Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update vulnerable packages #5535

Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

Update vulnerable packages #5535

wants to merge 8 commits into from

Commits on Oct 16, 2024

  1. fix: package.json & package-lock.json to reduce vulnerabilities 

    The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-COOKIE-8163060
- https://snyk.io/vuln/SNYK-JS-MARKED-2342073
- https://snyk.io/vuln/SNYK-JS-MARKED-2342082
- https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728
    @snyk-bot
    snyk-bot committed Oct 16, 2024
    Configuration menu
    Copy the full SHA
    d42e6bf View commit details
    Browse the repository at this point in the history

  2. Merge pull request #1 from devsecopskallie/snyk-fix-390f9ddce0d880647… 

    …a6867e6c47ec0ec

[Snyk] Fix for 4 vulnerabilities
    @devsecopskallie
    devsecopskallie authored Oct 16, 2024
    Configuration menu
    Copy the full SHA
    6df258a View commit details
    Browse the repository at this point in the history

Commits on Oct 17, 2024

  1. fix: ts-binary-wrapper/package.json & ts-binary-wrapper/package-lock.… 

    …json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-COOKIE-8163060
    @snyk-bot
    snyk-bot committed Oct 17, 2024
    Configuration menu
    Copy the full SHA
    c814b79 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #2 from devsecopskallie/snyk-fix-53aff01adb0a55ff3… 

    …df689d6f4f4cc91

[Snyk] Security upgrade @sentry/node from 7.36.0 to 7.75.0
    @devsecopskallie
    devsecopskallie authored Oct 17, 2024
    Configuration menu
    Copy the full SHA
    1d16f49 View commit details
    Browse the repository at this point in the history

Commits on Oct 18, 2024

  1. chore(deps): bump lodash in /test/acceptance/workspaces/yarn-v2 

    Bumps [lodash](https://github.com/lodash/lodash) from 4.17.0 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.0...4.17.21)

---
updated-dependencies:
- dependency-name: lodash
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] authored Oct 18, 2024
    Configuration menu
    Copy the full SHA
    018762f View commit details
    Browse the repository at this point in the history

  2. Merge pull request #4 from devsecopskallie/dependabot/npm_and_yarn/te… 

    …st/acceptance/workspaces/yarn-v2/lodash-4.17.21

chore(deps): bump lodash from 4.17.0 to 4.17.21 in /test/acceptance/workspaces/yarn-v2
    @devsecopskallie
    devsecopskallie authored Oct 18, 2024
    Configuration menu
    Copy the full SHA
    f9c0061 View commit details
    Browse the repository at this point in the history

Commits on Oct 21, 2024

  1. fix: package.json & package-lock.json to reduce vulnerabilities 

    The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
- https://snyk.io/vuln/SNYK-JS-SHESCAPE-5734237
- https://snyk.io/vuln/SNYK-JS-SHESCAPE-5849592
    @snyk-bot
    snyk-bot committed Oct 21, 2024
    Configuration menu
    Copy the full SHA
    4bef3c2 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #8 from devsecopskallie/snyk-fix-f81cf75975322289d… 

    …83b02932747c5d5

[Snyk] Fix for 3 vulnerabilities
    @devsecopskallie
    devsecopskallie authored Oct 21, 2024
    Configuration menu
    Copy the full SHA
    425ce64 View commit details
    Browse the repository at this point in the history