Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 1 vulnerabilities #5

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Fix for 1 vulnerabilities #5

wants to merge 1 commit into from

Conversation

saurabharch
Copy link

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • lib/koenig-editor/package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
low severity 461/1000
Why? Recently disclosed, Has a fix available, CVSS 3.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-DEBUG-3227433		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: ember-cli-htmlbars The new version differs by 250 commits.
  • d01f8e6 Release 5.2.0
  • 3f7c5fd Move template compiler creation to a method on the addon (✨ welcome tour TryGhost/Admin#527)
  • 95087db [Security] Bump websocket-extensions from 0.1.3 to 0.1.4
  • 0258695 Bump eslint-plugin-mocha from 6.3.0 to 7.0.1
  • 0cc0ab9 Bump ember-source from 3.18.1 to 3.19.0
  • a1dd887 Bump @ babel/plugin-proposal-decorators from 7.8.3 to 7.10.1
  • 62133e1 Bump @ babel/plugin-transform-typescript from 7.9.6 to 7.10.1
  • 0764626 Bump @ babel/plugin-transform-runtime from 7.9.6 to 7.10.1
  • 386e8f5 Bump ember-cli-babel from 7.20.0 to 7.20.4
  • 3cda9ce Bump @ babel/plugin-proposal-class-properties from 7.8.3 to 7.10.1
  • 48cb4f5 Bump eslint-plugin-ember from 8.5.1 to 8.5.2
  • f4c24d1 Bump @ babel/runtime from 7.9.6 to 7.10.2
  • e83db8d Bump mocha from 7.1.2 to 7.2.0
  • 1d70905 Bump eslint from 6.8.0 to 7.0.0
  • 419c4e8 Bump ember-cli-version-checker from 5.1.0 to 5.1.1
  • c36e162 Bump release-it from 13.5.8 to 13.6.1
  • c69fb4e Bump ember-cli-babel from 7.19.0 to 7.20.0
  • 69f1f95 Bump broccoli-persistent-filter from 2.3.1 to 3.0.0
  • 4c6bb84 Bump eslint-plugin-ember from 8.5.0 to 8.5.1
  • 62e5ec7 Bump ember-cli-version-checker from 5.0.2 to 5.1.0
  • cc4c29b Release 5.1.2
  • cbf2913 Bump ember-cli from 3.16.1 to 3.18.0
  • f69a74b Merge pull request fix tests for new themes table styles TryGhost/Admin#553 from ember-cli/ensure-template-path-is-absolute
  • d13b5e2 Ensure custom templateCompilerPath is an absolute path.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@saurabharch @snyk-bot