Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade eslint-plugin-import from 2.27.5 to 2.28.1 #816

Closed
wants to merge 1 commit into from
Closed

[Snyk] Upgrade eslint-plugin-import from 2.27.5 to 2.28.1 #816

wants to merge 1 commit into from

Conversation

lholmquist
Copy link
Member

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade eslint-plugin-import from 2.27.5 to 2.28.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 2 versions ahead of your current version.
  • The recommended version was released a month ago, on 2023-08-18.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-JSON5-3182856		 427/1000
Why? Proof of Concept exploit, CVSS 6.4		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: eslint-plugin-import from eslint-plugin-import GitHub release notes
Commit messages
Package name: eslint-plugin-import
  • cd95728 Bump to 2.28.1
  • 0847443 Revert 1fa2971 (breaking group change in `order`)
  • e9de30a [resolvers/webpack] v0.13.6
  • cd1dff7 Revert "[resolvers/webpack] [refactor] replace `lodash/isEqual` usage with `deep-equal`"
  • da71746 [resolvers/webpack] v0.13.5
  • 22a0802 [resolvers/webpack] [deps] update `resolve`
  • 1e81734 [resolvers/webpack] [refactor] replace `lodash/isEqual` usage with `deep-equal`
  • 2c18c29 [resolvers/webpack] [refactor] remove `lodash/get` usage
  • b9b9c86 [resolvers/webpack] [refactor] switch to a maintained array.prototype.find package
  • 2e7612f [Dev Deps] pin `jackspeak` since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6
  • 26ea4f8 [Docs] Add markdownlint
  • c704253 [resolvers/node] v0.3.9
  • 559480d [resolvers/webpack] v0.13.4
  • 10913e7 [resolvers] [*] [fix] restore node 6 compatibility
  • 69fce5c [Tests] actually test non-babel’d packages without babel
  • 0501367 [Docs] remove duplicate fixable notices in docs
  • 7f7a9a6 [resolvers/node] v0.3.8
  • 6f6f414 [resolvers/webpack] v0.13.3
  • 95f9f00 [resolvers/webpack] [deps] update `semver`
  • 4a75aaf [Deps] remove unused root dep
  • 5209a43 [resolvers] [*] [deps] update `is-core-module`, `resolve`
  • 132a433 [Deps] update `is-core-module`, `resolve`
  • a257df9 Bump to 2.28.0
  • 600fcc1 [Refactor] `order`: use `object.groupby`

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@coveralls
Copy link

Pull Request Test Coverage Report for Build 6251773029

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 98.331%
Totals Coverage Status
Change from base Build 6173365011: 0.0%
Covered Lines: 373
Relevant Lines: 374
💛 - Coveralls

@lholmquist lholmquist closed this Sep 27, 2023
@lholmquist lholmquist deleted the snyk-upgrade-acfbb2d8a33a9f511d845636b24f193a branch September 27, 2023 13:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lholmquist @coveralls @snyk-bot