Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 2 vulnerabilities #477

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Fix for 2 vulnerabilities #477

wants to merge 1 commit into from

Conversation

titanism
Copy link
Contributor

@titanism titanism commented Dec 7, 2024

snyk-top-banner

Snyk has created this PR to fix 2 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

  • template/package.json
  • template/yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Improper Neutralization of Special Elements in Data Query Logic
SNYK-JS-MONGOOSE-8446504		   721  
medium severity Cross-site Scripting (XSS)
SNYK-JS-AXIOS-6671926		   551  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)
🦉 Improper Neutralization of Special Elements in Data Query Logic

@socket-security Socket Security
Copy link

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@mrmlnc/[email protected] filesystem 0 53.9 kB mrmlnc
npm/@types/[email protected] None 0 6.13 kB types
npm/@types/[email protected] None 0 30.7 kB types
npm/@types/[email protected] None 0 3 kB types
npm/@types/[email protected] None 0 8.07 kB types
npm/@types/[email protected] None 0 745 kB types
npm/@typescript-eslint/[email protected] None 0 426 kB jameshenry
npm/@typescript-eslint/[email protected] None 0 988 kB jameshenry
npm/@typescript-eslint/[email protected] None 0 123 kB jameshenry
npm/@typescript-eslint/[email protected] environment, filesystem 0 474 kB jameshenry
npm/@typescript-eslint/[email protected] None 0 24.2 kB jameshenry
npm/[email protected] None 0 4.93 kB dubban
npm/[email protected] None 0 1.23 MB ljharb
npm/[email protected] None 0 14.7 kB ljharb
npm/[email protected] None 0 49.8 kB indutny
npm/[email protected] Transitive: environment +2 84.3 kB goto-bus-stop
npm/[email protected] None +1 54.1 kB kaicataldo
npm/[email protected] None 0 99.8 kB fanatid
npm/[email protected] None +2 42.9 kB cwmma
npm/[email protected] None 0 6.45 kB cwmma
npm/[email protected] None 0 6.27 kB cwmma
npm/[email protected] None 0 3.68 kB cwmma
npm/[email protected] None +2 25.5 kB cwmma
npm/[email protected] None 0 192 kB dignifiedquire
npm/[email protected] None 0 3.1 kB sindresorhus
npm/[email protected] None 0 4.83 kB dcousens
npm/[email protected] network 0 4.5 kB bendrucker
npm/[email protected] None 0 7.83 kB limulus
npm/[email protected] None 0 8.54 kB samverschueren
npm/[email protected] None 0 3.87 kB iansu
npm/[email protected] None 0 10.3 kB goto-bus-stop
npm/[email protected] None 0 7.46 kB juliangruber
npm/[email protected] None 0 5.1 kB jonschlinkert
npm/[email protected] None 0 15 kB sindresorhus
npm/[email protected] None +1 105 kB cwmma
npm/[email protected] None 0 53.5 kB cwmma
npm/[email protected] None 0 2.96 kB sindresorhus
npm/[email protected] None +1 40.2 kB indutny
npm/[email protected] None 0 17.3 kB cwmma
npm/[email protected] None 0 16.8 kB bevryme
npm/[email protected] None 0 118 kB indutny
npm/[email protected] None 0 8.25 kB jfmengels
npm/[email protected] None 0 41 kB sokra
npm/[email protected] environment 0 8.47 kB sindresorhus
npm/[email protected] None 0 24.4 kB jfmengels
npm/[email protected] None 0 21.9 kB sindresorhus
npm/[email protected] environment +3 114 kB sindresorhus
npm/[email protected] None 0 6.8 kB ljharb
npm/[email protected] filesystem 0 25.5 kB ljharb
npm/[email protected] None 0 25 kB ljharb
npm/[email protected] None 0 68.4 kB novemberborn
npm/[email protected] None 0 158 kB mysticatea
npm/[email protected] None 0 41.8 kB mysticatea
npm/[email protected] environment, filesystem, unsafe +1 994 kB ljharb
npm/[email protected] None 0 11.9 kB dustinspecker
npm/[email protected] filesystem 0 269 kB mysticatea
npm/[email protected] None 0 51.4 kB bpscott
npm/[email protected] None 0 40.2 kB xjamundx
npm/[email protected] None +3 356 kB sindresorhus
npm/[email protected] None 0 128 kB stefanbuck
npm/[email protected] None 0 41.3 kB futpib
npm/[email protected] None 0 20.1 kB twada
npm/[email protected] None 0 77.6 kB goto-bus-stop
npm/[email protected] filesystem 0 5.27 kB jsdnxx
npm/[email protected] None 0 3.5 kB dustinspecker
npm/[email protected] None 0 17.6 kB nickfitzgerald
npm/[email protected] None 0 6.08 kB fanatid
npm/[email protected] None 0 41.7 kB indutny
npm/[email protected] None 0 25 kB indutny
npm/[email protected] network 0 2.79 kB feross
npm/[email protected] filesystem 0 4.53 kB sindresorhus
npm/[email protected] None 0 14.9 kB phated
npm/[email protected] None 0 8.55 kB jonschlinkert
npm/[email protected] filesystem 0 3.15 kB sindresorhus
npm/[email protected] None 0 5.2 kB dustinspecker
npm/[email protected] None 0 2.79 kB dustinspecker
npm/[email protected] None 0 6.01 kB jonschlinkert
npm/[email protected] None 0 3.2 kB dustinspecker
npm/[email protected] None 0 9.04 kB dustinspecker
npm/[email protected] None 0 6.59 kB jonschlinkert
npm/[email protected] None 0 15.7 kB ljharb
npm/[email protected] None 0 6.51 kB jonschlinkert
npm/[email protected] environment, filesystem 0 3.76 kB sindresorhus
npm/[email protected] None 0 2.66 kB sindresorhus
npm/[email protected] None +1 29.9 kB sindresorhus
npm/[email protected] None 0 26.5 kB jdalton
npm/[email protected] None 0 12.9 kB jdalton
npm/[email protected] None 0 7.67 kB cwmma
npm/[email protected] None 0 24.8 kB sokra
npm/[email protected] None 0 13.7 kB stroncium
npm/[email protected] None 0 6.84 kB indutny
npm/[email protected] None 0 4.76 kB indutny
npm/[email protected] None 0 16.4 kB korynunn
npm/[email protected] network, unsafe +2 297 kB sokra
npm/[email protected] None 0 8.03 kB dustinspecker
npm/[email protected] None 0 20.1 kB ljharb
npm/[email protected] None 0 7.25 kB sindresorhus
npm/[email protected] environment, filesystem, shell 0 40.8 kB sindresorhus
npm/[email protected] None 0 2.74 kB coderpuppy
npm/[email protected] None 0 6.14 kB sindresorhus
npm/[email protected] None 0 788 kB vitaly
npm/[email protected] None 0 27 kB goto-bus-stop
npm/[email protected] None 0 6.26 kB es128
npm/[email protected] None 0 13.4 kB cwmma

🚮 Removed packages: npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@titanism @snyk-bot