Closed snyk-bot closed 3 years ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Recently disclosed, Has a fix available, CVSS 3.7
SNYK-JS-AUTH0LOCK-607904
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: auth0-lock
The new version differs by 12 commits.- d583182 v11.26.3
- 825aae2 Release v11.26.3 (#1914)
- 3711fb5 Merge pull request from GHSA-6gg3-pmm7-97xc
- 195b5d2 Release v11.26.2 (#1913)
- 0104145 i18n asset recovery (#1912)
- 80ec976 [SDK-1813] Send connection scope config to enterprise connections (#1910)
- 6296818 Merge pull request #1909 from auth0/dependabot/npm_and_yarn/elliptic-6.5.3
- 947aff5 [Security] Bump elliptic from 6.4.1 to 6.5.3
- f4e81ff Merge pull request #1908 from auth0/prepare-v11.26.1
- a93a184 Release v11.26.1
- 0c434e1 Merge pull request #1907 from jfromaniello/fix_1906
- 17b853d fix issue #1906 - remove extension from import
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic