mistadikay
Repos
19
Followers
60
Following
20

A golang ebook intro how to build a web with golang

41256
10437

A Higher Order Component using react-redux to keep form state in a Redux store

12608
1615

Drag and Drop for React

18516
1828

React :heart: BEM

91
2

:deciduous_tree: Smart immutable state for React

64
1

:package: Chai assertions for BEM class names

19
0

Events

Created at 14 hours ago
Created at 2 days ago
Created at 3 days ago
started
Created at 4 days ago

Enforce public npm registry

Created at 4 days ago

Fix outdated node version in github actions

Created at 4 days ago

Fix deprecation messages related to images

Add .nvmrc

Upgrade to gatsby 5

Remove firebase-tools

Created at 4 days ago
pull request closed
[Snyk] Security upgrade gatsby-plugin-google-analytics from 4.21.0 to 5.1.0

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- medium severity | 479/1000 Why? Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818 | Yes | No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

Created at 4 days ago
pull request closed
⬆️ Bump loader-utils from 1.4.0 to 1.4.2

Bumps loader-utils from 1.4.0 to 1.4.2.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Created at 4 days ago
pull request closed
[Snyk] Fix for 5 vulnerabilities

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- medium severity | 484/1000 Why? Has a fix available, CVSS 5.4 | Open Redirect SNYK-JS-GOT-2932019 | Yes | No Known Exploit medium severity | 646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5 | Validation Bypass SNYK-JS-SANITIZEHTML-1070780 | Yes | Proof of Concept medium severity | 539/1000 Why? Has a fix available, CVSS 6.5 | Access Restriction Bypass SNYK-JS-SANITIZEHTML-1070786 | Yes | No Known Exploit medium severity | 479/1000 Why? Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS) SNYK-JS-SANITIZEHTML-2957526 | Yes | No Known Exploit critical severity | 684/1000 Why? Has a fix available, CVSS 9.4 | Arbitrary Code Execution SNYK-JS-SANITIZEHTML-585892 | Yes | No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

See the full diff

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Open Redirect 🦉 Regular Expression Denial of Service (ReDoS) 🦉 Arbitrary Code Execution

Created at 4 days ago
pull request closed
[Snyk] Security upgrade firebase-tools from 11.7.0 to 11.14.0

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- high severity | 696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908 | No | Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

Created at 4 days ago
pull request closed
[Snyk] Security upgrade gatsby-plugin-sharp from 4.21.0 to 4.23.0

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- high severity | 696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS) SNYK-JS-NTHCHECK-1586032 | No | Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

Created at 4 days ago
Created at 4 days ago

fix: package.json & package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:

  • https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818
Created at 5 days ago
mistadikay create branch snyk-fix-b45294c665741e7a2e80d9fad13842a5
Created at 5 days ago
started
Created at 5 days ago
Created at 6 days ago
started
Created at 6 days ago
Created at 6 days ago
Created at 1 week ago
Created at 1 week ago
Created at 1 week ago
Created at 1 week ago
Created at 1 week ago
Created at 1 week ago
Created at 1 week ago
started
Created at 1 week ago
Created at 1 week ago
Created at 1 week ago
Created at 1 week ago