Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Security upgrade radium from 0.13.8 to 0.16.0 #12

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 758/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.3
Prototype Pollution
SNYK-JS-LODASH-608086
No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: radium The new version differs by 250 commits.
  • 4c3876b 0.16.0
  • dc2d35e Changelog for version 0.16.0
  • c4e8e83 Upgrade to inline-style-prefixer 0.6.2
  • f490918 Add scopeSelector to multiple selectors in a single ruleset
  • 4ea58fe Allow <Style> to be configured standalone
  • cc89d15 Add px suffix to numeric values in keyframes, media queries, and style component
  • 09355c0 Merge pull request #479 from FormidableLabs/remove-print-styles
  • 658d3f2 Add test for @media print
  • 3cf12b7 Remove printStyles feature
  • b0fc3a3 Merge pull request #478 from FormidableLabs/StyleRoot
  • a8e258b Add note to StyleRoot docs about styles on children
  • a66a01f Enable static and instance fields in flow
  • 16e6def Fix media query test
  • f2c93a8 Fix lint for StyleRoot
  • b01e6c7 Fix tests for StyleRoot
  • 238bf9c Fix docs for StyleRoot
  • 0afa31d Add StyleRoot component to replace isRoot config
  • f4af38a Merge pull request #477 from FormidableLabs/greenkeeper-karma-mocha-reporter-1.1.4
  • 64bb294 Prefix media query classes with some letters
  • d0f4630 Merge pull request #473 from FormidableLabs/media-query-ssr
  • cb58b5d Add test for rendering top level media query styles as CSS
  • dc4b649 Migrate and fix media query tests
  • 8bad887 Mention media queries in warning about addCSS
  • d6fa0b5 Add space before !important

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASH-608086
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant