Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Snyk fix f81cf75975322289d83b02932747c5d5 #5562

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

Snyk fix f81cf75975322289d83b02932747c5d5 #5562

wants to merge 7 commits into from

Conversation

devsecopskallie
Copy link

Pull Request Submission Checklist

  • Follows CONTRIBUTING guidelines
  • Includes detailed description of changes
  • Contains risk assessment (Low | Medium | High)
  • Highlights breaking API changes (if applicable)
  • Links to automated tests covering new functionality
  • Includes manual testing instructions (if necessary)
  • Updates relevant GitBook documentation (PR link: ___)

What does this PR do?

Where should the reviewer start?

How should this be manually tested?

snyk-bot and others added 7 commits October 16, 2024 19:30
@snyk-bot
fix: package.json & package-lock.json to reduce vulnerabilities
d42e6bf 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-COOKIE-8163060
- https://snyk.io/vuln/SNYK-JS-MARKED-2342073
- https://snyk.io/vuln/SNYK-JS-MARKED-2342082
- https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728
@devsecopskallie
Merge pull request #1 from devsecopskallie/snyk-fix-390f9ddce0d880647…
6df258a 
…a6867e6c47ec0ec

[Snyk] Fix for 4 vulnerabilities
@snyk-bot
fix: ts-binary-wrapper/package.json & ts-binary-wrapper/package-lock.…
c814b79 
…json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-COOKIE-8163060
@devsecopskallie
Merge pull request #2 from devsecopskallie/snyk-fix-53aff01adb0a55ff3…
1d16f49 
…df689d6f4f4cc91

[Snyk] Security upgrade @sentry/node from 7.36.0 to 7.75.0
@dependabot
chore(deps): bump lodash in /test/acceptance/workspaces/yarn-v2
018762f 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.0 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.0...4.17.21)

---
updated-dependencies:
- dependency-name: lodash
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@devsecopskallie
Merge pull request #4 from devsecopskallie/dependabot/npm_and_yarn/te…
f9c0061 
…st/acceptance/workspaces/yarn-v2/lodash-4.17.21

chore(deps): bump lodash from 4.17.0 to 4.17.21 in /test/acceptance/workspaces/yarn-v2
@snyk-bot
fix: package.json & package-lock.json to reduce vulnerabilities
4bef3c2 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
- https://snyk.io/vuln/SNYK-JS-SHESCAPE-5734237
- https://snyk.io/vuln/SNYK-JS-SHESCAPE-5849592
@devsecopskallie devsecopskallie requested a review from a team as a code owner October 30, 2024 18:56
@CLAassistant
Copy link

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 3 committers have signed the CLA.

✅ devsecopskallie
❌ snyk-bot
❌ dependabot[bot]
You have signed the CLA already but the status is still pending? Let us recheck it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@devsecopskallie @CLAassistant @snyk-bot