Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Upgrade: , classnames, compression-webpack-plugin, eslint-plugin-import, eslint-plugin-jsx-a11y, prop-types, eslint-plugin-react, express, nodemon, react-hot-loader, redux, react-redux, react-router, react-router-dom, webpack-hot-middleware, webpack-manifest-plugin #1197

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade: , classnames, compression-webpack-plugin, eslint-plugin-import, eslint-plugin-jsx-a11y, prop-types, eslint-plugin-react, express, nodemon, react-hot-loader, redux, react-redux, react-router, react-router-dom, webpack-hot-middleware, webpack-manifest-plugin #1197

wants to merge 1 commit into from

Conversation

ManuelDevWeb
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

@babel/register
from 7.14.5 to 7.24.6 | 20 versions ahead of your current version | 4 months ago
on 2024-05-24
classnames
from 2.3.1 to 2.5.1 | 5 versions ahead of your current version | 8 months ago
on 2023-12-29
compression-webpack-plugin
from 8.0.0 to 8.0.1 | 1 version ahead of your current version | 3 years ago
on 2021-06-25
eslint-plugin-import
from 2.23.4 to 2.29.1 | 19 versions ahead of your current version | 9 months ago
on 2023-12-14
eslint-plugin-jsx-a11y
from 6.4.1 to 6.9.0 | 8 versions ahead of your current version | 3 months ago
on 2024-06-20
prop-types
from 15.7.2 to 15.8.1 | 2 versions ahead of your current version | 3 years ago
on 2022-01-05
eslint-plugin-react
from 7.24.0 to 7.35.0 | 41 versions ahead of your current version | 2 months ago
on 2024-07-20
express
from 4.17.1 to 4.19.2 | 9 versions ahead of your current version | 5 months ago
on 2024-03-25
nodemon
from 2.0.7 to 2.0.22 | 25 versions ahead of your current version | a year ago
on 2023-03-22
react-hot-loader
from 4.13.0 to 4.13.1 | 1 version ahead of your current version | 2 years ago
on 2022-11-13
redux
from 4.1.0 to 4.2.1 | 5 versions ahead of your current version | 2 years ago
on 2023-01-28
react-redux
from 7.2.4 to 7.2.9 | 5 versions ahead of your current version | 2 years ago
on 2022-09-23
react-router
from 5.2.0 to 5.3.4 | 5 versions ahead of your current version | 2 years ago
on 2022-10-02
react-router-dom
from 5.2.0 to 5.3.4 | 6 versions ahead of your current version | 2 years ago
on 2022-10-02
webpack-hot-middleware
from 2.25.0 to 2.26.1 | 6 versions ahead of your current version | 7 months ago
on 2024-02-01
webpack-manifest-plugin
from 3.1.1 to 3.2.0 | 1 version ahead of your current version | 3 years ago
on 2021-07-27

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIHTML-1296849		 626 Proof of Concept
high severity Uncontrolled resource consumption
SNYK-JS-BRACES-6838727		 626 Proof of Concept
high severity Prototype Poisoning
SNYK-JS-QS-3153490		 626 Proof of Concept
medium severity Cross-site Scripting (XSS)
SNYK-JS-SERIALIZEJAVASCRIPT-6147607		 626 Proof of Concept
medium severity Open Redirect
SNYK-JS-EXPRESS-6474509		 626 No Known Exploit
medium severity Open Redirect
SNYK-JS-GOT-2932019		 626 No Known Exploit
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-HTTPCACHESEMANTICS-3248783		 626 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-MINIMATCH-3050818		 626 No Known Exploit
low severity Prototype Pollution
SNYK-JS-MINIMIST-2429795		 626 Proof of Concept
Release notes
Package name: @babel/register
  • 7.24.6 - 2024-05-24

    v7.24.6 (2024-05-24)

    Thanks @ amjed-98, @ blakewilson, @ coelhucas, and @ SukkaW for your first PRs!

    🐛 Bug Fix

    • babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
    • babel-core, babel-generator, babel-plugin-transform-modules-commonjs
    • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
    • babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
      • #16483 Fix: throw TypeError if addInitializer is called after finished (@ JLHwung)
    • babel-parser, babel-plugin-transform-typescript

    🏠 Internal

    • babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
    • babel-helpers
    • babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
    • babel-parser, babel-traverse
    • Other

    Committers: 9

  • 7.23.7 - 2023-12-29
  • 7.22.15 - 2023-09-04
  • 7.22.5 - 2023-06-08
  • 7.21.4-esm.4 - 2023-04-04
  • 7.21.4-esm.3 - 2023-04-04
  • 7.21.4-esm.2 - 2023-04-04
  • 7.21.4-esm.1 - 2023-04-04
  • 7.21.4-esm - 2023-04-04
  • 7.21.0 - 2023-02-20
  • 7.18.9 - 2022-07-18
  • 7.18.6 - 2022-06-27
  • 7.17.7 - 2022-03-14
  • 7.17.0 - 2022-02-02
  • 7.16.9 - 2022-01-11
  • 7.16.8 - 2022-01-10
  • 7.16.7 - 2021-12-31
  • 7.16.5 - 2021-12-13
  • 7.16.0 - 2021-10-29
  • 7.15.3 - 2021-08-11
  • 7.14.5 - 2021-06-09
from @babel/register GitHub release notes
Package name: classnames from classnames GitHub release notes
Package name: compression-webpack-plugin
  • 8.0.1 - 2021-06-25

    8.0.1 (2021-06-25)

    Chore

    • update serialize-javascript
  • 8.0.0 - 2021-05-21

    8.0.0 (2021-05-21)

    ⚠ BREAKING CHANGES

    • minimum supported Node.js version is 12.13.0
from compression-webpack-plugin GitHub release notes
Package name: eslint-plugin-import
  • 2.29.1 - 2023-12-14

    Full Changelog: v2.29.0...v2.29.1

  • 2.29.0 - 2023-10-23

    Full Changelog: v2.28.1...v2.29.0

  • 2.28.1 - 2023-08-18

    Full Changelog: v2.28.0...v2.28.1

  • 2.28.0 - 2023-07-28
  • 2.27.5 - 2023-01-16
  • 2.27.4 - 2023-01-12
  • 2.27.3 - 2023-01-12
  • 2.27.2 - 2023-01-12
  • 2.27.1 - 2023-01-12
  • 2.27.0 - 2023-01-11
  • 2.26.0 - 2022-04-05
  • 2.25.4 - 2022-01-02
  • 2.25.3 - 2021-11-10
  • 2.25.2 - 2021-10-12
  • 2.25.1 - 2021-10-12
  • 2.25.0 - 2021-10-12
  • 2.24.2 - 2021-08-24
  • 2.24.1 - 2021-08-19
  • 2.24.0 - 2021-08-08
  • 2.23.4 - 2021-05-29
from eslint-plugin-import GitHub release notes
Package name: eslint-plugin-jsx-a11y

@snyk-bot
fix: upgrade multiple dependencies with Snyk
6ef3d31 
Snyk has created this PR to upgrade:
  - @babel/register from 7.14.5 to 7.24.6.
    See this package in npm: https://www.npmjs.com/package/@babel/register
  - classnames from 2.3.1 to 2.5.1.
    See this package in npm: https://www.npmjs.com/package/classnames
  - compression-webpack-plugin from 8.0.0 to 8.0.1.
    See this package in npm: https://www.npmjs.com/package/compression-webpack-plugin
  - eslint-plugin-import from 2.23.4 to 2.29.1.
    See this package in npm: https://www.npmjs.com/package/eslint-plugin-import
  - eslint-plugin-jsx-a11y from 6.4.1 to 6.9.0.
    See this package in npm: https://www.npmjs.com/package/eslint-plugin-jsx-a11y
  - prop-types from 15.7.2 to 15.8.1.
    See this package in npm: https://www.npmjs.com/package/prop-types
  - eslint-plugin-react from 7.24.0 to 7.35.0.
    See this package in npm: https://www.npmjs.com/package/eslint-plugin-react
  - express from 4.17.1 to 4.19.2.
    See this package in npm: https://www.npmjs.com/package/express
  - nodemon from 2.0.7 to 2.0.22.
    See this package in npm: https://www.npmjs.com/package/nodemon
  - react-hot-loader from 4.13.0 to 4.13.1.
    See this package in npm: https://www.npmjs.com/package/react-hot-loader
  - redux from 4.1.0 to 4.2.1.
    See this package in npm: https://www.npmjs.com/package/redux
  - react-redux from 7.2.4 to 7.2.9.
    See this package in npm: https://www.npmjs.com/package/react-redux
  - react-router from 5.2.0 to 5.3.4.
    See this package in npm: https://www.npmjs.com/package/react-router
  - react-router-dom from 5.2.0 to 5.3.4.
    See this package in npm: https://www.npmjs.com/package/react-router-dom
  - webpack-hot-middleware from 2.25.0 to 2.26.1.
    See this package in npm: https://www.npmjs.com/package/webpack-hot-middleware
  - webpack-manifest-plugin from 3.1.1 to 3.2.0.
    See this package in npm: https://www.npmjs.com/package/webpack-manifest-plugin

See this project in Snyk:
https://app.snyk.io/org/manuelowsky/project/76375503-f74b-4430-a619-6c971855c561?utm_source=github&utm_medium=referral&page=upgrade-pr
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ManuelDevWeb @snyk-bot