CybotTM
Followers
9

Events

fix: package.json & package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:

  • https://snyk.io/vuln/SNYK-JS-MATRIXJSSDK-3035643
  • https://snyk.io/vuln/SNYK-JS-MATRIXJSSDK-3035652
  • https://snyk.io/vuln/SNYK-JS-MATRIXJSSDK-3035765
Created at 3 days ago
CybotTM create branch snyk-fix-b1cbd63fa27af2bae5cacb4f7224c9b1
Created at 3 days ago

fix: upgrade @typescript-eslint/parser from 5.36.1 to 5.36.2

Snyk has created this PR to upgrade @typescript-eslint/parser from 5.36.1 to 5.36.2.

See this package in npm:

See this project in Snyk: https://app.snyk.io/org/netresearch/project/390f185d-d2ad-4ba3-a425-213414dee01e?utm_source=github&utm_medium=referral&page=upgrade-pr

Created at 6 days ago
CybotTM create branch snyk-upgrade-98c19021c4da8125d021bdbae5f757f0
Created at 6 days ago
pull request opened
[Snyk] Upgrade dotenv from 16.0.1 to 16.0.2

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released 22 days ago, on 2022-08-30.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Created at 1 week ago

fix: upgrade dotenv from 16.0.1 to 16.0.2

Snyk has created this PR to upgrade dotenv from 16.0.1 to 16.0.2.

See this package in npm:

See this project in Snyk: https://app.snyk.io/org/netresearch/project/c9614fb4-2af4-4277-8d80-9b3f61527152?utm_source=github&utm_medium=referral&page=upgrade-pr

Created at 1 week ago
CybotTM create branch snyk-upgrade-f7d25689bd069711044f9759ceee82f0
Created at 1 week ago
pull request opened
[Snyk] Security upgrade vuetify from 2.6.9 to 2.6.10

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- medium severity | 623/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 4.6 | Cross-site Scripting (XSS) SNYK-JS-VUETIFY-3019858 | No | Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

Created at 2 weeks ago

fix: package.json & package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:

  • https://snyk.io/vuln/SNYK-JS-VUETIFY-3019858
Created at 2 weeks ago
CybotTM create branch snyk-fix-9fbbc193015d511fd7d76d4537338ed7
Created at 2 weeks ago

fix: upgrade typescript from 4.7.4 to 4.8.2

Snyk has created this PR to upgrade typescript from 4.7.4 to 4.8.2.

See this package in npm:

See this project in Snyk: https://app.snyk.io/org/netresearch/project/390f185d-d2ad-4ba3-a425-213414dee01e?utm_source=github&utm_medium=referral&page=upgrade-pr

Created at 2 weeks ago
CybotTM create branch snyk-upgrade-3f0df9ef7f077de9a52cef696f7cdeab
Created at 2 weeks ago
CybotTM delete branch snyk-upgrade-46e152ce4dd3942581bd4f5a3eae2196
Created at 3 weeks ago
pull request closed
[Snyk] Upgrade nodemailer from 6.7.7 to 6.7.8

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released 22 days ago, on 2022-08-11.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Created at 3 weeks ago
delete branch
CybotTM delete branch snyk-upgrade-8df000a58c75411e8eda6f0d81583bd3
Created at 3 weeks ago
pull request closed
[Snyk] Upgrade eslint-plugin-html from 1.7.0 to 7.1.0

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

  • The recommended version is 38 versions ahead of your current version.
  • The recommended version was released a month ago, on 2022-07-25.

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Created at 3 weeks ago
delete branch
CybotTM delete branch snyk-upgrade-694bf253366f6c0b4a54a92a5c2fc62e
Created at 3 weeks ago

feat: upgrade file-loader from 0.9.0 to 6.2.0

Snyk has created this PR to upgrade file-loader from 0.9.0 to 6.2.0.

See this package in npm: https://www.npmjs.com/package/file-loader

See this project in Snyk: https://app.snyk.io/org/netresearch/project/9bea1088-90da-4dca-88c8-aa59c8f4544a?utm_source=github&utm_medium=referral&page=upgrade-pr

Created at 3 weeks ago
pull request closed
[Snyk] Upgrade file-loader from 0.9.0 to 6.2.0

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

  • The recommended version is 36 versions ahead of your current version.
  • The recommended version was released 2 years ago, on 2020-10-27.

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Created at 3 weeks ago
pull request closed
[Snyk] Upgrade inject-loader from 2.0.1 to 4.0.1

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

  • The recommended version is 8 versions ahead of your current version.
  • The recommended version was released 4 years ago, on 2018-04-07.

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Created at 3 weeks ago
delete branch
CybotTM delete branch snyk-upgrade-1803a9be40092fc0edbcf7eecf05c253
Created at 3 weeks ago

feat: upgrade inject-loader from 2.0.1 to 4.0.1

Snyk has created this PR to upgrade inject-loader from 2.0.1 to 4.0.1.

See this package in npm: https://www.npmjs.com/package/inject-loader

See this project in Snyk: https://app.snyk.io/org/netresearch/project/9bea1088-90da-4dca-88c8-aa59c8f4544a?utm_source=github&utm_medium=referral&page=upgrade-pr

Created at 3 weeks ago

feat: upgrade url-loader from 1.1.2 to 4.1.1

Snyk has created this PR to upgrade url-loader from 1.1.2 to 4.1.1.

See this package in npm: https://www.npmjs.com/package/url-loader

See this project in Snyk: https://app.snyk.io/org/netresearch/project/9bea1088-90da-4dca-88c8-aa59c8f4544a?utm_source=github&utm_medium=referral&page=upgrade-pr

Created at 3 weeks ago
delete branch
CybotTM delete branch snyk-upgrade-342e2169d88aa11936ff8af79f6b3e56
Created at 3 weeks ago
pull request closed
[Snyk] Upgrade url-loader from 1.1.2 to 4.1.1

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

  • The recommended version is 9 versions ahead of your current version.
  • The recommended version was released 2 years ago, on 2020-10-09.

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Created at 3 weeks ago

feat: upgrade sinon-chai from 2.14.0 to 3.7.0

Snyk has created this PR to upgrade sinon-chai from 2.14.0 to 3.7.0.

See this package in npm: https://www.npmjs.com/package/sinon-chai

See this project in Snyk: https://app.snyk.io/org/netresearch/project/9bea1088-90da-4dca-88c8-aa59c8f4544a?utm_source=github&utm_medium=referral&page=upgrade-pr

Created at 3 weeks ago
delete branch
CybotTM delete branch snyk-upgrade-07fee179bdfc324fb46d2ea186c78919
Created at 3 weeks ago
pull request closed
[Snyk] Upgrade sinon-chai from 2.14.0 to 3.7.0

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

  • The recommended version is 8 versions ahead of your current version.
  • The recommended version was released a year ago, on 2021-05-25.

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Created at 3 weeks ago
delete branch
CybotTM delete branch snyk-upgrade-47ac31c4c9e0ca163a0d1f54bb47f643
Created at 3 weeks ago

fix: upgrade karma-spec-reporter from 0.0.26 to 0.0.34

Snyk has created this PR to upgrade karma-spec-reporter from 0.0.26 to 0.0.34.

See this package in npm: https://www.npmjs.com/package/karma-spec-reporter

See this project in Snyk: https://app.snyk.io/org/netresearch/project/9bea1088-90da-4dca-88c8-aa59c8f4544a?utm_source=github&utm_medium=referral&page=upgrade-pr

Created at 3 weeks ago