Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Fix for 1 vulnerabilities #527

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

aliscco
Copy link
Owner

@aliscco aliscco commented Jun 21, 2023

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • node_modules/table/package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 658/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVER-3247795
Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: babel-plugin-istanbul The new version differs by 12 commits.

See the full diff

Package name: eslint The new version differs by 250 commits.
  • 3dd6741 7.0.0
  • 9a722f9 Build: changelog update for 7.0.0
  • b98d8bd Upgrade: eslint-release@2.0.0 (#13271)
  • 4c0b028 Fix: remove Node.js and CommonJS category from build process (#13242)
  • 401a687 Chore: fix rules list for prereleases (#13230)
  • 4ef6158 Breaking: espree@7.0.0 (#13270)
  • b5c8d73 Docs: update 7.0.0 migration guide for consistency (#13267)
  • 356fdb4 Docs: add migration guide (#12692)
  • 015edf6 Sponsors: Sync README with website
  • fdfa364 7.0.0-rc.0
  • 8d1b4db Build: changelog update for 7.0.0-rc.0
  • 0b1d65a Update: Improve report location for array-callback-return (refs #12334) (#13109)
  • d85e291 Fix: yoda left string fix for exceptRange (fixes #12883) (#13052)
  • 2ce6bed Chore: added tests for nested arrays (#13145)
  • d3aac53 Update: report backtick loc in no-unexpected-multiline (refs #12334) (#13142)
  • 8e7a2d9 Fix: func-call-spacing "never" reports wrong message (fixes #13190) (#13193)
  • bcafd0f Update: Add ESLint API (refs New: ESLint Class Replacing CLIEngine eslint/rfcs#40) (#12939)
  • 3eeae56 Upgrade: some (dev) deps (#13155)
  • 6b7030b Chore: Run tests on Node.js v14 (#13210)
  • ebc28d7 Fix: Remove default .js from --ext CLI option (#13176)
  • 5c1bdeb Update: Improve report location for getter-return (refs #12334) (#13164)
  • 56d2bee Docs: fix typos (#13204)
  • e13256e Chore: use espree.latestEcmaVersion in config-initializer (#13157)
  • e4f57b7 Chore: add nested array tests for array-element-newline (#13161)

See the full diff

Package name: eslint-config-canonical The new version differs by 28 commits.
  • 137fb17 feat: update dependencies and add new rules
  • 956d2c9 feat: disable prefer-default-export
  • bb181c4 feat: add react-hooks
  • aa75410 feat: add ref (react) and rel (html attribute)
  • 2ab2511 feat: add exception for props
  • 78ce018 feat: upgrade dependencies; add new rules
  • ad6b538 fix: prefer import/no-duplicates
  • 04e6b3c fix: prefer import/no-duplicates
  • b973ea9 fix: react/jsx-one-expression-per-line
  • 806fbea fix: update dependencies
  • 391b006 fix: align flowtype delimeter dangle with comma dangle
  • 100be88 feat: adjust to match popular ignored rules
  • 5eb90e3 feat: adjust to match popular ignored rules
  • 6af0291 feat: require comma dangle in multi-line
  • 01d7a75 fix: update comparison
  • ccb0032 fix: update dependencies
  • 180c5b9 Merge branch 'master' of github.com:gajus/eslint-config-canonical
  • e1f87c4 fix: prefer react/jsx-fragments syntax
  • d374d08 Merge pull request [Snyk] Security upgrade ansi-regex from 5.0.0 to 6.0.1 #18 from brettz9/patch-1
  • 80cf729 Update peerDeps to include ESLint 6.0
  • 22c1757 Merge branch 'master' of github.com:gajus/eslint-config-canonical
  • d85ac0d fix: disable misbehaving test; does not read ava config in package.json
  • c9db68f Create FUNDING.yml
  • f2330a0 docs: add gitspo mentions badge

See the full diff

Package name: husky The new version differs by 5 commits.

See the full diff

Package name: nyc The new version differs by 55 commits.

See the full diff

Package name: semantic-release The new version differs by 250 commits.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants