search

u-sho / quantum-game-arena

[W.I.P.] Quantum Game Arena
https://qgame.app
MIT License
1 stars 0 forks source link

[Snyk] Upgrade svelte-check from 3.1.4 to 3.4.3 #114

Closed u-sho closed 1 year ago

u-sho commented 1 year ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade svelte-check from 3.1.4 to 3.4.3.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **8 versions** ahead of your current version. - The recommended version was released **a month ago**, on 2023-05-26. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-WORDWRAP-3149973](https://snyk.io/vuln/SNYK-JS-WORDWRAP-3149973) | **372/1000**
**Why?** Proof of Concept exploit, CVSS 5.3 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: svelte-check
  • 3.4.3 - 2023-05-26
    • (fix) load svelte/compiler for version 4 correctly
  • 3.4.2 - 2023-05-26
    • (feat) add machine-verbose to the output options (#2012)
    • (feat) implement experimental generics attribute on script tags (#2020)
    • (fix) support nested destructuring in export const (#2028)
    • (feat) get ready for Svelte 4 (#2030)
  • 3.4.1 - 2023-05-26

    broken release, don't use

      </li>
  <li>
    <b>3.4.0</b> - <a href="https://snyk.io/redirect/github/sveltejs/language-tools/releases/tag/svelte-check-3.4.0">2023-05-26</a></br><p>broken release, don't use</p>
  </li>
  <li>
    <b>3.3.2</b> - 2023-05-08
  </li>
  <li>
    <b>3.3.1</b> - 2023-05-05
  </li>
  <li>
    <b>3.3.0</b> - 2023-05-04
  </li>
  <li>
    <b>3.2.0</b> - 2023-04-04
  </li>
  <li>
    <b>3.1.4</b> - 2023-03-13
  </li>
</ul>
from <a href="https://snyk.io/redirect/github/sveltejs/language-tools/releases">svelte-check GitHub release notes</a>

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

šŸ§ View latest project report

šŸ›  Adjust upgrade PR settings

šŸ”• Ignore this dependency or unsubscribe from future upgrade PRs

vercel[bot] commented 1 year ago

The latest updates on your projects. Learn more about Vercel for Git ā†—ļøŽ

Name Status Preview Comments Updated (UTC)
quantum-game-arena āœ… Ready (Inspect) Visit Preview šŸ’¬ Add feedback Jul 2, 2023 4:25pm