Comments (2)
After v3.0.2
release (2023-05-15)
The version 3.0.2 should solve some issues as a deprecated dependency (request
) was removed (details: #373 )
Output of yarn audit
:
95 vulnerabilities found - Packages audited: 2175
Severity: 3 Low | 10 Moderate | 65 High | 17 Critical
versions | 3.0.1 |
3.0.2 |
---|---|---|
Low | 9 | 3 (-6) |
Moderate | 27 | 10 (-17) |
High | 189 | 65 (-124) |
Critical | 62 | 17 (-45) |
Total | 287 | 95 (-192) |
from uxpin-merge-tools.
After v3.0.3
release (2023-05-22)
The version 3.0.2 should solve some issues as a deprecated dependency (request
) was removed (details: #373 )
Output of yarn audit
34 vulnerabilities found - Packages audited: 1306
Severity: 6 Moderate | 28 High
Vulnerabilities | Low | Moderate | High | Critical | Total |
---|---|---|---|---|---|
2.7.10 |
9 | 44 | 230 | 68 | 351 |
2.8.2 |
9 | 43 | 232 | 69 | 353 |
3.0.0 |
3 | 25 | 153 | 56 | 237 |
3.0.2 |
3 | 10 | 65 | 17 | 95 |
3.0.3 |
0 | 6 | 38 | 0 | 43 |
Output of snyk test
Tested 460 dependencies for known issues, found 4 issues, 4 vulnerable paths.
Patchable issues:
Patch available for [email protected]
✗ Prototype Pollution [High Severity][https://security.snyk.io/vuln/npm:extend:20180424] in [email protected]
introduced by @textlint/[email protected] > [email protected] > [email protected]
Issues with no direct upgrade or patch:
✗ Prototype Pollution [High Severity][https://security.snyk.io/vuln/SNYK-JS-ASYNC-2441827] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 2.6.4, 3.2.2
✗ Prototype Pollution [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-JSON5-3182856] in [email protected]
introduced by [email protected] > @babel/[email protected] > [email protected]
This issue was fixed in versions: 1.0.2, 2.2.2
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-MINIMATCH-3050818] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.5
from uxpin-merge-tools.
Related Issues (20)
- Pass underlying component from an Higher-Order component in spec mode
- Typescript export Problems HOT 2
- Easier debugging when a component fails to render
- Typescript Slow Experimental Mode
- Typescript Helper Functions not working
- Experimental Mode not working with Windows (and WSL) HOT 1
- TypeScript: Serialize date property HOT 4
- Init Command HOT 4
- Stubbed Preset Generation HOT 2
- TypeScript: Serialize static default props of arrow function
- TypeScript: Serialize array of enums property
- TypeScript: Serialize Indexed signature property
- Typescript: Allow user to specify configuration
- TypeScript: Support component with non inlined export statement HOT 1
- Upgrade TypeScript setup and improve DX in `uxpin-merge-cli` HOT 1
- Colors package breaks CLI HOT 1
- Improve UX and error handling when pushing libraries
- Fix delete command for branch names that include a slash `/` HOT 1
- Merge Documentation Overhaul
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from uxpin-merge-tools.