Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps-dev): bump cross-spawn, cross-env, eslint, vuepress, webpack-cli and webpack-dev-server #152

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Nov 16, 2024

Bumps cross-spawn, cross-env, eslint, vuepress, webpack-cli and webpack-dev-server. These dependencies needed to be updated together.
Updates cross-spawn from 6.0.5 to 7.0.5

Changelog

Sourced from cross-spawn's changelog.

7.0.5 (2024-11-07)

Bug Fixes

  • fix escaping bug introduced by backtracking (640d391)

7.0.4 (2024-11-07)

Bug Fixes

7.0.3 (2020-05-25)

Bug Fixes

  • detect path key based on correct environment (#133) (159e7e9)

7.0.2 (2020-04-04)

Bug Fixes

  • fix worker threads in Node >=11.10.0 (#132) (6c5b4f0)

7.0.1 (2019-10-07)

Bug Fixes

7.0.0 (2019-09-03)

⚠ BREAKING CHANGES

  • drop support for Node.js < 8

  • drop support for versions below Node.js 8 (#125) (16feb53)

Commits
  • 0852683 chore(release): 7.0.5
  • 640d391 fix: fix escaping bug introduced by backtracking
  • bff0c87 chore: remove codecov
  • a7c6abc chore: replace travis with github workflows
  • 9b9246e chore(release): 7.0.4
  • 5ff3a07 fix: disable regexp backtracking (#160)
  • 9521e2d chore: fix tests in recent node js versions
  • 97ded39 chore: convert package lock
  • d52b6b9 chore: remove unused argument (#156)
  • 5d84384 chore: add travis jobs on ppc64le (#142)
  • Additional commits viewable in compare view

Updates cross-env from 5.2.0 to 7.0.3

Release notes

Sourced from cross-env's releases.

v7.0.3

7.0.3 (2020-12-01)

Bug Fixes

  • add maintenance mode notice (fe80c84)

v7.0.2

7.0.2 (2020-03-05)

Reverts

v7.0.1

7.0.1 (2020-03-03)

Bug Fixes

v7.0.0

7.0.0 (2020-01-25)

Features

BREAKING CHANGES

  • Drop Node 8 support

v6.0.3

6.0.3 (2019-10-02)

Bug Fixes

  • do not compile anything (67f21c3)

v6.0.2

6.0.2 (2019-10-01)

... (truncated)

Commits

Updates eslint from 5.16.0 to 9.15.0

Release notes

Sourced from eslint's releases.

v9.15.0

Features

  • 01557ce feat: Implement Language#normalizeLanguageOptions() (#19104) (Nicholas C. Zakas)
  • 2edc0e2 feat: add meta.defaultOptions (#17656) (Josh Goldberg ✨)
  • bdec50e feat: fix no-useless-computed-key false negative with __proto__ (#19123) (Milos Djermanovic)
  • 3087c9e feat: add meta object to @eslint/js plugin (#19095) (Francesco Trotta)

Bug Fixes

  • fd33f13 fix: update types for no-restricted-imports rule (#19060) (Nitin Kumar)
  • bd35098 fix: switch away from Node.js node:assert and AssertionError (#19082) (Josh Goldberg ✨)
  • 9db5b15 fix: unsafe report for no-lonely-if (#19087) (Abraham Guo)
  • 68fa497 fix: ignore files on a different drive on Windows (#19069) (Francesco Trotta)
  • 4ce625a fix: upgrade @​humanwhocodes/retry@​0.4.1 to avoid debug logs (#19102) (Milos Djermanovic)

Documentation

  • d927920 docs: fix styles in no-js mode (#18916) (Tanuj Kanti)
  • 09bc2a8 docs: Update README (GitHub Actions Bot)
  • 39089c8 docs: add no-useless-computed-key examples with object patterns (#19109) (Milos Djermanovic)
  • 895c60f docs: add missing messageId property and suggestion properties (#19122) (fnx)
  • 298625e docs: Change CLI -c to use flat config (#19103) (Nicholas C. Zakas)
  • 522d8a3 docs: add deprecation on indent, quotes and semi rule types (#19090) (Marco Pasqualetti)

Chores

  • 2967d91 chore: upgrade @​eslint/js@​9.15.0 (#19133) (Milos Djermanovic)
  • b441bee chore: package.json update for @​eslint/js release (Jenkins)
  • 7d6bf4a chore: upgrade @​eslint/core@​0.9.0 (#19131) (Milos Djermanovic)
  • 902e707 chore: upgrade @​eslint/plugin-kit@​0.2.3 (#19130) (Milos Djermanovic)
  • 5ff6c1d chore: bump cross-spawn (#19125) (Ian Bobinac)
  • cceccc7 chore: update dependency @​eslint/json to ^0.6.0 (#19117) (renovate[bot])
  • 0da3f73 chore: update algolia referrer (#19114) (Strek)
  • 4f08332 ci: unpin trunk-io/trunk-action (#19108) (Francesco Trotta)
  • 6b75683 perf: optimize text-table by replacing regex with trimEnd (#19061) (Nitin Kumar)

v9.14.0

Features

  • 3fa009f feat: add support for Import Attributes and RegExp Modifiers (#19076) (Milos Djermanovic)
  • b0faee3 feat: add types for the @eslint/js package (#19010) (Nitin Kumar)

Bug Fixes

  • 24d0172 fix: enable retry concurrency limit for readFile() (#19077) (Nicholas C. Zakas)
  • b442067 fix: Don't crash when directory is deleted during traversal. (#19067) (Nicholas C. Zakas)
  • d474443 fix: avoid call stack overflow while processing globs (#19035) (Livia Medeiros)

Documentation

  • 151c965 docs: update context.languageOptions.parser description (#19084) (Nitin Kumar)
  • dc34f94 docs: Update README (GitHub Actions Bot)
  • f16e846 docs: Update README (GitHub Actions Bot)
  • ee0a77e docs: change link from @​types/eslint to lib/types (#19049) (Karl Horky)
  • 50f03a1 docs: Clarify global ignores in config migration guide (#19032) (Milos Djermanovic)

... (truncated)

Changelog

Sourced from eslint's changelog.

v9.15.0 - November 15, 2024

  • 2967d91 chore: upgrade @​eslint/js@​9.15.0 (#19133) (Milos Djermanovic)
  • b441bee chore: package.json update for @​eslint/js release (Jenkins)
  • 7d6bf4a chore: upgrade @​eslint/core@​0.9.0 (#19131) (Milos Djermanovic)
  • 01557ce feat: Implement Language#normalizeLanguageOptions() (#19104) (Nicholas C. Zakas)
  • 902e707 chore: upgrade @​eslint/plugin-kit@​0.2.3 (#19130) (Milos Djermanovic)
  • 2edc0e2 feat: add meta.defaultOptions (#17656) (Josh Goldberg ✨)
  • fd33f13 fix: update types for no-restricted-imports rule (#19060) (Nitin Kumar)
  • 5ff6c1d chore: bump cross-spawn (#19125) (Ian Bobinac)
  • d927920 docs: fix styles in no-js mode (#18916) (Tanuj Kanti)
  • bdec50e feat: fix no-useless-computed-key false negative with __proto__ (#19123) (Milos Djermanovic)
  • 09bc2a8 docs: Update README (GitHub Actions Bot)
  • bd35098 fix: switch away from Node.js node:assert and AssertionError (#19082) (Josh Goldberg ✨)
  • 39089c8 docs: add no-useless-computed-key examples with object patterns (#19109) (Milos Djermanovic)
  • 895c60f docs: add missing messageId property and suggestion properties (#19122) (fnx)
  • cceccc7 chore: update dependency @​eslint/json to ^0.6.0 (#19117) (renovate[bot])
  • 0da3f73 chore: update algolia referrer (#19114) (Strek)
  • 9db5b15 fix: unsafe report for no-lonely-if (#19087) (Abraham Guo)
  • 68fa497 fix: ignore files on a different drive on Windows (#19069) (Francesco Trotta)
  • 4f08332 ci: unpin trunk-io/trunk-action (#19108) (Francesco Trotta)
  • 3087c9e feat: add meta object to @eslint/js plugin (#19095) (Francesco Trotta)
  • 298625e docs: Change CLI -c to use flat config (#19103) (Nicholas C. Zakas)
  • 4ce625a fix: upgrade @​humanwhocodes/retry@​0.4.1 to avoid debug logs (#19102) (Milos Djermanovic)
  • 522d8a3 docs: add deprecation on indent, quotes and semi rule types (#19090) (Marco Pasqualetti)
  • 6b75683 perf: optimize text-table by replacing regex with trimEnd (#19061) (Nitin Kumar)

v9.14.0 - November 1, 2024

  • f36cb16 chore: upgrade @​eslint/js@​9.14.0 (#19086) (Milos Djermanovic)
  • 28be447 chore: package.json update for @​eslint/js release (Jenkins)
  • 24d0172 fix: enable retry concurrency limit for readFile() (#19077) (Nicholas C. Zakas)
  • 3fa009f feat: add support for Import Attributes and RegExp Modifiers (#19076) (Milos Djermanovic)
  • b0faee3 feat: add types for the @eslint/js package (#19010) (Nitin Kumar)
  • 151c965 docs: update context.languageOptions.parser description (#19084) (Nitin Kumar)
  • dc34f94 docs: Update README (GitHub Actions Bot)
  • f48a2a0 test: add no-invalid-regexp tests with RegExp Modifiers (#19075) (Milos Djermanovic)
  • 37c9177 build: update @wdio/* dependencies (#19068) (Francesco Trotta)
  • b442067 fix: Don't crash when directory is deleted during traversal. (#19067) (Nicholas C. Zakas)
  • 35a8858 build: exclude flawed dendency versions (#19065) (Francesco Trotta)
  • 425202e perf: Fix caching in config loaders (#19042) (Milos Djermanovic)
  • 3d44b3c ci: run tests in Node.js 23 (#19055) (Francesco Trotta)
  • f16e846 docs: Update README (GitHub Actions Bot)
  • ee0a77e docs: change link from @​types/eslint to lib/types (#19049) (Karl Horky)
  • d474443 fix: avoid call stack overflow while processing globs (#19035) (Livia Medeiros)
  • 7259627 test: ensure tmp directory cleanup in check-emfile-handling.js (#19036) (Livia Medeiros)
  • 50f03a1 docs: Clarify global ignores in config migration guide (#19032) (Milos Djermanovic)

v9.13.0 - October 18, 2024

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by eslintbot, a new releaser for eslint since your current version.


Updates vuepress from 0.14.11 to 1.9.10

Release notes

Sourced from vuepress's releases.

v1.9.10

Bug Fixes

  • core: failed to resolve theme components when using theme inheritance (close: #3163) (#3164) (546499b)
  • markdown: replace double quotation marks in classname(fix #3152) (#3154) (cef64e6)

v1.9.2

TS Support for VuePress Plugin and Theme.

Motivation

We've announced VuePress 1.9 that takes full TypeScript Support for Config File, while VuePress 1.9.2 ships with TS Support for VuePress Plugin and Theme:

Quick Start

In order to make the plugin developer not dependent on VuePress for development, we provide a completely independent type package @vuepress/types:

npm i @vuepress/types -D

@vuepress/types exports four functions:

  • defineConfig
  • defineConfig4CustomTheme
  • defineTheme
  • definePlugin

Note that using @vuepress/types is equivalent to using vuepress/config.

Plugin Type

If you already have some VuePress plugins written in JS, you can leverage your IDE's intellisense with jsdoc type hints:

/**
 * @type {import('@vuepress/types').Plugin}
 */
module.exports = {
  ready() {
    // ...
  }
};

... (truncated)

Changelog

Sourced from vuepress's changelog.

1.9.10 (2023-08-14)

Bug Fixes

  • core: failed to resolve theme components when using theme inheritance (close: #3163) (#3164) (546499b)
  • markdown: replace double quotation marks in classname(fix #3152) (#3154) (cef64e6)

1.9.9 (2023-02-25)

Bug Fixes

1.9.8 (2023-01-06)

Bug Fixes

1.9.7 (2022-01-18)

Bug Fixes

1.9.6 (2022-01-17)

Bug Fixes

Features

... (truncated)

Commits
  • a3e4bba build: release version 1.9.10
  • f1cbdb6 build: release version 1.9.9
  • cb87096 build: release version 1.9.8
  • 7cd8b30 fix(cli): .vuepress/config.ts does not respect custom command (close: #3113...
  • 2f2357a build: release version 1.9.7
  • 5699216 build: release version 1.9.6
  • 2f9a394 feat: add build concurrency control (close: #1819) (#2953)
  • ef6f87a build: release version 1.9.5
  • e4a28db build: release version 1.9.4
  • accfe87 build: release version 1.9.3
  • Additional commits viewable in compare view

Updates webpack-cli from 3.3.1 to 5.1.4

Release notes

Sourced from webpack-cli's releases.

v5.1.4

5.1.4 (2023-06-07)

Bug Fixes

  • multi compiler progress output (f659624)

v5.1.3

5.1.3 (2023-06-04)

Bug Fixes

v5.1.2

5.1.2 (2023-06-04)

Bug Fixes

  • improve check for custom webpack and webpack-dev-server package existance (0931ab6)
  • improve help for some flags (f468614)
  • improved support for .cts and .mts extensions (a77daf2)

v5.1.1

5.1.1 (2023-05-09)

Bug Fixes

  • false positive warning when --watch used (#3783) (c0436ba)

v5.1.0

5.1.0 (2023-05-07)

Features

Performance Improvements

  • simplify logic, reduce extra loops and perf (#3767) (6afe1d3)

v5.0.2

5.0.2 (2023-04-21)

Bug Fixes

  • error message for missing default export in configuration (#3685) (e0a4a09)
  • perf: reduced startup time (3b79059)

v5.0.1

... (truncated)

Changelog

Sourced from webpack-cli's changelog.

5.1.4 (2023-06-07)

Bug Fixes

  • multi compiler progress output (f659624)

5.1.3 (2023-06-04)

Bug Fixes

5.1.2 (2023-06-04)

Bug Fixes

  • improve check for custom webpack and webpack-dev-server package existance (0931ab6)
  • improve help for some flags (f468614)
  • improved support for .cts and .mts extensions (a77daf2)

5.1.1 (2023-05-09)

Bug Fixes

  • false positive warning when --watch used (#3783) (c0436ba)

5.1.0 (2023-05-07)

Features

Performance Improvements

  • simplify logic, reduce extra loops and perf (#3767) (6afe1d3)

5.0.2 (2023-04-21)

Bug Fixes

  • error message for missing default export in configuration (#3685) (e0a4a09)
  • perf: reduced startup time (3b79059)

5.0.1 (2022-12-05)

Bug Fixes

  • make define-process-env-node-env alias node-env (#3514) (346a518)

5.0.0 (2022-11-17)

... (truncated)

Commits
  • e07f0e5 chore(release): publish new version
  • 0345c6f chore(deps-dev): bump @​typescript-eslint/parser from 5.59.8 to 5.59.9 (#3839)
  • f659624 fix: multi compiler progress output
  • 0d1ff01 chore(deps-dev): bump webpack from 5.85.0 to 5.85.1 (#3837)
  • a7ec146 chore(deps-dev): bump @​typescript-eslint/eslint-plugin (#3838)
  • 9464635 chore(deps-dev): bump eslint from 8.41.0 to 8.42.0 (#3835)
  • cf1796f docs: update changelog
  • 7899c39 chore(release): publish new version
  • bb4f8eb fix: regression for custom configurations (#3834)
  • 14b9c18 docs: update changelog
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for webpack-cli since your current version.


Updates webpack-dev-server from 3.3.1 to 5.1.0

Release notes

Sourced from webpack-dev-server's releases.

v5.1.0

5.1.0 (2024-09-03)

Features

  • add visual progress indicators (a8f40b7)
  • added the app option to be Function (by default only with connect compatibility frameworks) (3096148)
  • allow the server option to be Function (#5275) (02a1c6d)
  • http2 support for connect and connect compatibility frameworks which support HTTP2 (#5267) (6509a3f)

Bug Fixes

v5.0.4

5.0.4 (2024-03-19)

Bug Fixes

v5.0.3

5.0.3 (2024-03-12)

Bug Fixes

v5.0.2

5.0.2 (2024-02-16)

Bug Fixes

v5.0.1

5.0.1 (2024-02-13)

Bug Fixes

... (truncated)

Changelog

Sourced from webpack-dev-server's changelog.

5.1.0 (2024-09-03)

Features

  • add visual progress indicators (a8f40b7)
  • added the app option to be Function (by default only with connect compatibility frameworks) (3096148)
  • allow the server option to be Function (#5275) (02a1c6d)
  • http2 support for connect and connect compatibility frameworks which support HTTP2 (#5267) (6509a3f)

Bug Fixes

5.0.4 (2024-03-19)

Bug Fixes

5.0.3 (2024-03-12)

Bug Fixes

5.0.2 (2024-02-16)

Bug Fixes

5.0.1 (2024-02-13)

Bug Fixes

5.0.0 (2024-02-12)

... (truncated)

Commits
  • 5ee0d40 chore(release): v5.1.0
  • 02a1c6d feat: allow the server option to be Function (#5275)
  • 530db07 chore(deps): bump the dependencies group across 1 directory with 10 updates (...
  • 8b341cb fix: support devServer: false (#5272)
  • 06005e7 fix: ipv6 output (#5270)
  • 748d420 chore(deps-dev): bump the dependencies group with 2 updates (#5271)
  • c3b532c fix: check the platform property to determinate the target (#5269)
  • 6509a3f feat: http2 support for connect and connect compatibility frameworks whic...
  • 1b3d124 chore(deps): update (#5268)
  • f5f0902 fix: replace default gateway (#5255)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previous...

Description has been truncated

…ck-cli and webpack-dev-server

Bumps [cross-spawn](https://github.com/moxystudio/node-cross-spawn), [cross-env](https://github.com/kentcdodds/cross-env), [eslint](https://github.com/eslint/eslint), [vuepress](https://github.com/vuejs/vuepress/tree/HEAD/packages/vuepress), [webpack-cli](https://github.com/webpack/webpack-cli) and [webpack-dev-server](https://github.com/webpack/webpack-dev-server). These dependencies needed to be updated together.

Updates `cross-spawn` from 6.0.5 to 7.0.5
- [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md)
- [Commits](moxystudio/node-cross-spawn@v6.0.5...v7.0.5)

Updates `cross-env` from 5.2.0 to 7.0.3
- [Release notes](https://github.com/kentcdodds/cross-env/releases)
- [Changelog](https://github.com/kentcdodds/cross-env/blob/master/CHANGELOG.md)
- [Commits](kentcdodds/cross-env@v5.2.0...v7.0.3)

Updates `eslint` from 5.16.0 to 9.15.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](eslint/eslint@v5.16.0...v9.15.0)

Updates `vuepress` from 0.14.11 to 1.9.10
- [Release notes](https://github.com/vuejs/vuepress/releases)
- [Changelog](https://github.com/vuejs/vuepress/blob/master/CHANGELOG.md)
- [Commits](https://github.com/vuejs/vuepress/commits/v1.9.10/packages/vuepress)

Updates `webpack-cli` from 3.3.1 to 5.1.4
- [Release notes](https://github.com/webpack/webpack-cli/releases)
- [Changelog](https://github.com/webpack/webpack-cli/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-cli/compare/[email protected])

Updates `webpack-dev-server` from 3.3.1 to 5.1.0
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md)
- [Commits](webpack/webpack-dev-server@v3.3.1...v5.1.0)

---
updated-dependencies:
- dependency-name: cross-spawn
  dependency-type: direct:development
- dependency-name: cross-env
  dependency-type: direct:development
- dependency-name: eslint
  dependency-type: direct:development
- dependency-name: vuepress
  dependency-type: direct:development
- dependency-name: webpack-cli
  dependency-type: direct:development
- dependency-name: webpack-dev-server
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 16, 2024
@ibcheckmarx
Copy link

Logo
Checkmarx One – Scan Summary & Details3882dc67-0b3e-49e5-b9e2-f3cb79dc518f

New Issues

Severity Issue Source File / Package Checkmarx Insight
CRITICAL CVE-2022-37611 Npm-gh-pages-1.1.0 Vulnerable Package
CRITICAL CVE-2024-40643 Npm-htmlparser2-3.10.1 Vulnerable Package
CRITICAL CVE-2024-40643 Npm-htmlparser2-3.9.2 Vulnerable Package
CRITICAL CVE-2024-40643 Npm-htmlparser2-3.3.0 Vulnerable Package
CRITICAL CVE-2024-42461 Npm-elliptic-6.4.0 Vulnerable Package
CRITICAL CVE-2024-42461 Npm-elliptic-6.4.1 Vulnerable Package
CRITICAL CVE-2024-48949 Npm-elliptic-6.4.1 Vulnerable Package
CRITICAL CVE-2024-48949 Npm-elliptic-6.4.0 Vulnerable Package
HIGH CVE-2020-26311 Npm-useragent-2.3.0 Vulnerable Package
HIGH CVE-2022-37620 Npm-html-minifier-3.5.5 Vulnerable Package
HIGH CVE-2022-37620 Npm-html-minifier-3.5.16 Vulnerable Package
HIGH CVE-2022-37620 Npm-html-minifier-3.5.8 Vulnerable Package
HIGH CVE-2022-37620 Npm-html-minifier-3.5.21 Vulnerable Package
HIGH CVE-2024-21536 Npm-http-proxy-middleware-0.17.4 Vulnerable Package
HIGH CVE-2024-21536 Npm-http-proxy-middleware-0.18.0 Vulnerable Package
HIGH CVE-2024-21536 Npm-http-proxy-middleware-0.19.1 Vulnerable Package
HIGH CVE-2024-21536 Npm-http-proxy-middleware-0.17.3 Vulnerable Package
HIGH CVE-2024-21536 Npm-http-proxy-middleware-1.3.1 Vulnerable Package
HIGH CVE-2024-21536 Npm-http-proxy-middleware-0.19.2 Vulnerable Package
HIGH CVE-2024-27088 Npm-es5-ext-0.10.45 Vulnerable Package
HIGH CVE-2024-27088 Npm-es5-ext-0.10.49 Vulnerable Package
HIGH CVE-2024-27088 Npm-es5-ext-0.10.30 Vulnerable Package
HIGH CVE-2024-27088 Npm-es5-ext-0.10.38 Vulnerable Package
HIGH CVE-2024-29180 Npm-webpack-dev-middleware-3.7.3 Vulnerable Package
HIGH CVE-2024-29180 Npm-webpack-dev-middleware-3.4.0 Vulnerable Package
HIGH CVE-2024-29180 Npm-webpack-dev-middleware-1.12.0 Vulnerable Package
HIGH CVE-2024-29180 Npm-webpack-dev-middleware-2.0.5 Vulnerable Package
HIGH CVE-2024-29180 Npm-webpack-dev-middleware-3.6.0 Vulnerable Package
HIGH CVE-2024-29180 Npm-webpack-dev-middleware-1.12.2 Vulnerable Package
HIGH CVE-2024-29180 Npm-webpack-dev-middleware-2.0.6 Vulnerable Package
HIGH CVE-2024-29180 Npm-webpack-dev-middleware-1.10.1 Vulnerable Package
HIGH CVE-2024-29415 Npm-ip-1.0.1 Vulnerable Package
HIGH CVE-2024-29415 Npm-ip-1.1.9 Vulnerable Package
HIGH CVE-2024-29415 Npm-ip-1.1.5 Vulnerable Package
HIGH CVE-2024-33883 Npm-ejs-2.6.1 Vulnerable Package
HIGH CVE-2024-33883 Npm-ejs-2.5.7 Vulnerable Package
HIGH CVE-2024-37890 Npm-ws-4.0.0 Vulnerable Package
HIGH CVE-2024-37890 Npm-ws-4.1.0 Vulnerable Package
HIGH CVE-2024-37890 Npm-ws-3.2.0 Vulnerable Package
HIGH CVE-2024-37890 Npm-ws-2.3.1 Vulnerable Package
HIGH CVE-2024-37890 Npm-ws-6.1.3 Vulnerable Package
HIGH CVE-2024-37890 Npm-ws-3.3.3 Vulnerable Package
HIGH CVE-2024-38355 Npm-socket.io-2.1.1 Vulnerable Package
HIGH CVE-2024-4068 Npm-braces-0.1.5 Vulnerable Package
HIGH CVE-2024-4068 Npm-braces-2.3.0 Vulnerable Package
HIGH CVE-2024-4068 Npm-braces-2.3.2 Vulnerable Package
HIGH CVE-2024-4068 Npm-braces-1.8.5 Vulnerable Package
HIGH CVE-2024-45296 Npm-path-to-regexp-0.1.7 Vulnerable Package
HIGH CVE-2024-45296 Npm-path-to-regexp-1.7.0 Vulnerable Package
HIGH CVE-2024-45590 Npm-body-parser-1.19.0 Vulnerable Package
HIGH CVE-2024-45590 Npm-body-parser-1.18.3 Vulnerable Package
HIGH CVE-2024-45590 Npm-body-parser-1.18.2 Vulnerable Package
MEDIUM CVE-2019-18799 Npm-node-sass-4.5.3 Vulnerable Package
MEDIUM CVE-2020-8244 Npm-bl-1.2.2 Vulnerable Package
MEDIUM CVE-2024-28849 Npm-follow-redirects-1.6.1 Vulnerable Package
MEDIUM CVE-2024-28849 Npm-follow-redirects-1.7.0 Vulnerable Package
MEDIUM CVE-2024-28863 Npm-tar-4.3.3 Vulnerable Package
MEDIUM CVE-2024-28863 Npm-tar-2.2.1 Vulnerable Package
MEDIUM CVE-2024-28863 Npm-tar-4.4.8 Vulnerable Package
MEDIUM CVE-2024-28863 Npm-tar-4.4.1 Vulnerable Package
MEDIUM CVE-2024-29041 Npm-express-4.15.4 Vulnerable Package
MEDIUM CVE-2024-29041 Npm-express-4.16.4 Vulnerable Package
MEDIUM CVE-2024-29041 Npm-express-4.16.3 Vulnerable Package
MEDIUM CVE-2024-29041 Npm-express-4.15.2 Vulnerable Package
MEDIUM CVE-2024-29041 Npm-express-4.16.2 Vulnerable Package
MEDIUM CVE-2024-29041 Npm-express-4.14.1 Vulnerable Package
MEDIUM CVE-2024-34343 Npm-nuxt-1.4.1 Vulnerable Package
MEDIUM CVE-2024-34343 Npm-nuxt-1.3.0 Vulnerable Package
MEDIUM CVE-2024-34343 Npm-nuxt-1.0.0-rc11 Vulnerable Package
MEDIUM CVE-2024-36361 Npm-pug-code-gen-2.0.0 Vulnerable Package
MEDIUM CVE-2024-4067 Npm-micromatch-2.3.11 Vulnerable Package
MEDIUM CVE-2024-4067 Npm-micromatch-3.1.10 Vulnerable Package
MEDIUM CVE-2024-4067 Npm-micromatch-3.1.5 Vulnerable Package
MEDIUM CVE-2024-42459 Npm-elliptic-6.4.0 Vulnerable Package
MEDIUM CVE-2024-42459 Npm-elliptic-6.4.1 Vulnerable Package
MEDIUM CVE-2024-42460 Npm-elliptic-6.4.1 Vulnerable Package
MEDIUM CVE-2024-42460 Npm-elliptic-6.4.0 Vulnerable Package
MEDIUM CVE-2024-43796 Npm-express-4.16.3 Vulnerable Package
MEDIUM CVE-2024-43796 Npm-express-4.14.1 Vulnerable Package
MEDIUM CVE-2024-43796 Npm-express-4.15.2 Vulnerable Package
MEDIUM CVE-2024-43796 Npm-express-4.16.2 Vulnerable Package
MEDIUM CVE-2024-43796 Npm-express-4.15.4 Vulnerable Package
MEDIUM CVE-2024-43796 Npm-express-4.16.4 Vulnerable Package
MEDIUM CVE-2024-43799 Npm-send-0.15.4 Vulnerable Package
MEDIUM CVE-2024-43799 Npm-send-0.15.1 Vulnerable Package
MEDIUM CVE-2024-43799 Npm-send-0.16.1 Vulnerable Package
MEDIUM CVE-2024-43799 Npm-send-0.14.2 Vulnerable Package
MEDIUM CVE-2024-43799 Npm-send-0.16.2 Vulnerable Package
MEDIUM CVE-2024-43799 Npm-send-0.15.5 Vulnerable Package
MEDIUM CVE-2024-43800 Npm-serve-static-1.12.1 Vulnerable Package
MEDIUM CVE-2024-43800 Npm-serve-static-1.12.5 Vulnerable Package
MEDIUM CVE-2024-43800 Npm-serve-static-1.12.4 Vulnerable Package
MEDIUM CVE-2024-43800 Npm-serve-static-1.13.1 Vulnerable Package
MEDIUM CVE-2024-43800 Npm-serve-static-1.11.2 Vulnerable Package
MEDIUM CVE-2024-43800 Npm-serve-static-1.13.2 Vulnerable Package
MEDIUM CVE-2024-47068 Npm-rollup-0.50.0 Vulnerable Package
MEDIUM CVE-2024-47068 Npm-rollup-0.66.6 Vulnerable Package
MEDIUM CVE-2024-47764 Npm-cookie-0.3.1 Vulnerable Package
MEDIUM CVE-2024-6783 Npm-vue-template-compiler-2.5.13 Vulnerable Package
MEDIUM CVE-2024-6783 Npm-vue-template-compiler-2.5.16 Vulnerable Package
MEDIUM CVE-2024-6783 Npm-vue-template-compiler-2.7.16 Vulnerable Package
MEDIUM CVE-2024-6783 Npm-vue-template-compiler-2.6.6 Vulnerable Package
MEDIUM CVE-2024-6783 Npm-vue-template-compiler-2.4.4 Vulnerable Package
MEDIUM CVE-2024-6783 Npm-vue-template-compiler-2.1.10 Vulnerable Package
MEDIUM CVE-2024-6783 Npm-vue-template-compiler-2.2.4 Vulnerable Package
MEDIUM CVE-2024-6783 Npm-vue-template-compiler-2.6.10 Vulnerable Package
LOW CVE-2024-48948 Npm-elliptic-6.4.1 Vulnerable Package
LOW CVE-2024-48948 Npm-elliptic-6.4.0 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-template-compiler-2.6.6 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-2.6.10 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-template-compiler-2.6.10 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-2.6.6 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-template-compiler-2.5.13 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-2.7.16 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-server-renderer-2.4.4 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-2.1.10 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-server-renderer-2.7.16 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-2.5.13 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-template-compiler-2.5.16 Vulnerable Package
LOW CVE-2024-9506 Npm-@vue/compiler-sfc-2.7.16 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-template-compiler-2.2.4 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-2.4.4 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-server-renderer-2.5.16 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-2.5.16 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-server-renderer-2.5.13 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-template-compiler-2.7.16 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-2.2.4 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-template-compiler-2.4.4 Vulnerable Package
LOW CVE-2024-9506 Npm-vue-template-compiler-2.1.10 Vulnerable Package

Fixed Issues

Severity Issue Source File / Package
HIGH CVE-2020-15138 Npm-prismjs-1.16.0
HIGH CVE-2020-7677 Npm-thenify-3.3.0
HIGH CVE-2021-23341 Npm-prismjs-1.16.0
HIGH CVE-2022-0691 Npm-url-parse-1.4.7
HIGH Cxab55612e-3a56 Npm-braces-3.0.2
HIGH Cxab55612e-3a56 Npm-braces-1.8.5
HIGH Cxab55612e-3a56 Npm-braces-0.1.5
HIGH Cxab55612e-3a56 Npm-braces-2.3.0
HIGH Cxab55612e-3a56 Npm-braces-2.3.2
HIGH Cxca84a1c2-1f12 Npm-micromatch-3.1.10
HIGH Cxca84a1c2-1f12 Npm-micromatch-3.1.5
HIGH Cxca84a1c2-1f12 Npm-micromatch-2.3.11
HIGH Cxf6e7f2c1-dc59 Npm-yauzl-2.4.1
HIGH Cxf6e7f2c1-dc59 Npm-yauzl-2.10.0
MEDIUM CVE-2021-32723 Npm-prismjs-1.16.0
MEDIUM CVE-2021-3801 Npm-prismjs-1.16.0
MEDIUM CVE-2022-23647 Npm-prismjs-1.16.0
MEDIUM Cx65afcea4-5e85 Npm-event-pubsub-4.3.0
MEDIUM Cxba768ce4-aa4e Npm-node-ipc-9.1.1
MEDIUM Cxc785342e-d1eb Npm-js-message-1.0.5
MEDIUM Cxe84e5215-7539 Npm-js-queue-2.0.0
MEDIUM Cxf9de4751-620f Npm-easy-stack-1.0.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant