Skip to content

Comments

[Snyk] Security upgrade next from 15.4.7 to 15.4.10#272

Merged
Dargon789 merged 1 commit intomasterfrom
snyk-fix-75a1032a2259849bdc6ec3de0d5b3afc
Feb 7, 2026
Merged

[Snyk] Security upgrade next from 15.4.7 to 15.4.10#272
Dargon789 merged 1 commit intomasterfrom
snyk-fix-75a1032a2259849bdc6ec3de0d5b3afc

Conversation

@Dargon789
Copy link
Owner

@Dargon789 Dargon789 commented Feb 4, 2026

snyk-top-banner

Snyk has created this PR to fix 3 vulnerabilities in the pnpm dependencies of this project.

Snyk changed the following file(s):

  • extras/web/package.json
⚠️ Warning 
Failed to update the pnpm-lock.yaml, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

Issue
critical severity Arbitrary Code Injection
SNYK-JS-NEXT-14173355
high severity Deserialization of Untrusted Data
SNYK-JS-NEXT-14400636
medium severity Exposure of Sensitive System Information to an Unauthorized Control Sphere
SNYK-JS-NEXT-14400644

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Arbitrary Code Injection

@codesandbox
Copy link

codesandbox bot commented Feb 4, 2026

Review or Edit in CodeSandbox

Open the branch in Web EditorVS CodeInsiders

Open Preview

@bolt-new-by-stackblitz
Copy link

bolt-new-by-stackblitz bot commented Feb 4, 2026

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

@vercel
Copy link

vercel bot commented Feb 4, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
sequence-js-docs Ready Ready Preview, Comment Feb 4, 2026 1:56am
sequence-js-web Ready Ready Preview, Comment Feb 4, 2026 1:56am

@gemini-code-assist
Copy link

gemini-code-assist bot commented Feb 4, 2026

Note

Gemini is unable to generate a summary for this pull request due to the file types involved not being currently supported.

@vercel

This comment was marked as resolved.

Sign in to view
@snyk-io
Copy link

snyk-io bot commented Feb 4, 2026

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@Dargon789 Dargon789 merged commit 8ea8799 into master Feb 7, 2026
10 of 14 checks passed
@Dargon789 Dargon789 deleted the snyk-fix-75a1032a2259849bdc6ec3de0d5b3afc branch February 7, 2026 11:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

web3-Defi-Gamefi
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Dargon789 @snyk-bot