percy / react-percy

[Deprecated]
MIT License
32 stars 10 forks source link

[Snyk] Security upgrade webpack from 3.12.0 to 4.29.0 #187

Closed snyk-bot closed 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ACORN-559469
Yes No Known Exploit
Commit messages
Package name: webpack The new version differs by 250 commits.
  • 25bccd4 4.29.0
  • 6389e41 Merge pull request #8642 from webpack/memory/future-emit-assets
  • 6e383cf make test for Source.buffer more strict
  • aaf85db add output.futureEmitAssets
  • 03ffa48 Merge pull request #8639 from webpack/memory/limit-parallelism
  • 2b2c17f Merge pull request #8598 from kiliancs/acorn6
  • fdb6b13 4.28.4
  • 80514cc Add ts declarations
  • 78abf04 Use eachLimit instead even though forEachLimit apears to be an alias...
  • 9cb4225 forEach to forEachLimit
  • ef67132 Upgrade acorn to v6
  • 3e147e6 Merge pull request #8588 from hulkish/faster-statement-type-check
  • 2a04dee added ExportAllDeclaration, fixed fn signature
  • baf0aa1 Merge pull request #8581 from DanielRuf/tests/increase-jest-timeout
  • 41b6887 use faster statement type check
  • af01643 Increase Jest timeout for profiling plugin test
  • ccc7db7 Merge pull request #8401 from shahkashani/fix-for-issue-8398
  • 2e3e2a0 Merge pull request #8544 from chuckdumont/work
  • 69dea22 Merge pull request #8573 from hulkish/fix-minimizer-fn
  • 983c261 4.28.3
  • 6240cf6 added config test case for optimization.minimizer
  • d8ab512 Merge pull request #8565 from NaviMarella/ProfilingPlugin_8503
  • 510abf7 Merge pull request #8565 from NaviMarella/ProfilingPlugin_8503
  • 0128118 Modified Tests as suggested.
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic