[Snyk] Upgrade @testing-library/jest-dom from 5.16.2 to 5.17.0

[snyk-io]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade @testing-library/jest-dom from 5.16.2 to 5.17.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 4 versions ahead of your current version.

• The recommended version was released 10 months ago, on 2023-07-18.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	159/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00224, Social Trends: No, Days since published: 539, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.65, Score Version: V5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @testing-library/jest-dom

• 5.17.0 - 2023-07-18
  

  5.17.0 (2023-07-18)

  Features

  • New toHaveAccessibleErrorMessage better implementing the spec, deprecate toHaveErrorMessage (#503) (d717c66)
• 5.16.5 - 2022-08-04
  

  5.16.5 (2022-08-04)

  Bug Fixes

  • migrate ccs v3 to @ adobe/css-tools v4 (#470) (948d90f)
• 5.16.4 - 2022-04-05
  

  5.16.4 (2022-04-05)

  Bug Fixes

  • Support unenclosed inner text for details elements in to be visible (#396) (af18453)
• 5.16.3 - 2022-03-24
  

  5.16.3 (2022-03-24)

  Bug Fixes

  • clarify toHaveFocus message when using .not (#447) (6988a67)
• 5.16.2 - 2022-02-03
  

  5.16.2 (2022-02-03)

  Bug Fixes

  • add custom element support to toBeDisabled (#368) (8162115)

from @testing-library/jest-dom GitHub release notes

Commit messages

Package name: @testing-library/jest-dom

• d717c66 feat: New `toHaveAccessibleErrorMessage` better implementing the spec, deprecate `toHaveErrorMessage` (#503)
• 948d90f fix: migrate ccs v3 to @ adobe/css-tools v4 (Bump webpack from 5.72.1 to 5.91.0 in /vuejs/vuejs docker/awesome-compose#470)
• af18453 fix: Support unenclosed inner text for details elements in to be visible (HackoktoberFest Label docker/awesome-compose#396)
• 6988a67 fix: clarify toHaveFocus message when using `.not` (Bump webpack from 5.70.0 to 5.91.0 in /react-rust-postgres/frontend docker/awesome-compose#447)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@ampproject/remapping@2.3.0	None	0	78.9 kB	jridgewell
npm/@babel/code-frame@7.24.2	environment	+1	29.8 kB	nicolo-ribaudo
npm/@babel/compat-data@7.24.4	None	0	65.2 kB	nicolo-ribaudo
npm/@babel/core@7.24.5	environment, filesystem, unsafe	+2	879 kB	nicolo-ribaudo
npm/@babel/generator@7.24.5	None	+1	525 kB	nicolo-ribaudo
npm/@babel/helper-compilation-targets@7.23.6	None	+2	82.5 kB	nicolo-ribaudo
npm/@babel/helper-create-class-features-plugin@7.17.9	None	+3	69.2 kB	nicolo-ribaudo
npm/@babel/helper-environment-visitor@7.22.20	None	0	6.56 kB	nicolo-ribaudo
npm/@babel/helper-function-name@7.23.0	None	0	21.6 kB	nicolo-ribaudo
npm/@babel/helper-hoist-variables@7.22.5	None	0	7.03 kB	nicolo-ribaudo
npm/@babel/helper-member-expression-to-functions@7.17.7	None	0	50.5 kB	nicolo-ribaudo
npm/@babel/helper-module-imports@7.24.3	None	0	63.8 kB	nicolo-ribaudo
npm/@babel/helper-module-transforms@7.24.5	None	0	158 kB	nicolo-ribaudo
npm/@babel/helper-simple-access@7.24.5	None	0	14.1 kB	nicolo-ribaudo
npm/@babel/helper-split-export-declaration@7.24.5	None	0	10.7 kB	nicolo-ribaudo
npm/@babel/helper-validator-identifier@7.24.5	None	0	49.2 kB	nicolo-ribaudo
npm/@babel/helper-validator-option@7.23.5	None	0	11.7 kB	nicolo-ribaudo
npm/@babel/helpers@7.24.5	None	0	650 kB	nicolo-ribaudo
npm/@babel/highlight@7.24.5	environment	+2	41 kB	nicolo-ribaudo
npm/@babel/parser@7.24.5	None	0	1.89 MB	nicolo-ribaudo
npm/@babel/runtime@7.17.9	None	+1	200 kB	nicolo-ribaudo
npm/@babel/template@7.24.0	None	0	68.9 kB	nicolo-ribaudo
npm/@babel/traverse@7.24.5	None	+1	658 kB	nicolo-ribaudo
npm/@babel/types@7.24.5	environment	+1	2.42 MB	nicolo-ribaudo
npm/@jridgewell/gen-mapping@0.3.5	None	+1	116 kB	jridgewell
npm/@jridgewell/resolve-uri@3.1.2	None	0	53.2 kB	jridgewell
npm/@jridgewell/set-array@1.2.1	None	0	17.9 kB	jridgewell
npm/@jridgewell/trace-mapping@0.3.25	None	+1	215 kB	jridgewell
npm/@sindresorhus/is@0.14.0	None	0	40.2 kB	sindresorhus
npm/@szmarczak/http-timer@1.1.2	None	0	6.3 kB	szmarczak
npm/@types/chai@4.2.11	None	0	79 kB	types
npm/@types/cookiejar@2.1.1	None	0	7.2 kB	types
npm/@types/json-schema@7.0.11	None	0	32.2 kB	types
npm/@types/node@12.12.31	None	0	690 kB	types
npm/@types/superagent@3.8.7	None	0	10.6 kB	types
npm/@ungap/promise-all-settled@1.1.2	None	0	4.88 kB	webreflection
npm/@vue/cli-plugin-babel@5.0.4	environment Transitive: filesystem, network, shell, unsafe	+198	10.2 MB	soda
npm/@vue/cli-plugin-eslint@5.0.4	environment, filesystem Transitive: network, shell, unsafe	+88	8.08 MB	soda
npm/@vue/cli-service@5.0.4	environment, filesystem Transitive: eval, network, shell, unsafe	+350	28.3 MB	soda
npm/@vue/component-compiler-utils@3.3.0	environment Transitive: eval, filesystem, unsafe	+11	19.5 MB	soda
npm/abbrev@1.1.1	None	0	4.78 kB	isaacs
npm/accepts@1.3.7	None	0	16.6 kB	dougwilson
npm/acorn-walk@8.2.0	None	0	42.8 kB	marijn
npm/acorn@8.7.1	None	0	466 kB	marijn
npm/ansi-align@3.0.1	None	0	7.68 kB	nexdrew
npm/ansi-colors@4.1.1	environment	0	24.4 kB	jonschlinkert
npm/ansicolors@0.3.2	None	0	7.46 kB	thlorenz
npm/anymatch@3.1.1	None	0	9.44 kB	paulmillr
npm/assertion-error@1.1.0	None	0	5.64 kB	chaijs
npm/balanced-match@1.0.0	None	0	6.7 kB	juliangruber
npm/basic-auth@2.0.1	None	0	8.89 kB	dougwilson
npm/binary-extensions@2.0.0	None	0	5.07 kB	sindresorhus
npm/body-parser@1.19.0	network	0	56.4 kB	dougwilson
npm/boxen@4.2.0	None	0	12.7 kB	sindresorhus
npm/browser-stdout@1.3.1	None	0	2.3 kB	kumavis
npm/browserslist@4.23.0	environment, filesystem	+1	2.12 MB	ai
npm/bytes@3.1.0	None	0	11 kB	dougwilson
npm/cacheable-request@6.1.0	network	+2	31.9 kB	lukechilds
npm/caniuse-lite@1.0.30001341	None	0	1.53 MB	caniuse-lite
npm/cardinal@2.1.1	filesystem	0	66 kB	thlorenz
npm/chai-http@4.3.0	network	0	200 kB	chaijs
npm/chai@4.2.0	None	0	735 kB	chaijs
npm/check-error@1.0.2	None	0	20.2 kB	chaijs
npm/chokidar@3.3.0	environment, filesystem	0	87.9 kB	paulmillr
npm/ci-info@2.0.0	environment	0	12.8 kB	watson
npm/ci@2.2.0	None	0	4.76 kB	hirokiosame
npm/cli-boxes@2.2.0	None	0	5.69 kB	sindresorhus
npm/clone-response@1.0.2	None	0	4.61 kB	lukechilds
npm/colorette@1.2.1	None	0	11.8 kB	jorgebucaran
npm/component-emitter@1.3.0	None	0	8 kB	nami-doc
npm/configstore@5.0.1	None	0	7.61 kB	sindresorhus
npm/content-disposition@0.5.3	None	0	19.1 kB	dougwilson
npm/convert-source-map@2.0.0	None	0	15.9 kB	phated
npm/cookie@0.4.0	None	0	17.9 kB	dougwilson
npm/cookiejar@2.1.2	None	0	14.4 kB	andyburke
npm/core-js-compat@3.22.5	None	+1	603 kB	zloirock
npm/core-js@3.22.5	environment, eval, filesystem	0	986 kB	zloirock
npm/core-util-is@1.0.2	None	0	23.2 kB	isaacs
npm/cross-env@7.0.2	environment	0	27.4 kB	kentcdodds
npm/cross-spawn@7.0.1	environment, filesystem, shell	0	20.5 kB	satazor
npm/cssnano@5.1.7	Transitive: environment, filesystem, shell	+46	2.83 MB	ludovicofischer
npm/debug@4.3.4	environment	0	42.4 kB	qix
npm/decamelize@4.0.0	None	0	4 kB	sindresorhus
npm/decompress-response@3.3.0	None	0	3.54 kB	sindresorhus
npm/deep-eql@3.0.1	None	0	54 kB	chaijs
npm/deep-extend@0.6.0	None	0	9.19 kB	unclechu
npm/defer-to-connect@1.1.3	network	0	5.45 kB	szmarczak
npm/denque@1.4.1	None	0	23.6 kB	salakar
npm/diff@5.0.0	None	0	369 kB	kpdecker
npm/domelementtype@2.3.0	None	0	11.4 kB	feedic
npm/domhandler@4.3.1	None	0	44.6 kB	feedic
npm/dot-prop@5.2.0	None	0	9.42 kB	sindresorhus
npm/duplexer3@0.1.4	None	0	6.43 kB	floatdrop
npm/electron-to-chromium@1.4.774	None	0	290 kB	kilianvalkhof
npm/escape-goat@2.1.1	None	0	6.28 kB	sindresorhus
npm/eslint-plugin-vue@7.20.0	filesystem, unsafe	+7	3.51 MB	ota-meshi
npm/eslint@7.32.0	filesystem Transitive: environment, eval, unsafe	+54	7.91 MB	eslintbot
npm/esm@3.2.25	eval, filesystem, unsafe	0	309 kB	jdalton
npm/espree@7.3.1	None	+1	1.28 MB	eslintbot
npm/express@4.17.1	environment, filesystem, network	0	208 kB	dougwilson
npm/extend@3.0.2	None	0	23.5 kB	ljharb
npm/flat@5.0.2	None	0	26.6 kB	timoxley
npm/form-data@2.5.1	filesystem, network	0	41.3 kB	alexindigo
npm/formidable@1.2.2	filesystem	0	85.1 kB	tunnckocore
npm/forwarded@0.1.2	None	0	5.55 kB	dougwilson
npm/fsevents@2.1.2	None	0	44.8 kB	paulmillr
npm/generate-function@2.3.1	eval	0	9.04 kB	mafintosh
npm/get-func-name@2.0.0	None	0	9.83 kB	chaijs
npm/graceful-fs@4.2.10	environment, filesystem	0	32.5 kB	isaacs
npm/jest-worker@27.5.1	environment, shell	+4	1.78 MB	simenb
npm/json-parse-even-better-errors@2.3.1	None	0	10.4 kB	isaacs
npm/json5@2.2.3	None	0	235 kB	jordanbtucker
npm/launch-editor@2.3.0	environment, filesystem, shell	+2	38.9 kB	soda
npm/loader-runner@4.3.0	eval, filesystem	0	18.4 kB	sokra
npm/lodash@4.17.21	None	0	1.41 MB	bnjmnt4n
npm/make-dir@3.1.0	filesystem	0	10 kB	sindresorhus
npm/merge2@1.4.1	None	0	8.9 kB	zensh
npm/micromatch@4.0.5	None	0	55.9 kB	jonschlinkert
npm/mime-db@1.52.0	None	0	206 kB	dougwilson
npm/mime-types@2.1.35	None	0	18.3 kB	dougwilson
npm/minimatch@3.1.2	None	+3	57.8 kB	isaacs
npm/minimist@1.2.6	None	0	33.2 kB	substack
npm/ms@2.1.2	None	0	6.84 kB	styfle
npm/node-releases@2.0.14	None	0	34 kB	chicoxyzzy
npm/normalize-path@3.0.0	None	0	9.22 kB	jonschlinkert
npm/nth-check@2.0.1	None	+1	15.3 kB	feedic
npm/obuf@1.1.2	None	0	19.1 kB	indutny
npm/once@1.4.0	None	+1	7.01 kB	isaacs
npm/onetime@5.1.2	None	+1	10.6 kB	sindresorhus
npm/open@8.4.0	environment, filesystem, shell	+1	50.8 kB	sindresorhus
npm/parseurl@1.3.3	None	0	10.3 kB	dougwilson
npm/path-key@3.1.1	None	0	4.55 kB	sindresorhus
npm/picomatch@2.3.1	None	0	90 kB	mrmlnc
npm/postcss-selector-parser@6.0.10	None	+1	201 kB	evilebottnawi
npm/postcss-value-parser@4.2.0	None	0	27.2 kB	evilebottnawi
npm/postcss@8.4.13	environment, filesystem	+3	362 kB	ai
npm/range-parser@1.2.1	None	0	8.46 kB	dougwilson
npm/read-pkg@5.2.0	filesystem	+13	182 kB	sindresorhus
npm/readable-stream@3.6.0	environment	+1	137 kB	matteo.collina
npm/resolve@1.22.0	environment, filesystem	+5	212 kB	ljharb
npm/set-value@4.0.1	None	+2	35.1 kB	jonschlinkert
npm/signal-exit@3.0.7	None	0	9.96 kB	isaacs
npm/source-map@0.6.1	None	0	805 kB	tromey
npm/string-width@4.2.3	None	+1	53.4 kB	sindresorhus
npm/strip-ansi@6.0.1	None	0	4.03 kB	sindresorhus
npm/strip-json-comments@3.1.1	None	0	6.96 kB	sindresorhus
npm/tapable@2.2.1	None	0	46.9 kB	sokra
npm/terser-webpack-plugin@5.3.1	Transitive: environment, filesystem, network, unsafe	+31	6.17 MB	evilebottnawi
npm/terser@5.13.1	environment, eval Transitive: filesystem, shell	+9	2.91 MB	fabiosantoscode
npm/type-check@0.4.0	None	+1	57.9 kB	gkz
npm/unpipe@1.0.0	None	0	4.31 kB	dougwilson
npm/util-deprecate@1.0.2	None	0	5.48 kB	tootallnate
npm/vue-style-loader@4.1.3	environment	0	27.4 kB	soda
npm/vue-template-compiler@2.6.14	environment, eval	+1	418 kB	posva
npm/vue@2.6.14	environment	0	2.97 MB	posva
npm/wbuf@1.7.3	None	+1	22.4 kB	indutny
npm/websocket-driver@0.7.4	network	+2	148 kB	jcoglan
npm/yaml@1.10.2	environment	0	448 kB	eemeli

🚮 Removed packages: npm/@ampproject/remapping@2.1.2, npm/@apideck/better-ajv-errors@0.3.3, npm/@babel/code-frame@7.16.7, npm/@babel/compat-data@7.17.0, npm/@babel/core@7.17.5, npm/@babel/generator@7.17.3, npm/@babel/helper-compilation-targets@7.16.7, npm/@babel/helper-create-class-features-plugin@7.17.6, npm/@babel/helper-environment-visitor@7.16.7, npm/@babel/helper-function-name@7.16.7, npm/@babel/helper-get-function-arity@7.16.7, npm/@babel/helper-hoist-variables@7.16.7, npm/@babel/helper-member-expression-to-functions@7.16.7, npm/@babel/helper-module-imports@7.16.7, npm/@babel/helper-module-transforms@7.17.6, npm/@babel/helper-simple-access@7.16.7, npm/@babel/helper-split-export-declaration@7.16.7, npm/@babel/helper-validator-identifier@7.16.7, npm/@babel/helper-validator-option@7.16.7, npm/@babel/helpers@7.17.2, npm/@babel/highlight@7.16.10, npm/@babel/parser@7.17.3, npm/@babel/plugin-proposal-decorators@7.17.2, npm/@babel/plugin-syntax-bigint@7.8.3, npm/@babel/plugin-syntax-flow@7.16.7, npm/@babel/plugin-syntax-import-meta@7.10.4, npm/@babel/plugin-syntax-typescript@7.16.7, npm/@babel/plugin-transform-destructuring@7.17.3, npm/@babel/plugin-transform-flow-strip-types@7.16.7, npm/@babel/plugin-transform-modules-commonjs@7.16.8, npm/@babel/plugin-transform-modules-systemjs@7.16.7, npm/@babel/plugin-transform-named-capturing-groups-regex@7.16.8, npm/@babel/plugin-transform-react-constant-elements@7.17.6, npm/@babel/plugin-transform-react-display-name@7.16.7, npm/@babel/plugin-transform-react-jsx-development@7.16.7, npm/@babel/plugin-transform-react-jsx@7.17.3, npm/@babel/plugin-transform-react-pure-annotations@7.16.7, npm/@babel/plugin-transform-regenerator@7.16.7, npm/@babel/plugin-transform-runtime@7.17.0, npm/@babel/plugin-transform-typescript@7.16.8, npm/@babel/preset-env@7.16.11, npm/@babel/preset-react@7.16.7, npm/@babel/preset-typescript@7.16.7, npm/@babel/runtime-corejs3@7.9.2, npm/@babel/runtime@7.9.2, npm/@babel/template@7.16.7, npm/@babel/traverse@7.17.3, npm/@babel/types@7.17.0, npm/@bcoe/v8-coverage@0.2.3, npm/@csstools/normalize.css@12.0.0, npm/@csstools/postcss-color-function@1.0.3, npm/@csstools/postcss-font-format-keywords@1.0.0, npm/@csstools/postcss-hwb-function@1.0.0, npm/@csstools/postcss-ic-unit@1.0.0, npm/@csstools/postcss-is-pseudo-class@2.0.1, npm/@csstools/postcss-normalize-display-values@1.0.0, npm/@csstools/postcss-oklab-function@1.0.2, npm/@csstools/postcss-progressive-custom-properties@1.3.0, npm/@eslint/eslintrc@1.2.1, npm/@humanwhocodes/config-array@0.9.5, npm/@istanbuljs/load-nyc-config@1.1.0, npm/@istanbuljs/schema@0.1.3, npm/@jest/console@27.5.1, npm/@jest/core@27.5.1, npm/@jest/environment@27.5.1, npm/@jest/fake-timers@27.5.1, npm/@jest/globals@27.5.1, npm/@jest/reporters@27.5.1, npm/@jest/source-map@27.5.1, npm/@jest/test-result@27.5.1, npm/@jest/test-sequencer@27.5.1, npm/@jest/transform@27.5.1, npm/@jest/types@24.9.0, npm/@jridgewell/resolve-uri@3.0.5, npm/@jridgewell/sourcemap-codec@1.4.11, npm/@jridgewell/trace-mapping@0.3.4, npm/@pmmmwh/react-refresh-webpack-plugin@0.5.4, npm/@rollup/plugin-babel@5.3.1, npm/@rollup/plugin-node-resolve@11.2.1, npm/@rollup/plugin-replace@2.4.2, npm/@rollup/pluginutils@3.1.0, npm/@rushstack/eslint-patch@1.1.0, npm/@sheerun/mutationobserver-shim@0.3.3, npm/@sinonjs/commons@1.8.3, npm/@sinonjs/fake-timers@8.1.0, npm/@surma/rollup-plugin-off-main-thread@2.2.3, npm/@svgr/babel-plugin-add-jsx-attribute@5.4.0, npm/@svgr/babel-plugin-remove-jsx-attribute@5.4.0, npm/@svgr/babel-plugin-remove-jsx-empty-expression@5.0.1, npm/@svgr/babel-plugin-replace-jsx-attribute-value@5.0.1, npm/@svgr/babel-plugin-svg-dynamic-title@5.4.0, npm/@svgr/babel-plugin-svg-em-dimensions@5.4.0, npm/@svgr/babel-plugin-transform-react-native-svg@5.4.0, npm/@svgr/babel-plugin-transform-svg-component@5.5.0, npm/@svgr/babel-preset@5.5.0, npm/@svgr/core@5.5.0, npm/@svgr/hast-util-to-babel-ast@5.5.0, npm/@svgr/plugin-jsx@5.5.0, npm/@svgr/plugin-svgo@5.5.0, npm/@svgr/webpack@5.5.0, npm/@testing-library/dom@6.16.0, npm/@testing-library/jest-dom@5.16.2, npm/@testing-library/react@9.5.0, npm/@testing-library/user-event@7.2.1, npm/@tootallnate/once@1.1.2, npm/@types/babel__core@7.1.18, npm/@types/babel__generator@7.6.4, npm/@types/babel__template@7.4.1, npm/@types/babel__traverse@7.14.2, npm/@types/graceful-fs@4.1.5, npm/@types/http-proxy@1.17.4, npm/@types/istanbul-lib-coverage@2.0.1, npm/@types/istanbul-lib-report@3.0.0, npm/@types/istanbul-reports@1.1.1, npm/@types/jest@27.4.1, npm/@types/json-schema@7.0.9, npm/@types/json5@0.0.29, npm/@types/node@13.9.3, npm/@types/prettier@2.4.4, npm/@types/prop-types@15.7.3, npm/@types/q@1.5.5, npm/@types/react-dom@16.9.5, npm/@types/react@16.9.25, npm/@types/resolve@1.17.1, npm/@types/retry@0.12.1, npm/@types/stack-utils@2.0.1, npm/@types/testing-library__dom@6.14.0, npm/@types/testing-library__jest-dom@5.14.3, npm/@types/testing-library__react@9.1.3, npm/@types/trusted-types@2.0.2, npm/@types/yargs-parser@15.0.0, npm/@types/yargs@13.0.8, npm/@typescript-eslint/eslint-plugin@5.14.0, npm/@typescript-eslint/experimental-utils@5.14.0, npm/@typescript-eslint/parser@5.14.0, npm/@typescript-eslint/scope-manager@5.14.0, npm/@typescript-eslint/type-utils@5.14.0, npm/@typescript-eslint/types@5.14.0, npm/@typescript-eslint/typescript-estree@5.14.0, npm/@typescript-eslint/utils@5.14.0, npm/@typescript-eslint/visitor-keys@5.14.0, npm/abab@2.0.5, npm/acorn-globals@6.0.0, npm/acorn-node@1.8.2, npm/acorn-walk@7.2.0, npm/acorn@8.7.0, npm/address@1.1.2, npm/adjust-sourcemap-loader@4.0.0, npm/agent-base@6.0.2, npm/aggregate-error@3.1.0, npm/ansi-escapes@4.3.2, npm/arg@5.0.1, npm/aria-query@5.0.0, npm/array-includes@3.1.4, npm/array.prototype.flat@1.2.5, npm/array.prototype.flatmap@1.2.5, npm/asap@2.0.6, npm/ast-types-flow@0.0.7, npm/atob@2.1.2, npm/autoprefixer@10.4.2, npm/axe-core@4.4.1, npm/axobject-query@2.2.0, npm/babel-jest@27.5.1, npm/babel-loader@8.2.3, npm/babel-plugin-istanbul@6.1.1, npm/babel-plugin-jest-hoist@27.5.1, npm/babel-plugin-macros@3.1.0, npm/babel-plugin-named-asset-import@0.3.8, npm/babel-plugin-transform-react-remove-prop-types@0.4.24, npm/babel-preset-current-node-syntax@1.0.1, npm/babel-preset-jest@27.5.1, npm/babel-preset-react-app@10.0.1, npm/bfj@7.0.2, npm/body-parser@1.19.2, npm/bonjour@3.5.0, npm/browser-process-hrtime@1.0.0, npm/browserslist@4.20.0, npm/bser@2.1.1, npm/buffer-indexof@1.1.1, npm/builtin-modules@3.2.0, npm/camelcase-css@2.0.1, npm/caniuse-lite@1.0.30001314, npm/char-regex@1.0.2, npm/check-types@11.1.2, npm/ci-info@3.3.0, npm/cjs-module-lexer@1.2.2, npm/clean-css@5.2.4, npm/clean-stack@2.2.0, npm/co@4.6.0, npm/coa@2.0.2, npm/collect-v8-coverage@1.0.1, npm/common-path-prefix@3.0.0, npm/common-tags@1.8.2, npm/confusing-browser-globals@1.0.11, npm/convert-source-map@1.8.0, npm/cookie@0.4.2, npm/core-js-compat@3.21.1, npm/core-js-pure@3.6.4, npm/core-js@3.21.1, npm/css-blank-pseudo@3.0.3, npm/css-declaration-sorter@6.1.4, npm/css-has-pseudo@3.0.4, npm/css-prefers-color-scheme@6.0.3, npm/css-select-base-adapter@0.1.1, npm/css-select@2.1.0, npm/css-tree@1.0.0-alpha.37, npm/css-what@3.4.2, npm/css.escape@1.5.1, npm/css@3.0.0, npm/cssdb@6.4.1, npm/cssnano-preset-default@5.2.3, npm/cssnano@5.1.3, npm/cssom@0.4.4, npm/cssstyle@2.3.0, npm/csstype@2.6.9, npm/damerau-levenshtein@1.0.8, npm/data-urls@2.0.0, npm/debug@4.3.3, npm/decimal.js@10.3.1, npm/decode-uri-component@0.2.0, npm/dedent@0.7.0, npm/deep-equal@1.1.1, npm/deepmerge@4.2.2, npm/define-properties@1.1.3, npm/defined@1.0.0, npm/del@6.0.0, npm/detect-newline@3.1.0, npm/detect-port-alt@1.1.6, npm/detective@5.2.0, npm/didyoumean@1.2.2, npm/diff-sequences@27.5.1, npm/dlv@1.1.3, npm/dns-packet@1.3.4, npm/dns-txt@2.0.2, npm/dom-accessibility-api@0.3.0, npm/dom-serializer@0.2.2, npm/domelementtype@1.3.1, npm/domexception@2.0.1, npm/domhandler@4.3.0, npm/domutils@1.7.0, npm/ejs@3.1.8, npm/electron-to-chromium@1.4.82, npm/emittery@0.8.1, npm/emoji-regex@9.2.2, npm/enhanced-resolve@5.9.2, npm/es-abstract@1.19.1, npm/es-to-primitive@1.2.1, npm/escodegen@2.0.0, npm/eslint-config-react-app@7.0.0, npm/eslint-import-resolver-node@0.3.6, npm/eslint-module-utils@2.7.3, npm/eslint-plugin-flowtype@8.0.3, npm/eslint-plugin-import@2.25.4, npm/eslint-plugin-jest@25.7.0, npm/eslint-plugin-jsx-a11y@6.5.1, npm/eslint-plugin-react-hooks@4.3.0, npm/eslint-plugin-react@7.29.3, npm/eslint-plugin-testing-library@5.0.6, npm/eslint-scope@7.1.1, npm/eslint-utils@3.0.0, npm/eslint-visitor-keys@3.3.0, npm/eslint@8.11.0, npm/espree@9.3.1, npm/estree-walker@1.0.1, npm/exit@0.1.2, npm/expect@27.5.1, npm/express@4.17.3, npm/fb-watchman@2.0.1, npm/file-loader@6.2.0, npm/filelist@1.0.4, npm/filesize@8.0.7, npm/follow-redirects@1.14.9, npm/fork-ts-checker-webpack-plugin@6.5.0, npm/form-data@3.0.1, npm/fs-extra@10.0.1, npm/get-own-enumerable-property-symbols@3.0.2, npm/get-package-type@0.1.0, npm/get-symbol-description@1.0.0, npm/glob-parent@6.0.2, npm/glob@7.2.0, npm/global-modules@2.0.0, npm/global-prefix@3.0.0, npm/graceful-fs@4.2.9, npm/harmony-reflect@1.6.2, npm/has-bigints@1.0.1, npm/has-tostringtag@1.0.0, npm/hoopy@0.1.4, npm/html-encoding-sniffer@2.0.1, npm/html-entities@2.3.2, npm/html-escaper@2.0.2, npm/http-errors@1.8.1, npm/http-proxy-agent@4.0.1, npm/http-proxy-middleware@1.0.3, npm/https-proxy-agent@5.0.0, npm/idb@6.1.5, npm/identity-obj-proxy@3.0.0, npm/immer@9.0.12, npm/import-local@3.1.0, npm/indent-string@4.0.0, npm/ini@1.3.8, npm/internal-slot@1.0.3, npm/ip@1.1.5, npm/is-arguments@1.1.1, npm/is-bigint@1.0.4, npm/is-boolean-object@1.1.2, npm/is-callable@1.2.4, npm/is-core-module@2.8.1, npm/is-date-object@1.0.5, npm/is-generator-fn@2.1.0, npm/is-glob@4.0.1, npm/is-module@1.0.0, npm/is-negative-zero@2.0.2, npm/is-number-object@1.0.6, npm/is-obj@1.0.1, npm/is-path-cwd@2.2.0, npm/is-path-inside@3.0.3, npm/is-potential-custom-element-name@1.0.1, npm/is-regex@1.1.4, npm/is-regexp@1.0.0, npm/is-root@2.1.0, npm/is-shared-array-buffer@1.0.1, npm/is-string@1.0.7, npm/is-symbol@1.0.4, npm/is-typedarray@1.0.0, npm/is-weakref@1.0.2, npm/istanbul-lib-coverage@3.2.0, npm/istanbul-lib-instrument@5.1.0, npm/istanbul-lib-report@3.0.0, npm/istanbul-lib-source-maps@4.0.1, npm/istanbul-reports@3.1.4, npm/jake@10.8.5, npm/jest-changed-files@27.5.1, npm/jest-circus@27.5.1, npm/jest-config@27.5.1, npm/jest-diff@27.5.1, npm/jest-docblock@27.5.1, npm/jest-each@27.5.1, npm/jest-environment-jsdom@27.5.1, npm/jest-environment-node@27.5.1, npm/jest-get-type@27.5.1, npm/jest-haste-map@27.5.1, npm/jest-jasmine2@27.5.1, npm/jest-leak-detector@27.5.1, npm/jest-matcher-utils@27.5.1, npm/jest-message-util@27.5.1, npm/jest-mock@27.5.1, npm/jest-pnp-resolver@1.2.2, npm/jest-regex-util@27.5.1, npm/jest-resolve-dependencies@27.5.1, npm/jest-resolve@27.5.1, npm/jest-runner@27.5.1, npm/jest-runtime@27.5.1, npm/jest-serializer@27.5.1, npm/jest-snapshot@27.5.1, npm/jest-util@27.5.1, npm/jest@27.5.1

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Install scripts	npm/yorkie@2.0.0	Install script: install Source: node bin/install.js	vuejs/vuejs/package.json

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/yorkie@2.0.0