Snyk has created this PR to upgrade multiple dependencies.
👯♂ The following dependencies are linked and will therefore be updated together.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Snyk has created this PR to upgrade multiple dependencies.
👯♂ The following dependencies are linked and will therefore be updated together. :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-LODASH-1040724
Why? Proof of Concept exploit, CVSS 7.2
SNYK-JS-LODASH-1018905
Why? Proof of Concept exploit, CVSS 7.2
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: @babel/parser
v7.13.16 (2021-04-20)
Thanks @ codyatwork and @ nwalters512 for your first PRs!
babel-parser
SyntaxError
fordeclare
before getter/setter (@ fedeci)babel-helpers
,babel-plugin-transform-modules-commonjs
,babel-plugin-transform-regenerator
,babel-plugin-transform-spread
,babel-preset-env
,babel-runtime-corejs2
,babel-runtime
Symbol
(@ nicolo-ribaudo)babel-helper-compilation-targets
babel-generator
babel-types
babel-helper-compilation-targets
babel-helper-bindify-decorators
,babel-helper-explode-class
babel-helper-call-delegate
@ babel/helper-call-delegate
(@ nicolo-ribaudo)babel-helper-hoist-variables
,babel-plugin-transform-block-scoping
babel-cli
,babel-core
,babel-generator
,babel-plugin-transform-function-name
,babel-register
,babel-types
lodash
dependencies (@ nicolo-ribaudo)Committers: 7
v7.13.15 (2021-04-08)
babel-parser
SyntaxError
for unparenthesized assert and assign (@ fedeci)babel-parser
TSDeclareFunction
(@ fedeci)babel-plugin-proposal-do-expressions
,babel-traverse
NodePath#getCompletionRecords
(@ JLHwung)babel-compat-data
,babel-preset-env
babel-preset-env
babel-plugin-transform-regenerator
,babel-standalone
regenerator-transform
import with native ESM (@ nicolo-ribaudo)babel-helper-transform-fixture-test-runner
babel.config.js
in tests (@ nicolo-ribaudo)babel-preset-env
Committers: 5
v7.13.13 (2021-03-26)
babel-parser
babel-core
browserslistConfigFile
paths (@ nicolo-ribaudo)babel-core
,babel-preset-env
.browserslistrc
as a project-wide file (@ nicolo-ribaudo)babel-plugin-transform-react-constant-elements
babel-types
babel-node
babel-parser
babel-cli
,babel-core
babel-core
babel-traverse
babel-core
rootMode: "root"
inloadPartialConfig
(@ nicolo-ribaudo)Committers: 8
v7.13.12 (2021-03-22)
Thanks @ hajnalbendeguz for your first PR!
babel-standalone
babel-plugin-bugfix-v8-spread-parameters-in-optional-chaining
,babel-plugin-proposal-optional-chaining
,babel-preset-env
babel-types
babel-compat-data
,babel-preset-env
babel-plugin-transform-react-jsx
babel-compat-data
babel-node
lodash
from@ babel/node
tests (@ jridgewell)babel-helper-module-transforms
lodash/chunk
(@ jridgewell)babel-plugin-transform-proto-to-assign
babel-helper-define-map
Committers: 6
v7.13.11 (2021-03-15)
babel-parser
,babel-plugin-proposal-class-static-block
babel-compat-data
@ babel/compat-data
'sexports
(@ nicolo-ribaudo)babel-parser
babel-compat-data
,babel-helper-compilation-targets
esmodule: "intersect"
on iOS versions (@ JLHwung)babel-helper-create-class-features-plugin
,babel-plugin-proposal-async-generator-functions
,babel-plugin-proposal-class-properties
,babel-plugin-proposal-private-methods
,babel-plugin-proposal-private-property-in-object
,babel-plugin-transform-typescript
,babel-preset-env
function
rather thanvar
to compile private methods (@ nicolo-ribaudo)Committers: 3
Package name: @babel/traverse
Package name: @babel/types
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:![](https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJjNzhmOGVjZi05MTM3LTQ2NWEtOTBjZi0xY2FiZmY4NDI0YWYiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImM3OGY4ZWNmLTkxMzctNDY1YS05MGNmLTFjYWJmZjg0MjRhZiJ9fQ==)
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs