Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade webpack from 5.63.0 to 5.88.1 #248

Merged
merged 1 commit into from
Jul 22, 2023
Merged

[Snyk] Upgrade webpack from 5.63.0 to 5.88.1 #248

merged 1 commit into from
Jul 22, 2023

Conversation

Loonz206
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade webpack from 5.63.0 to 5.88.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 39 versions ahead of your current version.
  • The recommended version was released 21 days ago, on 2023-06-28.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Sandbox Bypass
SNYK-JS-WEBPACK-3358798		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-WORDWRAP-3149973		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 Proof of Concept
Prototype Poisoning
SNYK-JS-QS-3153490		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVER-3247795		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVER-3247795		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVER-3247795		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVER-3247795		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 Proof of Concept
Remote Code Execution (RCE)
SNYK-JS-SHELLQUOTE-1766506		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 No Known Exploit
Denial of Service (DoS)
SNYK-JS-TRIMNEWLINES-1298042		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 No Known Exploit
Prototype Pollution
SNYK-JS-LOADERUTILS-3043105		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 No Known Exploit
Prototype Pollution
SNYK-JS-LOADERUTILS-3043105		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 No Known Exploit
Prototype Pollution
SNYK-JS-MONGOOSE-2961688		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 Proof of Concept
Prototype Pollution
SNYK-JS-MONGOOSE-5777721		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-TRIMOFFNEWLINES-1296850		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 Proof of Concept
Information Exposure
SNYK-JS-NANOID-2332193		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 Proof of Concept
Session Fixation
SNYK-JS-PASSPORT-2840631		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-TERSER-2806366		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-CONVENTIONALCOMMITSPARSER-1766960		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 No Known Exploit
Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2332181		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 Proof of Concept
Open Redirect
SNYK-JS-GOT-2932019		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-HTTPCACHESEMANTICS-3248783		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LOADERUTILS-3042992		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LOADERUTILS-3105943		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LOADERUTILS-3042992		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LOADERUTILS-3105943		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MINIMATCH-3050818		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 No Known Exploit
Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2396346		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 No Known Exploit
Prototype Pollution
SNYK-JS-MINIMIST-2429795		 736/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.3		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: webpack from webpack GitHub release notes
Commit messages
Package name: webpack
  • 6be4065 5.88.1
  • aee6035 Merge pull request #17414 from webpack/types-more-again
  • 158e044 refactor(types): more
  • 3092f7c refactor(types): more
  • cc734af refactor(types): more
  • 1e18b1d 5.88.0
  • d15c734 Merge pull request #17394 from webpack/refactor-more-types
  • cff406c refactor(types): more
  • 3f71468 refactor(types): more
  • d9d64b5 refactor(types): more
  • d1f1433 Merge pull request #17406 from ersachin3112/stats-minimal
  • e226101 refactor(types): more
  • a911bd9 refactor(types): more
  • e381884 refactor(types): more
  • 4809421 refactor(types): more
  • 1ab7cad Merge pull request #17393 from ahabhgk/fix-async-module
  • 43c1958 Merge pull request #17395 from steverep/update-kaios-browser
  • 76076f6 Merge pull request #17397 from webpack/issue-17390
  • da76b19 Merge pull request #17399 from burhanuday/feat/auto-css-modes
  • bc7daeb Merge pull request #17400 from webpack/fix-runtime-problems-with-css
  • 60dc7b7 test: fix
  • 5a49b86 fix: runtime for CSS loading
  • 123511b Merge pull request #17388 from webpack/issue-17386
  • a24c7ac chore: fix lint

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@sonarcloud
Copy link

sonarcloud bot commented Jul 20, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@Loonz206 Loonz206 merged commit 5f385ad into main Jul 22, 2023
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Loonz206 @snyk-bot