Skip to content
This repository was archived by the owner on Jan 27, 2021. It is now read-only.

[Snyk] Security upgrade snyk from 1.189.0 to 1.192.5 #52

Open
snyk-bot wants to merge 1 commit into
base: glitch
Choose a base branch
from
Open

[Snyk] Security upgrade snyk from 1.189.0 to 1.192.5 #52

snyk-bot wants to merge 1 commit into from

Conversation

@snyk-bot
Copy link
Contributor

@snyk-bot snyk-bot commented Aug 16, 2020

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 776/1000
Why? Recently disclosed, Has a fix available, CVSS 9.8		 Prototype Pollution
SNYK-JS-LODASH-590103		 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: snyk The new version differs by 33 commits.
  • 84f53bd Merge pull request #649 from snyk/fix/update-lodash
  • 8ebdc1a fix: update mvn and php plugins to get rid of vuln lodash
  • c9281cb fix: update vulnerable lodash
  • 1321ec5 Merge pull request #645 from snyk/fix/python-docker-images
  • b2f7176 fix: Use pip instead of pip3 in both images
  • ca6958b fix: Upgrade Python3 to 3.7 instead of 3.5
  • 0466101 Merge pull request #644 from snyk/docs/badge-example
  • 10c42f2 docs: update vuln badge in readme example
  • f2c2f7b Merge pull request #641 from snyk/docs/vuln-badge
  • fcb39c8 docs: vulns badge in readme tests the repo
  • 3b91eca Merge pull request #640 from snyk/fix/docker-analytics
  • 8dfee30 fix: isDocker is a boolean flag in analytics
  • a638c7b Merge pull request #638 from snyk/fix/reinstate-windows-cli-tests
  • 23fb199 test: re-enable windows tests
  • 84e1cd8 Merge pull request #635 from snyk/fix/wizard-help-txt
  • efc7923 Merge pull request #636 from snyk/fix/reinstate-missing-tests
  • c28d85e fix: reinstate missing tests
  • 3aa9d20 fix: wizard help text
  • 9551bdb Merge pull request #629 from snyk/test/convert-node-modules-test-to-ts
  • a2fd95e Merge pull request #620 from snyk/feat/add-test-errors
  • a2d63b0 Merge pull request #632 from snyk/feat/update-sbt-plugin
  • 7501b74 feat: update sbt plugin
  • 77a80fc Merge pull request #626 from snyk/feat/autodetect-gomodules
  • d1d6f93 chore: convert test to ts

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@snyk-bot