Open snyk-bot opened 1 year ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS)
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Recently disclosed, Has a fix available, CVSS 3.5
SNYK-JS-DEBUG-3227433
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: rollup-plugin-typescript2
The new version differs by 75 commits.- 69502e1 - updating dependencies
- 034abe0 - updating dependencies
- fd824de Merge branch 'NotWoods-import-pluginutils'
- cde185a - rebuild
- c6c733f Use imports with @ rollup/pluginutils
- 67748cc - fix for plugin option type
- b7c7389 - exporting IOptions type
- 0caa1c4 (docs): async plugins are now supported out-of-the-box (#205)
- e957a89 - fix for indent
- ac82124 - package version
- df241da - undoing debug code
- cd76b42 - warning message for objectHashIgnoreUnknownHack option
- 417c8e5 - package version
- c88688c - updating dependencies
- 7fd52b7 - updating readme
- 6c4e53e Merge branch 'agilgur5-object-hash-update'
- 3d3e4eb - npm install and build
- 9afc8df (fix): upgrade object-hash to support async/await syntax
- 9c265b3 (deps): auto-update outdated package-lock.json
- 947da25 Fix syntax error in transformer example (#195)
- 531f5f0 - package version
- 23f63b4 - build
- 4217346 feat: support options.cwd (#197)
- d6359af Update README.md
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS)