Skip to content

[Snyk] Security upgrade @pattern-lab/uikit-workshop from 5.14.0 to 5.15.5#373

Open
riteshgurung wants to merge 1 commit into1.0.xfrom
snyk-fix-47e0c2201bb7fe3c01f62dc8f05e911e
Open

[Snyk] Security upgrade @pattern-lab/uikit-workshop from 5.14.0 to 5.15.5#373
riteshgurung wants to merge 1 commit into1.0.xfrom
snyk-fix-47e0c2201bb7fe3c01f62dc8f05e911e

Conversation

@riteshgurung
Copy link
Copy Markdown
Contributor

@riteshgurung riteshgurung commented Jan 9, 2024

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • pattern-lab/package.json
    • pattern-lab/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 698/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.1		 Cross-site Scripting (XSS)
SNYK-JS-SERIALIZEJAVASCRIPT-6147607		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: @pattern-lab/uikit-workshop The new version differs by 87 commits.
  • 627d6a3 [skip travis] chore(release): publish v5.15.5
  • c9e4151 [skip travis] chore(release): publish v5.15.4
  • 108eb43 Update babel config
  • 7f37e9d fix: corrected some github urls (#1388)
  • b86bf0a chore: code optimizations (#1387)
  • 91d2d3e refactor: updated lerna dependency (#1382)
  • 62901a3 refactor: moved dependencies to devDependencies @ uikit-workshop (#1381)
  • 49cd8f8 refactor: updated 11ty dependencies (#1383)
  • 2939561 refactor: moved dependencies to devDependencies @ cli (#1384)
  • 6fa630e feat: define initial viewport (#1386)
  • 8fb9fb4 refactor: updated http-auth dependency (#1379)
  • e284703 chore: adding simple pattern descriptions (#1378)
  • 57aad3d [skip travis] chore(release): publish v5.15.3
  • a75ee0d refactor: updated our redux version (#1374)
  • 1ebcd53 Includes additional twig syntax featires (#1367)
  • 7c66f8a fix(handlebars-demo): move and modify the icon files (#1377)
  • cfa74c0 feat(vs-code): added recommendations (#1375)
  • 82c5592 refactor: replace node-sass by sass (#1373)
  • 57efccb feat: ensure consistent line endings across files (#1372)
  • d7b428c refactor(docs): added forked plugin to the list (#1371)
  • 384dc89 fix(docs): tiles z-index to not overlay the menu anymore (#1370)
  • acca120 [skip travis] chore(release): publish v5.15.2
  • 3ce13ab fix(core): Subgroup cannot be hidden (#1368)
  • 7495275 refactor: optimized engines directory retrieval #1359 (#1364)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

@riteshgurung riteshgurung mentioned this pull request Feb 2, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@riteshgurung @snyk-bot