[Snyk] Fix for 3 vulnerabilities

[ekmixon]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • community-modules/react/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	Yes	No Known Exploit
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @testing-library/jest-dom

The new version differs by 1 commits.

• 4b764b9 feat: local types, supporting jest, @ jest/globals, vitest ([Snyk] Security upgrade @vue/cli-service from 3.12.1 to 5.0.1 #511)

See the full diff

Package name: @typescript-eslint/eslint-plugin

The new version differs by 250 commits.

• 8894106 chore: publish v5.10.0
• 5046882 fix(type-utils): intersection types involving readonly arrays are now handled in most cases (fix(angular): zone aware ag-grid/ag-grid#4429)
• 39a6806 fix(type-utils): isTypeReadonly now handles conditional types (hideOverlay doesn't work anymore when model is updated or pagination changed ag-grid/ag-grid#4421)
• f4016c2 fix(eslint-plugin): [no-extra-semi] false negatives when used with eslint 8.3.0 (Ag-grid with pinned columns you cannot click and drag the vertical scroll bar while using Safari ag-grid/ag-grid#4458)
• 99ab193 fix(type-utils): union types always being marked as readonly (Fix small typo ag-grid/ag-grid#4419)
• ef3147c fix(type-utils): check IndexSignature internals when checking isTypeReadonly (custom cellRenderer doesn't work. getting error- Cannot read property 'wrap' of null ag-grid/ag-grid#4417)
• 3061ea9 chore: bump @ babel/types from 7.16.7 to 7.16.8 ( columnApi.getAllDisplayedColumnGroups() does not return ColumnGroup[] type for TypeScript ag-grid/ag-grid#4454)
• e56f1e5 fix(eslint-plugin): [no-invalid-this] crash when used with eslint 8.7.0 (RTL Charts Problem ag-grid/ag-grid#4448)
• ba3d3a3 chore: bump eslint-plugin-jest from 25.3.4 to 25.7.0 (Ctrl + v is pasting empty value / ctrl +c copying empty value ag-grid/ag-grid#4456)
• 04cb5d8 chore: bump ts-jest from 27.1.2 to 27.1.3 (Click event handler not triggering in react v17 ag-grid/ag-grid#4457)
• d8e296d chore: bump webpack from 5.65.0 to 5.66.0 (AG-3390 - removed unused code ag-grid/ag-grid#4455)
• d053cde fix(eslint-plugin): [explicit-function-return-type] support AllowTypedFunctionExpression within AllowHigherOrderFunction (Allow agLargeTextCellEditor to be readonly ag-grid/ag-grid#4250)
• 8a30108 chore: bump eslint-visitor-keys from 3.1.0 to 3.2.0 (Row borders missing in IE 11 ag-grid/ag-grid#4452)
• 377cbcf chore: bump rollup from 2.63.0 to 2.64.0 (start editing cell documentation is wrong ag-grid/ag-grid#4450)
• daf7990 chore: bump @ types/prettier from 2.4.2 to 2.4.3 (NotFoundError exception with integrated charts ag-grid/ag-grid#4451)
• 4cb46ff chore: bump downlevel-dts from 0.7.0 to 0.8.0 (ag-dnd-ghost problem in modals when dragging rows ag-grid/ag-grid#4447)
• ff05dd8 test(type-utils): fix incorrect utils import (Sort property is omitted from the column state in Ag grid ag-grid/ag-grid#4453)
• 95aea18 refactor(eslint-plugin): [restrict-plus-operands] add better error messages (SortChangedEvent do not have a source property indicating whether it's triggered by user or ColDefs update. ag-grid/ag-grid#4332)
• ea85dda test(type-utils): add basic tests for isTypeReadonly (changing the row height and onRowHeightChanged() is not working in ag grid version 25.1.0 ag-grid/ag-grid#4416)
• c8e650f fix(eslint-plugin): [no-magic-numbers] handle bigint in class props (Infinite Row Model - last row of page displays '?' when getting data from server but not from cache ag-grid/ag-grid#4411)
• 253bfa3 docs: fix typo in comment (AgGridReact 20.1.0 imports ag-grid-community instead of enterprise ag-grid/ag-grid#4445)
• 4bda6ec chore: bump shelljs from 0.8.4 to 0.8.5 (JAWS reads incorrect number of rows in table ag-grid/ag-grid#4442)
• 9eb0a5b chore: bump follow-redirects from 1.14.5 to 1.14.7 (Corrupted xlsx file when exporting aggrid content with an STX ASCII caracter ag-grid/ag-grid#4437)
• 1d55a75 feat: rename `experimental-utils` to `utils` and make `experimental-utils` an alias to the new package (Interaction with the table results in unresponsive pages ag-grid/ag-grid#4172)

See the full diff

Package name: babel-jest

The new version differs by 250 commits.

• be16e47 v27.0.0
• 63102ec chore: update changelog for release
• 564694a docs(blog): Jest 27 blog post (#11131)
• b68d91b feat(pretty-print): add option `printBasicPrototype` (#11441)
• 2226742 chore: minor simplify format results error (#11432)
• 78eb25d chore: remove needless assign (#11433)
• 696c455 chore: update lockfile after publish
• e2eb9ae v27.0.0-next.11
• 3b253f8 Wait for closed resources to actually close before detecting open handles (#11429)
• 27bee72 fix: run GC before collecting open handles (#11278)
• 50451df feat: use fallback if prettier not found (#11400)
• 150dbd8 chore: update lockfile after publish
• 6f44529 v27.0.0-next.10
• cbcec7d Upgrade fsevents in jest-haste-map (#11428)
• 9633a26 feat: support reporters written in ESM (#11427)
• 59f42d8 fix: do not cache modules that throw during evaluation (#11263)
• 57e32e9 Detect open handles with done callbacks (#11382)
• a397607 Document and test dontThrow for custom inline snapshot matchers (#10995)
• 4fa3a0b feat: custom haste (#11107)
• 2047a36 chore: bump deps (#11419)
• a4358d6 chore: run prettier on changelog
• bdd6282 Move all default values into `jest-config` (#9924)
• db643a1 Link to Jest config (#11106)
• b16082c Fix locale issue #10014 (#11412)

See the full diff

Package name: eslint-plugin-jest

The new version differs by 39 commits.

• 8befa12 chore(release): 25.0.4 [skip ci]
• afad49a fix: update `@ typescript-eslint/experimental-utils` to v5 (Row group expanded flag doesn't update the data ag-grid/ag-grid#941)
• b2ed605 chore(release): 25.0.3 [skip ci]
• bd2c33c fix(valid-expect-in-promise): support awaited promises in arguments ([Snyk] Fix for 1 vulnerabilities #936)
• d90a5dc chore(release): 25.0.2 [skip ci]
• 07d2137 fix(valid-expect-in-promise): support out of order awaits ([Snyk] Fix for 5 vulnerabilities #939)
• e731bce chore: add patches to git
• cbea1d6 refactor(valid-expect-in-promise): remove duplicate check ([Snyk] Fix for 5 vulnerabilities #938)
• c171942 chore(deps): lock file maintenance
• d47fd25 chore(deps): lock file maintenance
• 4a3caa4 chore(deps): lock file maintenance
• 1748063 chore(release): 25.0.1 [skip ci]
• cb87458 fix: specify peer dependency ranges correctly
• 3a12aec chore(release): 25.0.0 [skip ci]
• 2dce752 Merge pull request [Snyk] Fix for 2 vulnerabilities #905 from jest-community/next
• 1ef8586 chore(release): 25.0.0-next.7 [skip ci]
• f3e9e9a feat(valid-describe): rename to `valid-describe-callback`
• b860084 feat(lowercase-name): rename to `prefer-lowercase-title`
• 3434d9b feat(prefer-to-be-undefined): remove rule
• 809bcda feat(prefer-to-be-null): remove rule
• 2a3376f feat: add `prefer-to-be` to style ruleset
• c5ccdca chore(release): 25.0.0-next.6 [skip ci]
• 6708bb8 Merge branch 'main' into next
• 24b6c5d chore(release): 25.0.0-next.5 [skip ci]

See the full diff

Package name: gulp

The new version differs by 45 commits.

• 5c4c547 chore: Release 5.0.0 (Loading spinner does not disappear on failCallback ag-grid/ag-grid#2762)
• bf72116 chore: Add index.mjs to files list
• b00de68 feat: Provide an ESM export (floatingFilterComponent does not accept string like in example ag-grid/ag-grid#2760)
• 72668c6 chore!: Normalize repository, dropping node <10.13 support (Typescript Errors in ag-grid-community 19.x.x ag-grid/ag-grid#2758)
• 85896d4 chore(docs): Update stream handbook link ([Vuejs] Setting popupParent option doesn't correctly position columnMenus/contextMenus/popup editors on small grids ag-grid/ag-grid#2711)
• 818bd73 Docs: Remove gulp-sourcemaps because it is built-in ('cellValueChanged' event triggers every time when cell editing stops. ag-grid/ag-grid#2592)
• 598f971 Docs: Fix broken link in recipe (Detect the end of drag position ag-grid/ag-grid#2571)
• 9877de0 Docs: Guide CustomRegistries to maintain properties on tasks (fixes pinning column animations - switcher ag-grid/ag-grid#2561) (Update a parameter with a button ag-grid/ag-grid#2565)
• f91c388 Docs: Remove typo in custom registry docs (Cell edit with Dynamic Component emits error ag-grid/ag-grid#2543)
• df25250 Docs: Fix typo in task docs (row checkbox unchecked if i click the full width row why  ag-grid/ag-grid#2524)
• b6d6d7c Docs: fix recipe link (Add an attribute for showing/hiding a MenuItem given a condition ag-grid/ag-grid#2526)
• c26ebcb Docs: Cleanup registry error message subtitles
• d51c6eb Docs: Rename the automate releases recipe file
• 4c1bead Docs: Add subtitles for registry error messages (AgGrid error after compilation/optimization ag-grid/ag-grid#2502)
• 6e56ed8 Docs: Update and refactor release workflow recipe (Column duplicates when rowGroup: true and pinned: 'left' ag-grid/ag-grid#2498)
• 131b702 Docs: Remove recipe for using a config file
• c5ff7e0 Docs: Remove recipe for splitting tasks in files
• 147327c Docs: Remove recipe for specifying a CWD
• 1a653a9 Docs: Remove recipe for running shell commands
• e1190ea Docs: Remove recipe for exporting tasks
• c4305df Docs: Remove recipe for running tasks in series
• 486f927 Docs: Remove recipes for selecting changed files
• b7b70b8 Docs: Fix some links
• 93564bd Docs: Add advanced section for creation of custom registries (Master - Detail Grids ag-grid/ag-grid#2479)

See the full diff

Package name: jest

The new version differs by 250 commits.

• 75006e4 v29.0.0
• 7c82a9f chore: update jest-watch-typeahead again
• 352ff29 chore: update changelog for release
• 33ad8c3 docs: Jest 29 blog post (#13103)
• dda77e5 docs: collapse 28.0 and 28.1 docs (#13104)
• c0dc84c chore: update jest-watch-typeahead
• 05f6217 fix: support deep CJS re-exports when using ESM (#13170)
• 490fd88 chore: update yarn (#13169)
• 98936a2 docs: Update Enzyme links to use new URL (#13166)
• 187566a feat(pretty-format): allow to opt out from sorting object keys with `compareKeys: null` (#12443)
• ae2bed7 chore: tweak regex used in e2e tests (#13129)
• 8c56d74 docs: Update Configuration.md for added special notes on usage scenarios for pnpm. (#13115)
• fb1c53d feat(jest-config)!: remove undocumented `collectCoverageOnlyFrom` option (#13156)
• 075b489 fix: ignore `EISDIR` when resolving symlinks (#13157)
• 3bef02e feat(@ jest/test-result, @ jest/types)!: replace `Bytes` and `Milliseconds` types with `number` (#13155)
• 4def94b v29.0.0-alpha.6
• 0f00d4e fix: replace non-CLI `rimraf` usage (#13151)
• 6a90a2c fix: Allow updating inline snapshots when test includes JSX (#12760)
• 983274a feat: Let `babel` find config when updating inline snapshots (#13150)
• d2ff18a chore: make prettierPath optional in `SnapshotState` (#13149)
• 7d8d01c feat(circus): added each to failing tests (#13142)
• a5b52a5 chore(types): separate MatcherContext, MatcherUtils and MatcherState (#13141)
• 79b5e41 chore: get rid of peer dep warning in website
• 812763d chore: enable 'no-duplicate-imports' (#13138)

See the full diff

Package name: jest-circus

The new version differs by 250 commits.

• 75006e4 v29.0.0
• 7c82a9f chore: update jest-watch-typeahead again
• 352ff29 chore: update changelog for release
• 33ad8c3 docs: Jest 29 blog post (#13103)
• dda77e5 docs: collapse 28.0 and 28.1 docs (#13104)
• c0dc84c chore: update jest-watch-typeahead
• 05f6217 fix: support deep CJS re-exports when using ESM (#13170)
• 490fd88 chore: update yarn (#13169)
• 98936a2 docs: Update Enzyme links to use new URL (#13166)
• 187566a feat(pretty-format): allow to opt out from sorting object keys with `compareKeys: null` (#12443)
• ae2bed7 chore: tweak regex used in e2e tests (#13129)
• 8c56d74 docs: Update Configuration.md for added special notes on usage scenarios for pnpm. (#13115)
• fb1c53d feat(jest-config)!: remove undocumented `collectCoverageOnlyFrom` option (#13156)
• 075b489 fix: ignore `EISDIR` when resolving symlinks (#13157)
• 3bef02e feat(@ jest/test-result, @ jest/types)!: replace `Bytes` and `Milliseconds` types with `number` (#13155)
• 4def94b v29.0.0-alpha.6
• 0f00d4e fix: replace non-CLI `rimraf` usage (#13151)
• 6a90a2c fix: Allow updating inline snapshots when test includes JSX (#12760)
• 983274a feat: Let `babel` find config when updating inline snapshots (#13150)
• d2ff18a chore: make prettierPath optional in `SnapshotState` (#13149)
• 7d8d01c feat(circus): added each to failing tests (#13142)
• a5b52a5 chore(types): separate MatcherContext, MatcherUtils and MatcherState (#13141)
• 79b5e41 chore: get rid of peer dep warning in website
• 812763d chore: enable 'no-duplicate-imports' (#13138)

See the full diff

Package name: jest-resolve

The new version differs by 250 commits.

• be16e47 v27.0.0
• 63102ec chore: update changelog for release
• 564694a docs(blog): Jest 27 blog post (#11131)
• b68d91b feat(pretty-print): add option `printBasicPrototype` (#11441)
• 2226742 chore: minor simplify format results error (#11432)
• 78eb25d chore: remove needless assign (#11433)
• 696c455 chore: update lockfile after publish
• e2eb9ae v27.0.0-next.11
• 3b253f8 Wait for closed resources to actually close before detecting open handles (#11429)
• 27bee72 fix: run GC before collecting open handles (#11278)
• 50451df feat: use fallback if prettier not found (#11400)
• 150dbd8 chore: update lockfile after publish
• 6f44529 v27.0.0-next.10
• cbcec7d Upgrade fsevents in jest-haste-map (#11428)
• 9633a26 feat: support reporters written in ESM (#11427)
• 59f42d8 fix: do not cache modules that throw during evaluation (#11263)
• 57e32e9 Detect open handles with done callbacks (#11382)
• a397607 Document and test dontThrow for custom inline snapshot matchers (#10995)
• 4fa3a0b feat: custom haste (#11107)
• 2047a36 chore: bump deps (#11419)
• a4358d6 chore: run prettier on changelog
• bdd6282 Move all default values into `jest-config` (#9924)
• db643a1 Link to Jest config (#11106)
• b16082c Fix locale issue #10014 (#11412)

See the full diff

Package name: jest-watch-typeahead

The new version differs by 22 commits.

• 7dc4788 chore(release): 0.6.4 [skip ci]
• f73dd11 chore: force older fs-extra
• 03f6513 chore: add automtic release from CI
• 2fe33d9 chore(deps): update jest monorepo to v27 (major) ([Snyk] Fix for 1 vulnerabilities #60)
• 6552ead fix(deps): update jest peer dependency to accept v27 ([Snyk] Security upgrade lerna from 3.22.1 to 4.0.0 #59)
• da3b7c8 chore(deps): lock file maintenance ([Snyk] Security upgrade @vue/cli-service from 3.12.1 to 4.2.0 #58)
• ad70360 chore(deps): lock file maintenance ([Snyk] Security upgrade cypress from 4.12.1 to 5.0.0 #57)
• cfd1998 chore(deps): lock file maintenance ([Snyk] Fix for 1 vulnerabilities #56)
• f0ced57 chore: correct link to CI from readme
• 7fdf607 chore: refresh lockfile ([Snyk] Fix for 1 vulnerabilities #53)
• 0330ff3 chore(deps): update dependency eslint-config-prettier to v8 ([Snyk] Security upgrade @vue/cli-service from 3.12.1 to 4.2.0 #51)
• a3c7247 chore: migrate to GH Actions
• 1c57fd5 chore: activate renovate bot
• 6c535b9 chore(deps): bump y18n from 4.0.0 to 4.0.1 ([Snyk] Fix for 1 vulnerabilities #44)
• 1c8712b chore(deps): bump hosted-git-info from 2.8.8 to 2.8.9 ([Snyk] Security upgrade jest from 25.5.4 to 26.0.0 #50)
• 89fd566 chore(deps): bump lodash from 4.17.20 to 4.17.21 ([Snyk] Security upgrade jest from 25.5.4 to 26.0.0 #49)
• 1a3856d 0.6.3
• b5dd0f5 fix: calculate highlight offset using stripped paths ([Snyk] Security upgrade jest from 25.5.4 to 26.0.0 #48)
• 7765717 v0.6.2
• 9dfa861 fix: use correct highlight offset even when rootDir is not root package directory ([Snyk] Security upgrade cssnano from 4.1.11 to 5.0.0 #34)
• 6ddf496 chore(deps): bump node-notifier from 8.0.0 to 8.0.1 ([Snyk] Security upgrade @vue/cli-service from 3.12.1 to 4.1.2 #42)
• 87d002b chore: rewrite to typescript ([Snyk] Security upgrade protractor from 5.4.4 to 6.0.0 #41)

See the full diff

Package name: webpack

The new version differs by 250 commits.

• 610f368 5.0.0
• 5ce65c1 update examples
• bbe1230 Merge pull request #11628 from webpack/bugfix/real-content-hash
• 75ecff2 5.0.0-rc.6
• bfc35d6 Merge pull request #11603 from MayaWolf/master
• 76e8cbd Merge pull request #11622 from webpack/dependabot/npm_and_yarn/types/node-13.13.25
• 9fd1be2 chore(deps-dev): bump @ types/node from 13.13.23 to 13.13.25
• 36bcfaa Merge pull request #11621 from webpack/bugfix/11619
• 9130d10 fix called variables with ProvidePlugin
• 3e42105 Merge pull request #11620 from webpack/bugfix/11617
• 4709719 skip connections copied to concatenated module
• 57b493f 5.0.0-rc.5
• 1658e2f Merge pull request #11618 from webpack/bugfix/11615
• a8fb45d fixes crash in SideEffectsFlagPlugin
• 84b196d emit error instead of crashing when unexpected problem occurs
• 5573fed Merge pull request #11601 from Hornwitser/improve-suggested-polyfill-config
• 9b5cce9 Merge pull request #11609 from snitin315/export-types
• 37c495c export type RuleSetUseItem
• 39faf34 export type RuleSetUse
• e5fd246 export type RuleSetConditionAbsolute
• 660baad export RuleSetCondition types
• 13e3ca5 Merge pull request #11602 from webpack/bugfix/shared-runtime-chunk
• 9c0587e Merge pull request #11606 from webpack/dependabot/npm_and_yarn/simple-git-2.21.0
• 502d166 Merge pull request #11607 from webpack/dependabot/npm_and_yarn/acorn-8.0.4

See the full diff

Package name: webpack-dev-server

The new version differs by 250 commits.

• c9271b9 chore(release): 4.0.0
• 18bf369 test: fix stability (Excel Export Line Number and Column Alphabets font size is bigger ag-grid/ag-grid#3676)
• cdcabb2 fix: respect protocol from browser for manual setup (Support Column flex to fill the entire available space even after it was moved or swapped ag-grid/ag-grid#3675)
• 1768d6b fix: initial reloading for lazy compilation (suppressCount does not work when groupUseEntireRow = true ag-grid/ag-grid#3662)
• 4f5bab1 docs: improve examples (ag-grid export as CSV is displaying [object object] in csv file but loads good in table. ag-grid/ag-grid#3672)
• f2d87fb fix: improve https CLI output (ag-grid-angular cell value not binding automatically ag-grid/ag-grid#3673)
• 0277c5e chore: remove redundant console statements (Question: When can we find Ag Grid's Next Release Date? ag-grid/ag-grid#3671)
• 16fcdbc docs: add `ipc` example (Fix NPE when using row group edit ag-grid/ag-grid#3667)
• 8915fb8 test: add e2e tests for built in routes (Column flex issue - jumps/glitches on official examples ag-grid/ag-grid#3669)
• 4d1cbe1 docs: ask `version` information in issue template (Is it possible to style the dragged element of the columns? ag-grid/ag-grid#3668)
• b6c1881 chore(deps-dev): bump core-js from 3.16.1 to 3.16.2 (Some column events can't be bound with column definitions ag-grid/ag-grid#3666)
• ffa8cc5 chore(deps-dev): bump supertest from 6.1.5 to 6.1.6 (tool panel performance issue in IE 11 ag-grid/ag-grid#3665)
• f1fdaa7 chore(release): 4.0.0-rc.1
• c4678bc fix: legacy API (Tree data aggregate column set filter not working ag-grid/ag-grid#3660)
• d8bdd03 test: fix stability (ag-grid-enteprise with noImplicitAny: Could not find a declaration file for module  ag-grid/ag-grid#3661)
• 22b1414 refactor: remove `killable` (Missing exports for /filter/provided ag-grid/ag-grid#3657)
• 75bafbf test: add e2e tests for module federation (Comparator not responding in ag-grid ag-grid/ag-grid#3658)
• 493ccbd chore(deps): update `ws` ("agSetColumnFilter" breaks application  ag-grid/ag-grid#3652)
• ae8c523 test: add e2e test for universal compiler (enableCellTextSelection does not exist on 'GridOptions' ag-grid/ag-grid#3656)
• f94b84f chore(deps): update (Allow navigating to non-editable cell by tab when editing=true ag-grid/ag-grid#3655)
• 1923132 test: fix cli
• 2adfd01 test: fix todo (When switching themes dynamically icons are not displaying ag-grid/ag-grid#3653)
• 6e2cbde fix: proxy logging and allow to pass options without the `target` option (Context menu enhancement ag-grid/ag-grid#3651)
• c9ccc96 fix: respect infastructureLogging.level for client.logging (Export Data As Excel - Turn on Filter in Excel ag-grid/ag-grid#3613)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncontrolled resource consumption
🦉 Prototype Pollution

[secure-code-warrior-for-github]

Micro-Learning Topic: Inefficient regular expression (Detected by phrase)

Matched on "Inefficient Regular Expression"

What is this? (2min video)

A regular expression that requires exponential time to match certain inputs can be a performance bottleneck, and may be vulnerable to denial-of-service attacks.

Try a challenge in Secure Code Warrior

Micro-Learning Topic: Prototype pollution (Detected by phrase)

Matched on "Prototype Pollution"

What is this? (2min video)

By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones. This can be problematic if the software depends on existence or non-existence of certain attributes, or uses pre-defined attributes of object prototype (such as hasOwnProperty, toString or valueOf).

Try a challenge in Secure Code Warrior

[sourcery-ai]

We have skipped reviewing this pull request. Here's why:

• It seems to have been created by a bot ('[Snyk]' found in title). We assume it knows what it's doing!
• We don't review packaging changes - Let us know if you'd like us to change this.