Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade slim-select from 2.8.1 to 2.9.2 #13

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade slim-select from 2.8.1 to 2.9.2 #13

wants to merge 1 commit into from

Conversation

Hailfire805
Copy link
Owner

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • frontend/package.json
    • frontend/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 648/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.1		 Cross-site Scripting (XSS)
SNYK-JS-SLIMSELECT-8161189		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: slim-select The new version differs by 90 commits.
  • 180429e package - version bump
  • ea51e95 output - updated output
  • b4d1061 package - version bump
  • ce5ad81 readme - minor update
  • 3e9c6f1 vite - updated css preprocessor. was giving
  • 1f7475a examples - minor countries update
  • 853cae4 package - minor updates
  • a9a1e40 examples - added countries example
  • b99e770 content location - could be null so updated to reflect.
  • 7267683 examples - added examples section and added countries as a first one
  • f8534f2 Merge pull request Letter training mode monkeytypegame/monkeytype#572 from Shoplifter/master
  • a1d1846 [FIX] use option.textContent instead of option.innerText
  • 873a8e5 use innerText instead of innerHTML for setting an option's text
  • e7e37e2 readme - minor update
  • d528701 package - version bump
  • 97847bf output - dist/docs update
  • e048f97 render - test update
  • f9639de search - allow deselect if single and setting is on
  • 79fbc57 deselect - extend larger area of click for X
  • 385e5d4 addable - updated to allow for enter to run addable function. added addableText. added error type as return to display in main content section.
  • 0ff10cf package - version updates
  • dd7ff9c test - update getOptions options
  • 1527841 test - added keep order test
  • 64a0a80 naming - updated function name

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Hailfire805 @snyk-bot