search

retorquere / zotero-date-from-last-modified

76 stars 0 forks source link

[Snyk] Fix for 1 vulnerabilities #8

Closed snyk-bot closed 9 months ago

snyk-bot commented 3 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 691/1000
Why? Recently disclosed, Has a fix available, CVSS 8.1		 Prototype Pollution
SNYK-JS-CACHEBASE-1054631		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: ts-loader The new version differs by 24 commits.
  • 218718a drop support for < node 8 and republish 5.4.6 as 6.0.0 (#930)
  • 9946fbc v5.4.6
  • e13bee2 Update dependencies (#928)
  • a6572ce internal: remove usage of hand crafted webpack typings (#927)
  • 48626a9 add common appendTsTsxSuffixesIfRequired function to instance (#924)
  • 0fd623f add node12 to travis build (#925)
  • 77b8471 prepare 5.4.3 release
  • 381a6a9 more .npmignore
  • 3f8316a don't publish anything but ts-loader (#923)
  • ea2fcf9 resolveTypeReferenceDirective support for yarn PnP (#921)
  • 4692a22 ts 3.4 tests (#916)
  • dc1dda8 edited broken link in README.md (#915)
  • c1f3c4e update example (#912)
  • 4a8df76 Feature/3.3 tests (#903)
  • 58505c4 drop fast-incremental-builds example (#901)
  • 4354cf8 fixed name of fork-ts-checker-webpack-plugin (#900)
  • 4551893 there's way too many examples (#899)
  • c9b1f31 add probot-stale https://github.com/probot/stale
  • 92a2de9 Merge pull request #898 from TypeStrong/example-for-mcolyer
  • ff9bc37 example of filter issue for @ mcolyer
  • ba6f5c4 Merge pull request #884 from zerdos/master
  • 92f0d70 migrate large comparison test to be execution test (#896)
  • df04a56 release event not available so use push event and filter (#893)
  • 4b5ccc5 run the tests with node11 as well
See the full diff
Package name: webpack The new version differs by 250 commits.
  • 610f368 5.0.0
  • 5ce65c1 update examples
  • bbe1230 Merge pull request #11628 from webpack/bugfix/real-content-hash
  • 75ecff2 5.0.0-rc.6
  • bfc35d6 Merge pull request #11603 from MayaWolf/master
  • 76e8cbd Merge pull request #11622 from webpack/dependabot/npm_and_yarn/types/node-13.13.25
  • 9fd1be2 chore(deps-dev): bump @ types/node from 13.13.23 to 13.13.25
  • 36bcfaa Merge pull request #11621 from webpack/bugfix/11619
  • 9130d10 fix called variables with ProvidePlugin
  • 3e42105 Merge pull request #11620 from webpack/bugfix/11617
  • 4709719 skip connections copied to concatenated module
  • 57b493f 5.0.0-rc.5
  • 1658e2f Merge pull request #11618 from webpack/bugfix/11615
  • a8fb45d fixes crash in SideEffectsFlagPlugin
  • 84b196d emit error instead of crashing when unexpected problem occurs
  • 5573fed Merge pull request #11601 from Hornwitser/improve-suggested-polyfill-config
  • 9b5cce9 Merge pull request #11609 from snitin315/export-types
  • 37c495c export type RuleSetUseItem
  • 39faf34 export type RuleSetUse
  • e5fd246 export type RuleSetConditionAbsolute
  • 660baad export RuleSetCondition types
  • 13e3ca5 Merge pull request #11602 from webpack/bugfix/shared-runtime-chunk
  • 9c0587e Merge pull request #11606 from webpack/dependabot/npm_and_yarn/simple-git-2.21.0
  • 502d166 Merge pull request #11607 from webpack/dependabot/npm_and_yarn/acorn-8.0.4
See the full diff
Package name: zotero-plugin The new version differs by 20 commits.
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic