Skip to content

[Snyk] Security upgrade laravel-elixir from 3.4.3 to 4.1.2#35

Open
rsmarques wants to merge 1 commit intomasterfrom
snyk-fix-5d7904e56ab6a96999c3e846ae17ac09
Open

[Snyk] Security upgrade laravel-elixir from 3.4.3 to 4.1.2#35
rsmarques wants to merge 1 commit intomasterfrom
snyk-fix-5d7904e56ab6a96999c3e846ae17ac09

Conversation

@rsmarques
Copy link
Owner

@rsmarques rsmarques commented May 14, 2024

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 661/1000
Why? Recently disclosed, Has a fix available, CVSS 7.5		 Uncontrolled resource consumption
SNYK-JS-BRACES-6838727		 Yes No Known Exploit
high severity 661/1000
Why? Recently disclosed, Has a fix available, CVSS 7.5		 Inefficient Regular Expression Complexity
SNYK-JS-MICROMATCH-6838728		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: laravel-elixir The new version differs by 26 commits.
  • c561390 v4.1.2
  • 762c4ed Bump gulp-phpunit - closes #392
  • 7daeedc Merge pull request #377 from ricardogobbosouza/patch
  • 0212244 Add 4.1 changelog
  • 988b7b6 Add mix.combine() task. - closes #358
  • 948abb9 fixed less, sass watching
  • fa58088 Merge pull request #374 from ricardogobbosouza/feature1
  • da3f4fe Fix doc and remove blank lines
  • ecb89be Merge pull request #366 from jnbn/master
  • 7ed051e Merge pull request #362 from n7olkachev/master
  • f2bf3df Merge pull request #353 from jonhassall/development
  • 24f89a4 Merge pull request #365 from lucasmichot/feature/master/editorconfig
  • b8c4542 browsersync support for dd function
  • 53ff92d Add a .editorconfig file to the project.
  • 4dbfa11 fixed coffee, less, sass watching
  • 338016e Enhance default behavour to strip JavaScript debugging when building with --production
  • f3591b3 Return React transformation
  • 6203744 Add test to ensure source maps are generated
  • 29731c9 Finish removing concatCSS
  • 748d2af Revert concatCSS - closes #349
  • 45fe7a4 v4.0.1
  • eb191fc Remove Vueify
  • c4bcc6c Bump Babelify version
  • 45ee160 Version 4.0.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncontrolled resource consumption

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rsmarques @snyk-bot