Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 1 vulnerabilities #150

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Fix for 1 vulnerabilities #150

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link
Contributor

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
low severity 471/1000
Why? Recently disclosed, Has a fix available, CVSS 3.7		 Prototype Pollution
SNYK-JS-MINIMIST-2429795		 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: gulp The new version differs by 216 commits.
  • 84df40b 3.8.11
  • c46bf1a update liftoff and v8flags to deal with new node versions and iojs
  • 0b7967f Fixed minor JS syntax error in docs
  • 98b1cb6 Update .travis.yml
  • e8c6bf6 Add node.js 0.12 and io.js to travis.yml
  • 54684fe Adding gulp-util to the npm install line
  • e9f8991 Update gulp core team GitHub link
  • af17d96 Update gulp-ruby-sass syntax (1.0.0)
  • 0cc972c add gitter badge and rearrange badge line
  • 3cb110b Removed syntax highlighting from file structure
  • 17d77cb update MIT License to year range
  • 51e5a24 Merge pull request #834 from danielbayerlein/gulp-watch-v3
  • f66bbb4 Merge pull request #836 from yousefcisco/patch-1
  • 7f25230 Update dealing-with-streams.md
  • c9563c7 gulp-watch v3.0.0 API
  • 994f872 Merge pull request #820 from pertrai1/patch-1
  • d530c08 article on optimizing web code
  • e463249 sourcemaps with watchify
  • 6a3b85f clean up watchify recipe
  • 20774cc Merge pull request #596 from stevelacy/patch-1
  • 03df8c9 Merge pull request #818 from CaryLandholt/master
  • 742dce6 pluralized Book(s) section
  • 305500f Add "Developing a gulp Edge" book reference
  • ae98edf Merge pull request #809 from svetlyak40wt/patch-1

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

@snyk-bot
fix: package.json to reduce vulnerabilities
93e9087 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795
@jonathan-fielding jonathan-fielding mentioned this pull request Oct 18, 2022
Open
@snyk-bot snyk-bot mentioned this pull request Mar 12, 2023
Open
@jonathan-fielding jonathan-fielding mentioned this pull request Apr 16, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot