Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade reveal.js from 3.3.0 to 3.4.0 #7

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade reveal.js from 3.3.0 to 3.4.0 #7

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 589/1000
Why? Has a fix available, CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-MINIMATCH-1019388		 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: reveal.js The new version differs by 111 commits.
  • 568c751 fix unclosed code block
  • fb8414f 3.4.0
  • a144134 Merge branch 'dev' of github.com:hakimel/reveal.js
  • 97bb6e9 fragments inherit visibility to avoid conflicts with parent slide visibility
  • f2bd9d2 don't show error message while iframe fades in #1577
  • 001d4d9 Merge branch 'add-refused-to-display-tips-to-link-preview' of https://github.com/Huxpro/reveal.js into dev
  • 40c4db1 always use lowercase reveal.js
  • 63d3b59 Merge pull request #1767 from demoneaux/readme
  • 4d0f1ad Add note about head.js to readme.
  • 90b301d Enable passing options for parsing Markdown.
  • 713702a Reduce required Node.js version to 4.0.0.
  • 2bd6b56 Merge pull request #1760 from demoneaux/package-json
  • 03ac4a2 Reduce required Node.js version to 4.0.0.
  • e4e5cc1 Merge pull request #1740 from christinakayastha/feature/printing-remove-slide-number
  • f0dfb5b merge package version conflicts
  • b4d46d2 update dependencies to work with latest node #1743
  • 3de1521 Merge pull request #1743 from haf/patch-1
  • e460b2b Merge pull request #1747 from spencermathews/feature/readme-defaults-fix
  • 67ac871 Merge pull request #1757 from daanmichiels/correct-copyright
  • 775d510 Merge pull request #1756 from jmpp/better-data-trim
  • 785dbdd correct copyright message to include contributors
  • 35162c1 Better version of data-trim on code snippets
  • 21c1faf Update README.md to reflect current defaults in js/reveal.js
  • 1918820 add pdf-ready event; dispatched when the presentation is laid out and ready to print

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
馃 View latest project report

馃洜 Adjust project settings

馃摎 Read more about Snyk's upgrade and patch logic

@snyk-bot
fix: package.json to reduce vulnerabilities
76ac330 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-1019388
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@snyk-bot