Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade webpack-cli from 4.0.0 to 4.1.0 #501

Merged
merged 1 commit into from
Dec 2, 2020
Merged

[Snyk] Upgrade webpack-cli from 4.0.0 to 4.1.0 #501

merged 1 commit into from
Dec 2, 2020

Conversation

snyk-bot
Copy link
Contributor

Snyk has created this PR to upgrade webpack-cli from 4.0.0 to 4.1.0.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released a month ago, on 2020-10-19.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Server-Side Request Forgery (SSRF)
SNYK-JS-AXIOS-1038255		 474/1000
Why? Proof of Concept exploit, Recently disclosed, CVSS 5.9		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: webpack-cli
  • 4.1.0 - 2020-10-19
  • 4.0.0 - 2020-10-10
from webpack-cli GitHub release notes
Commit messages
Package name: webpack-cli
  • e3fa60b chore(release): publish new version
  • 90b4583 chore(deps-dev): bump @types/yeoman-test from 2.0.4 to 2.0.5 (#1963)
  • fa739a6 chore(deps-dev): bump @types/yeoman-generator from 4.11.2 to 4.11.3 (#1962)
  • d8674ce chore(deps-dev): bump lint-staged from 10.4.0 to 10.4.2 (#1961)
  • 2e6c957 chore(deps-dev): bump @babel/core from 7.12.0 to 7.12.3 (#1960)
  • 0be2498 chore(deps-dev): bump webpack from 5.1.0 to 5.1.3 (#1959)
  • e032ef8 refactor: code
  • cc081a2 feat: allow passing strings in env flag (#1939)
  • 97557bf chore(deps-dev): bump @babel/preset-env from 7.12.0 to 7.12.1 (#1952)
  • 9ba9d6f fix: output stacktrace on errors (#1949)
  • 564279e fix: run CLI after webpack installation (#1951)
  • 92ad475 fix: move init command to separate package (#1950)
  • 6f77162 chore: reduce package size (#1947)
  • 2ace39b fix: support array of functions and promises (#1946)
  • 80b692d chore: remove unnecessary optional peer dependencies (#1945)
  • 2bbbb14 fix: colored output (#1944)
  • 258219a fix: watch mode and options (#1931)
  • 6f95b26 fix: support any config name (#1926)
  • 4bfde10 tests: relative configs (#1927)
  • 5ef1e7b fix: avoid unnecessary stringify (#1920)
  • d32aeda docs: update changelog
  • e9fd593 chore(release): publish new version
  • b78463a chore: update release script (#1913)
  • 544b06e refactor: next

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@lholmquist lholmquist force-pushed the snyk-upgrade-3e64403bf8657abf020ca7d73906ac81 branch from 6766eac to a71f9f3 Compare December 2, 2020 15:18
@lholmquist lholmquist merged commit 63d20c2 into master Dec 2, 2020
@lholmquist lholmquist deleted the snyk-upgrade-3e64403bf8657abf020ca7d73906ac81 branch December 2, 2020 15:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@snyk-bot @lholmquist