Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade graphiql from 0.12.0 to 0.17.5 #97

Merged
merged 2 commits into from
May 8, 2020

Conversation

snyk-bot
Copy link
Contributor

Snyk has created this PR to upgrade graphiql from 0.12.0 to 0.17.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
  • The recommended version is 13 versions ahead of your current version.
  • The recommended version was released 4 months ago, on 2019-12-09.

The recommended version fixes:

Severity Issue Exploit Maturity
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MARKDOWNIT-459438
Proof of Concept
Release notes
Package name: graphiql
  • 0.17.5 - 2019-12-09
  • 0.17.4 - 2019-12-09
  • 0.17.3 - 2019-12-09
  • 0.17.2 - 2019-12-03
  • 0.17.1 - 2019-12-03
  • 0.17.0 - 2019-11-26
  • 0.16.0 - 2019-10-19
  • 0.15.1 - 2019-10-04
  • 0.14.2 - 2019-08-19
  • 0.14.1 - 2019-08-19
  • 0.14.0 - 2019-08-18
  • 0.13.2 - 2019-06-21
  • 0.13.0 - 2019-02-27
  • 0.12.0 - 2018-09-17
from graphiql GitHub release notes
Commit messages
Package name: graphiql
  • c735b22 chore(release): publish
  • dd06eb5 fix: codemirror results bundle
  • 98be6f5 chore(deps): bump @babel/polyfill from 7.6.0 to 7.7.0
  • 3338b94 chore(deps-dev): bump @babel/cli from 7.7.4 to 7.7.5
  • 853563a chore(deps-dev): bump @babel/preset-env from 7.4.5 to 7.7.6
  • 72b936d chore(release): publish
  • e1588d9 fix: graphiql babel test ignore paths
  • 6b091a7 chore(release): publish
  • a14954f chore(deps): bump vscode-languageserver from 3.5.1 to 5.2.1
  • 914ed0c chore(deps-dev): bump @babel/core from 7.4.5 to 7.7.5
  • e9848b0 fix: express-graphql version
  • e0ad2c6 fix: a few more tweaks to babel ignore
  • 3b1c2c1 fix: test output, webpack resolution, clean build
  • 19d8d7f fix(gls-utils): #1055 - move file test, refactor for fixtures
  • 4408bec chore(deps-dev): bump @babel/plugin-proposal-class-properties
  • 22b7708 chore(deps-dev): bump ts-jest from 24.1.0 to 24.2.0
  • eeb7aba Merge pull request #1062 from graphql/dependabot/npm_and_yarn/eslint-6.7.2
  • 1edf9b4 Merge pull request #1063 from graphql/dependabot/npm_and_yarn/babel/plugin-syntax-dynamic-import-7.7.4
  • 1c7f4a5 Merge pull request #1065 from graphql/dependabot/npm_and_yarn/babel/cli-7.7.4
  • 5408fa0 chore(deps-dev): bump @babel/cli from 7.4.4 to 7.7.4
  • b42ecbd chore(deps-dev): bump @babel/plugin-syntax-dynamic-import
  • 9385127 chore(deps-dev): bump eslint from 6.5.1 to 6.7.2
  • b8e4a1c chore(deps-dev): bump @babel/node from 7.4.5 to 7.7.4
  • 7d19ad1 chore(deps-dev): bump cypress from 3.6.1 to 3.7.0

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@CLAassistant
Copy link

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@hlship hlship added this to the 0.14.0 milestone May 8, 2020
@hlship hlship merged commit a6653f7 into master May 8, 2020
@hlship hlship deleted the snyk-upgrade-27c14eaf8ece4ce4c564f3c23cc6f961 branch May 8, 2020 22:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

3 participants