Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 1 vulnerabilities #60

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Fix for 1 vulnerabilities #60

wants to merge 1 commit into from

Conversation

donfn
Copy link
Contributor

@donfn donfn commented Oct 28, 2023

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 748/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.1		 Cross-site Request Forgery (CSRF)
SNYK-JS-AXIOS-6032459		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: @poiw/saffron The new version differs by 33 commits.
  • 61c7264 Merge pull request #73 from poiw-org/refactor
  • abb6940 Fix test errors
  • f5224d9 Fixed merge errors
  • 4215bef Removed docker from package.json
  • b202a56 HTML doc examples
  • 5a50f75 Replaced let with const
  • e3a7ad1 Finished HTML docs and added static option
  • 9c91ac5 Wordpress path customization, added request headers option and minor changes
  • 69dc4fa Optmized import and lint code
  • 9432986 Check for duplicates in keys and started html documentaion
  • 6ceb3ac Refactored html parser and optimized cleanupHTMLText
  • caa7e49 Created type for source.scrape
  • 4ff1649 Moved alias assignment to worker
  • 590acff Fixed parser errors and added docs for dynamic parser
  • df39f25 Fixed RSS and some minor changes
  • d047592 Added WordPress v2 documentation
  • d29d397 Added tsconfig importsNotUsedAsValues as error
  • 0263735 Edited events
  • a723ccb FIxed config.test
  • 1e91d21 Updated workflows and packages
  • c6dd6ce Renamed config options and added more documentaion
  • 238cc9f Finished with tests and started documentation
  • 4637408 Fixed grid added eventDelay option and added more tests
  • 33bd955 Added and fixed tests

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Request Forgery (CSRF)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@donfn @snyk-bot