Skip to content

fix(deps): update npm/node-sloc from 0.2.1 → 0.2.1#11

Open
deepsource-development[bot] wants to merge 1 commit intomasterfrom
deepsource-sca-2f7cf93f
Open

fix(deps): update npm/node-sloc from 0.2.1 → 0.2.1#11
deepsource-development[bot] wants to merge 1 commit intomasterfrom
deepsource-sca-2f7cf93f

Conversation

@deepsource-development
Copy link

@deepsource-development deepsource-development bot commented Feb 11, 2025

This pull request addresses security vulnerabilities in this repository by updating dependencies to a safe version. We recommend manually auditing the package manifest files to verify the fixes.

Upgrade Summary

node-sloc: 0.2.1 → 0.2.1

🤖 This pull request was automatically generated by DeepSource SCA. To view all vulnerabilities in this repository, please visit the dashboard.

@deepsourcebot
fix(deps): update npm/node-sloc from 0.2.1 → 0.2.1
ed2d5fa 
fix(deps): update npm/node-sloc from 0.2.1 → 0.2.1

This pull request addresses security vulnerabilities in this repository by updating dependencies to a safe version. We recommend manually auditing the package manifest files to verify the fixes.

### Upgrade Summary

**node-sloc**: 0.2.1 → 0.2.1

- Fixes [CVE-2024-4067](https://nvd.nist.gov/vuln/detail/CVE-2024-4067) (Medium severity)

- References:

  - [https://nvd.nist.gov/vuln/detail/CVE-2024-4067](https://nvd.nist.gov/vuln/detail/CVE-2024-4067)

  - [https://github.com/micromatch/micromatch/issues/243](https://github.com/micromatch/micromatch/issues/243)

  - [https://github.com/micromatch/micromatch/pull/247](https://github.com/micromatch/micromatch/pull/247)

  - [https://github.com/micromatch/micromatch/pull/266](https://github.com/micromatch/micromatch/pull/266)

  - [https://github.com/micromatch/micromatch/commit/03aa8052171e878897eee5d7bb2ae0ae83ec2ade](https://github.com/micromatch/micromatch/commit/03aa8052171e878897eee5d7bb2ae0ae83ec2ade)

  - [https://github.com/micromatch/micromatch/commit/500d5d6f42f0e8dfa1cb5464c6cb420b1b6aaaa0](https://github.com/micromatch/micromatch/commit/500d5d6f42f0e8dfa1cb5464c6cb420b1b6aaaa0)

  - [https://advisory.checkmarx.net/advisory/CVE-2024-4067](https://advisory.checkmarx.net/advisory/CVE-2024-4067)

  - [https://devhub.checkmarx.com/cve-details/CVE-2024-4067](https://devhub.checkmarx.com/cve-details/CVE-2024-4067)

  - [https://github.com/micromatch/micromatch](https://github.com/micromatch/micromatch)

  - [https://github.com/micromatch/micromatch/blob/2c56a8604b68c1099e7bc0f807ce0865a339747a/index.js#L448](https://github.com/micromatch/micromatch/blob/2c56a8604b68c1099e7bc0f807ce0865a339747a/index.js#L448)

  - [https://github.com/micromatch/micromatch/releases/tag/4.0.8](https://github.com/micromatch/micromatch/releases/tag/4.0.8)

---

🤖 This pull request was automatically generated by DeepSource SCA. To view all vulnerabilities in this repository, please visit the [dashboard](https://app.deepsource.one/gh/NewProfoundOrigin/phaser/dependencies/).
@deepsource-development
Copy link
Author

deepsource-development bot commented Feb 11, 2025

Here's the code health analysis summary for commits 73f4178..ed2d5fa. View details on DeepSource ↗.

Analysis Summary

AnalyzerStatusSummaryLink
DeepSource Secrets LogoSecrets✅ SuccessView Check ↗
💡 If you’re a repository administrator, you can configure the quality gates from the settings.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@deepsourcebot