search

scm-automation-project / npm-6-with-lock-file-project

0 stars 0 forks source link

Update dependency property-expr to v2 - autoclosed #36

Closed dev-mend-for-github-com[bot] closed 2 years ago

dev-mend-for-github-com[bot] commented 2 years ago

This PR contains the following updates:

Package Type Update Change
property-expr dependencies major 1.5.1 -> 2.0.3

By merging this PR, the issue #6 will be automatically resolved and closed:

Severity CVSS Score CVE
High High 9.8 CVE-2020-7707

Release Notes

jquense/expr ### [`v2.0.3`](https://togithub.com/jquense/expr/blob/HEAD/CHANGELOG.md#​203-httpsgithubcomjquenseexprcomparev202v203-2020-08-17) [Compare Source](https://togithub.com/jquense/expr/compare/v2.0.2...v2.0.3) ##### Bug Fixes - prototype polution vector ([df84691](https://togithub.com/jquense/expr/commit/df846910915d59f711ce63c1f817815bceab5ff7)) ### [`v2.0.2`](https://togithub.com/jquense/expr/compare/v2.0.1...v2.0.2) [Compare Source](https://togithub.com/jquense/expr/compare/v2.0.1...v2.0.2) ### [`v2.0.1`](https://togithub.com/jquense/expr/compare/v2.0.0...v2.0.1) [Compare Source](https://togithub.com/jquense/expr/compare/v2.0.0...v2.0.1) ### [`v2.0.0`](https://togithub.com/jquense/expr/compare/v1.5.1...v2.0.0) [Compare Source](https://togithub.com/jquense/expr/compare/v1.5.1...v2.0.0)