-
Notifications
You must be signed in to change notification settings - Fork 3.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Snyk] Upgrade react-monaco-editor from 0.50.1 to 0.54.0 #11598
Conversation
Snyk has created this PR to upgrade react-monaco-editor from 0.50.1 to 0.54.0. See this package in npm: See this project in Snyk: https://app.snyk.io/org/sarabala1979/project/05009f53-cf59-41dc-9a3c-4db00251e16a?utm_source=github&utm_medium=referral&page=upgrade-pr
I think we'd still want to upgrade this dep. Going to need to manually fix two typing errors in the build though. I'd leave this open as a tracker until we have a superseding PR |
The build failure is unfortunately not resolvable. I left a comment on an open issue in There is another library, As such, just going to close this out as this upgrade is not needed and would require significant rework. |
Also the install warning on React The install warning on |
Not really sure why Snyk is mentioning these CVEs with regard to The So those CVEs seem unrelated. Maybe a Snyk bug. |
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade react-monaco-editor from 0.50.1 to 0.54.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-NODEFETCH-2342118
Why? CVSS 6.5
SNYK-JS-NODEFETCH-674311
Why? CVSS 6.5
(*) Note that the real score may have changed since the PR was raised.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs