239](https://snyk.io/vuln/SNYK-JS-LODASH-6139239) | Yes | Proof of Concept
 | **726/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 8.1 | Remote Code Execution (RCE) [SNYK-JS-PUGCODEGEN-1082232](https://snyk.io/vuln/SNYK-JS-PUGCODEGEN-1082232) | Yes | Proof of Concept
(*) Note that the real score may have changed since the PR was raised.
Commit messagesPackage name: @nestjs-modules/mailer
The new version differs by 250 commits.
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project.
------------
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.*
For more information:
🧐 [View latest project report](https://app.snyk.io/org/coronasafe-network/project/9ca839b0-9d29-480f-b4d5-e3035b58530b?utm_source=github&utm_medium=referral&page=fix-pr)
🛠 [Adjust project settings](https://app.snyk.io/org/coronasafe-network/project/9ca839b0-9d29-480f-b4d5-e3035b58530b?utm_source=github&utm_medium=referral&page=fix-pr/settings)
📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities)
[//]: # (snyk:metadata:{"prId":"f8f19e72-8395-496a-ab9c-4854f2b41606","prPublicId":"f8f19e72-8395-496a-ab9c-4854f2b41606","dependencies":[{"name":"@nestjs-modules/mailer","from":"1.4.2","to":"2.0.0"}],"packageManager":"npm","projectPublicId":"9ca839b0-9d29-480f-b4d5-e3035b58530b","projectUrl":"https://app.snyk.io/org/coronasafe-network/project/9ca839b0-9d29-480f-b4d5-e3035b58530b?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-LODASH-1018905","SNYK-JS-LODASH-1040724","SNYK-JS-LODASH-567746","SNYK-JS-LODASH-608086","SNYK-JS-LODASH-6139239","SNYK-JS-PUGCODEGEN-1082232"],"upgrade":["SNYK-JS-LODASH-1018905","SNYK-JS-LODASH-1040724","SNYK-JS-LODASH-567746","SNYK-JS-LODASH-608086","SNYK-JS-LODASH-6139239","SNYK-JS-PUGCODEGEN-1082232"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["updated-fix-title","pr-warning-shown","priorityScore"],"priorityScoreList":[586,681,731,686,768,726],"remediationStrategy":"vuln"})
---
**Learn how to fix vulnerabilities with free interactive lessons:**
🦉 [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lesson/redos/?loc=fix-pr)
🦉 [Command Injection](https://learn.snyk.io/lesson/malicious-code-injection/?loc=fix-pr)
🦉 [Prototype Pollution](https://learn.snyk.io/lesson/prototype-pollution/?loc=fix-pr)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json⚠️ Warning
``` Failed to update the package-lock.json, please update manually before merging. ```**Why?** Proof of Concept exploit, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-LODASH-1018905](https://snyk.io/vuln/SNYK-JS-LODASH-1018905) | Yes | Proof of Concept  | **681/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.2 | Command Injection
[SNYK-JS-LODASH-1040724](https://snyk.io/vuln/SNYK-JS-LODASH-1040724) | Yes | Proof of Concept  | **731/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 8.2 | Prototype Pollution
[SNYK-JS-LODASH-567746](https://snyk.io/vuln/SNYK-JS-LODASH-567746) | Yes | Proof of Concept  | **686/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.3 | Prototype Pollution
[SNYK-JS-LODASH-608086](https://snyk.io/vuln/SNYK-JS-LODASH-608086) | Yes | Proof of Concept  | **768/1000**
**Why?** Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5 | Prototype Pollution
[SNYK-JS-LODASH-6139239](https://snyk.io/vuln/SNYK-JS-LODASH-6139239) | Yes | Proof of Concept  | **726/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 8.1 | Remote Code Execution (RCE)
[SNYK-JS-PUGCODEGEN-1082232](https://snyk.io/vuln/SNYK-JS-PUGCODEGEN-1082232) | Yes | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: @nestjs-modules/mailer
The new version differs by 250 commits.- 621621a chore(release): 2.0.0
- 3506885 feat(mailer.service): refactor usage of defaultsDeep
- f80e7b9 Merge pull request #1168 from nest-modules/dependabot/npm_and_yarn/nestjs/core-10.3.8
- 62d2da2 chore(deps-dev): bump @ nestjs/core from 10.3.3 to 10.3.8
- c59ff59 Merge pull request #1166 from nest-modules/dependabot/npm_and_yarn/nestjs/common-10.3.8
- a709bfd chore(deps-dev): bump @ nestjs/common from 10.3.3 to 10.3.8
- 0b12dd7 Merge pull request #1165 from nest-modules/dependabot/npm_and_yarn/commitlint/cli-19.3.0
- 08aa46f Merge pull request #1167 from nest-modules/dependabot/npm_and_yarn/reflect-metadata-0.2.2
- a50b9bb Merge pull request #1169 from nest-modules/dependabot/npm_and_yarn/css-inline/css-inline-0.14.0
- f9df37a Merge pull request #1153 from SimonRosenau/patch-1
- 305ef36 Merge branch 'main' into patch-1
- 191f259 chore(deps): bump @ css-inline/css-inline from 0.13.0 to 0.14.0
- 0426652 chore(deps-dev): bump reflect-metadata from 0.2.1 to 0.2.2
- 6fa0369 chore(deps-dev): bump @ commitlint/cli from 19.0.3 to 19.3.0
- 2005922 Merge pull request #1163 from nest-modules/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-7.7.1
- 9d03d44 chore(deps-dev): bump @ typescript-eslint/eslint-plugin
- facfc12 Merge pull request #1164 from nest-modules/dependabot/npm_and_yarn/typescript-eslint/parser-7.7.1
- 20c1858 chore(deps-dev): bump @ typescript-eslint/parser from 7.1.0 to 7.7.1
- 8c5867d Merge pull request #1158 from nest-modules/dependabot/npm_and_yarn/typescript-5.4.5
- 2af89c6 Merge pull request #1135 from nest-modules/dependabot/npm_and_yarn/types/lodash-4.17.0
- 5d8885d Merge pull request #1141 from nest-modules/dependabot/npm_and_yarn/nodemailer-6.9.13
- b9960b8 Merge pull request #1147 from otonielguajardo/liquidjs-adapter
- aa49b7f Merge pull request #1162 from sirmonin/optional-mjml
- 33fa7fa Merge pull request #1133 from GFoniX/main
See the full diff