search

turkdevops / WordPress

WordPress, Git-ified. Synced via SVN every 15 minutes, including branches and tags! This repository is just a mirror of the WordPress subversion repository. Please do not send pull requests. Submit patches to https://core.trac.wordpress.org/ instead.
https://wordpress.org/
Other
1 stars 1 forks source link

Restyle [Snyk] Security upgrade @wordpress/scripts from 13.0.3 to 15.0.0 #209

Open restyled-io[bot] opened 1 year ago

restyled-io[bot] commented 1 year ago

Automated style fixes for #208, created by Restyled.

The following restylers made fixes:

To incorporate these changes, merge this Pull Request into the original. We recommend using the Squash or Rebase strategies.

NOTE: As work continues on the original Pull Request, this process will re-run and update (force-push) this Pull Request with updated style fixes as necessary. If the style is fixed manually at any point (i.e. this process finds no fixes to make), this Pull Request will be closed automatically.

Sorry if this was unexpected. To disable it, see our documentation.

guardrails[bot] commented 1 year ago

:warning: We detected 18 security issues in this pull request:

Mode: paranoid | Total findings: 18 | Considered vulnerability: 18

Vulnerable Libraries (18)
Severity | Details ----- | -------- High | [@wordpress/scripts@15.0.0](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L3242) (t) upgrade to: *>=25.0.0* Medium | [markdownlint-cli@0.21.0](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L11388) (t) upgrade to: *>0.30.0* Medium | [rtlcss@2.5.0](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L14453) (t) upgrade to: *>=4.0.0* Medium | [pkg:npm/react@16.14.0@16.14.0](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L13820) (t) - **no patch available** Medium | [pkg:npm/react@16.14.0@16.14.0](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L13831) (t) - **no patch available** Critical | [pkg:npm/set-value@2.0.1@2.0.1](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L14812) (t) - **no patch available** Medium | [pkg:npm/request@2.88.2@2.88.2](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L14262) (t) - **no patch available** High | [pkg:npm/nth-check@1.0.2@1.0.2](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L12479) (t) upgrade to: *2.0.1* Critical | [pkg:npm/execa@1.0.0@1.0.0](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L7021) (t) - **no patch available** Low | [pkg:npm/node-fetch@2.6.7@2.6.7](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L12088) (t) - **no patch available** High | [pkg:npm/decode-uri-component@0.2.2@0.2.2](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L5698) (t) - **no patch available** High | [pkg:npm/glob-parent@5.1.1@5.1.1](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L8142) (t) upgrade to: *5.1.2* High | [pkg:npm/loader-utils@2.0.4@2.0.4](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L11110) (t) - **no patch available** Critical | [pkg:npm/unset-value@1.0.0@1.0.0](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L16846) (t) - **no patch available** High | [pkg:npm/trim@0.0.1@0.0.1](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L16540) (t) upgrade to: *0.0.3* High | [pkg:npm/stylelint@13.13.1@13.13.1](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L15608) (t) - **no patch available** High | [pkg:npm/css-what@3.4.2@3.4.2](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L5543) (t) - **no patch available** High | [pkg:npm/markdown-it@10.0.0@10.0.0](https://github.com/turkdevops/WordPress/blob/eed7265bb9e089b429802812d966db82746d9ba1/wp-content/themes/twentytwenty/package-lock.json#L11358) (t) - **no patch available** More info on how to fix Vulnerable Libraries in [JavaScript](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/using_vulnerable_libraries.html?utm_source=ghpr#).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.