Skip to content

[Snyk] Fix for 1 vulnerabilities#32

Open
rsmarques wants to merge 1 commit intomasterfrom
snyk-fix-3f4f36529f3d4988a9767c0c009c8b46
Open

[Snyk] Fix for 1 vulnerabilities#32
rsmarques wants to merge 1 commit intomasterfrom
snyk-fix-3f4f36529f3d4988a9767c0c009c8b46

Conversation

@rsmarques
Copy link
Owner

@rsmarques rsmarques commented Nov 30, 2023

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 661/1000
Why? Recently disclosed, Has a fix available, CVSS 7.5		 Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: gulp-jshint The new version differs by 5 commits.
  • d7cc9ea version 2.0.0
  • 02c4053 added note about jshint peerDependency
  • 226ea3b Merge pull request #120 from spalger/jshintAsPeer
  • a1c0be4 [npm] install jshint on travis, for old npm and future npm
  • 3e7ad84 [npm] move jshint to peerDependencies

See the full diff

Package name: laravel-elixir The new version differs by 26 commits.
  • c561390 v4.1.2
  • 762c4ed Bump gulp-phpunit - closes #392
  • 7daeedc Merge pull request #377 from ricardogobbosouza/patch
  • 0212244 Add 4.1 changelog
  • 988b7b6 Add mix.combine() task. - closes #358
  • 948abb9 fixed less, sass watching
  • fa58088 Merge pull request #374 from ricardogobbosouza/feature1
  • da3f4fe Fix doc and remove blank lines
  • ecb89be Merge pull request #366 from jnbn/master
  • 7ed051e Merge pull request #362 from n7olkachev/master
  • f2bf3df Merge pull request #353 from jonhassall/development
  • 24f89a4 Merge pull request #365 from lucasmichot/feature/master/editorconfig
  • b8c4542 browsersync support for dd function
  • 53ff92d Add a .editorconfig file to the project.
  • 4dbfa11 fixed coffee, less, sass watching
  • 338016e Enhance default behavour to strip JavaScript debugging when building with --production
  • f3591b3 Return React transformation
  • 6203744 Add test to ensure source maps are generated
  • 29731c9 Finish removing concatCSS
  • 748d2af Revert concatCSS - closes #349
  • 45fe7a4 v4.0.1
  • eb191fc Remove Vueify
  • c4bcc6c Bump Babelify version
  • 45ee160 Version 4.0.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

@snyk-bot
fix: package.json to reduce vulnerabilities
2162001 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rsmarques @snyk-bot