Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Upgrade: , , , css-loader, prop-types #213

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade: , , , css-loader, prop-types #213

wants to merge 1 commit into from

Conversation

nejidevelops
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

@testing-library/jest-dom
from 5.11.9 to 5.17.0 | 14 versions ahead of your current version | a year ago
on 2023-07-18
@testing-library/react
from 11.2.5 to 11.2.7 | 2 versions ahead of your current version | 3 years ago
on 2021-05-14
@testing-library/user-event
from 12.7.1 to 12.8.3 | 7 versions ahead of your current version | 3 years ago
on 2021-03-09
css-loader
from 5.0.2 to 5.2.7 | 13 versions ahead of your current version | 3 years ago
on 2021-07-13
prop-types
from 15.7.2 to 15.8.1 | 2 versions ahead of your current version | 3 years ago
on 2022-01-05

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1090595		 586 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1255640		 586 Proof of Concept
medium severity Improper Input Validation
SNYK-JS-POSTCSS-5926692		 586 No Known Exploit
medium severity Information Exposure
SNYK-JS-NANOID-2332193		 586 Proof of Concept
Release notes
Package name: @testing-library/jest-dom from @testing-library/jest-dom GitHub release notes
Package name: @testing-library/react from @testing-library/react GitHub release notes
Package name: @testing-library/user-event from @testing-library/user-event GitHub release notes
Package name: css-loader from css-loader GitHub release notes
Package name: prop-types
  • 15.8.1 - 2022-01-05
    • [Fix] fix crash when a custom propType return lacks .data; call hasOwnProperty properly (#370)
    • [meta] Fix formatting in CHANGELOG.md (#367)
    • [Tests] add missing test coverage (#370)
    • [Tests] convert normal it functions to arrow functions (#370)
    • [Tests] do not fail fast; add react 17 (#366)
    • [Dev Deps] update eslint
  • 15.8.0 - 2021-12-22
    • [New] add PropTypes.bigint (#365)
    • [New] oneOfType: Add expected types to warning (#198)
    • [New] Add type check for validator for 'shape' and 'exact' (#234)
    • [Fix] checkPropTypes: Friendlier message when using a type checker that is not a function (#51)
    • [Refactor] extract has (#261, #125, #124)
    • [readme] Fix branch name (master -> main) (#364)
    • [readme] Clarify usage of elementType (#335)
    • [docs] highlighted the func name (#321)
    • [docs] Typo fix in example (#300)
    • [docs] Add instructions for intentional inclusion of validation in production. (#262)
    • [docs] PropTypes.node: add link to react docs
    • [docs] Improve wording for checkPropTypes (#258)
    • [meta] Add a package sideEffects field. (#350)
    • [meta] use in-publish to avoid running the build on install
    • [deps] regenerate yarn.lock
    • [deps] update react-is (#347, #346, #345, #340, #338)
    • [eslint] enable some rules (#360)
    • [Tests] Use GH Actions (#363)
    • [Tests] Fix spelling (#318)
    • [Tests] Fixed typo: 'Any type should accept any value' (#281)
    • [Tests] fix broken tests; test the build process
    • [Dev Deps] update browserify, bundle-collapser, eslint, in-publish, react, uglifyify, uglifyjs
  • 15.7.2 - 2019-02-13

    v15.7.2

from prop-types GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade multiple dependencies with Snyk
3b4dc0d 
Snyk has created this PR to upgrade:
  - @testing-library/jest-dom from 5.11.9 to 5.17.0.
    See this package in npm: https://www.npmjs.com/package/@testing-library/jest-dom
  - @testing-library/react from 11.2.5 to 11.2.7.
    See this package in npm: https://www.npmjs.com/package/@testing-library/react
  - @testing-library/user-event from 12.7.1 to 12.8.3.
    See this package in npm: https://www.npmjs.com/package/@testing-library/user-event
  - css-loader from 5.0.2 to 5.2.7.
    See this package in npm: https://www.npmjs.com/package/css-loader
  - prop-types from 15.7.2 to 15.8.1.
    See this package in npm: https://www.npmjs.com/package/prop-types

See this project in Snyk:
https://app.snyk.io/org/mohammadnewton/project/46dfd58c-e66a-4c59-9150-12fc1e790d1b?utm_source=github&utm_medium=referral&page=upgrade-pr
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nejidevelops @snyk-bot