sheodox / context.reviews

Learn Japanese by studying the words you find reading native materials!
https://context.reviews
13 stars 0 forks source link

[Snyk] Fix for 1 vulnerabilities #31

Closed sheodox closed 3 years ago

sheodox commented 3 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 661/1000
Why? Recently disclosed, Has a fix available, CVSS 7.5
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SSRI-1085630
Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: copy-webpack-plugin The new version differs by 31 commits.
  • 64e60c2 chore(release): 6.0.0
  • dd9ce50 test: coverage
  • 29254e3 feat: implement the `directory` option for the `cacheTransform` option
  • bebafcf refactor: code
  • e3803ce feat: implement the `noErrorOnMissing` option (#475)
  • 8e5bc1b chore(deps): update (#474)
  • 6b85c86 docs: improve (#473)
  • 3ef3f25 refactor: drop test option in favor transformPath (#472)
  • 045f629 refactor: code (#471)
  • 20c9ae5 docs: import documentation for the `from` option (#468)
  • bfb4f0e docs: improve the description for the `toType` option (#467)
  • c0c9fa7 test: transform && transformPath (#470)
  • 197b0d8 fix: asset size
  • c176d7d feat: concurrency option (#466)
  • e5e410a refactor: code (#465)
  • 0be6470 refactor: remove the `ignore` option in favor globOptions.ignore (#463)
  • 6b07a63 refactor: code
  • 42194f3 refactor: code (#459)
  • 1e2f3a1 test: refactor (#458)
  • a728675 chore: update globby
  • 64b2e1a refactor: remove the global `context` option (#453)
  • f6da280 refactor: rename the `cache` option to `cacheTransform` (#452)
  • aedd2bd refactor: plugin options (#451)
  • 383ff9d refactor: 'from' option (#450)
See the full diff
Package name: webpack The new version differs by 250 commits.
  • 610f368 5.0.0
  • 5ce65c1 update examples
  • bbe1230 Merge pull request #11628 from webpack/bugfix/real-content-hash
  • 75ecff2 5.0.0-rc.6
  • bfc35d6 Merge pull request #11603 from MayaWolf/master
  • 76e8cbd Merge pull request #11622 from webpack/dependabot/npm_and_yarn/types/node-13.13.25
  • 9fd1be2 chore(deps-dev): bump @ types/node from 13.13.23 to 13.13.25
  • 36bcfaa Merge pull request #11621 from webpack/bugfix/11619
  • 9130d10 fix called variables with ProvidePlugin
  • 3e42105 Merge pull request #11620 from webpack/bugfix/11617
  • 4709719 skip connections copied to concatenated module
  • 57b493f 5.0.0-rc.5
  • 1658e2f Merge pull request #11618 from webpack/bugfix/11615
  • a8fb45d fixes crash in SideEffectsFlagPlugin
  • 84b196d emit error instead of crashing when unexpected problem occurs
  • 5573fed Merge pull request #11601 from Hornwitser/improve-suggested-polyfill-config
  • 9b5cce9 Merge pull request #11609 from snitin315/export-types
  • 37c495c export type RuleSetUseItem
  • 39faf34 export type RuleSetUse
  • e5fd246 export type RuleSetConditionAbsolute
  • 660baad export RuleSetCondition types
  • 13e3ca5 Merge pull request #11602 from webpack/bugfix/shared-runtime-chunk
  • 9c0587e Merge pull request #11606 from webpack/dependabot/npm_and_yarn/simple-git-2.21.0
  • 502d166 Merge pull request #11607 from webpack/dependabot/npm_and_yarn/acorn-8.0.4
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic