Skip to content

[Snyk] Security upgrade slim-select from 2.8.1 to 2.9.2#13

Open
Hailfire805 wants to merge 1 commit intomasterfrom
snyk-fix-d52164e8213486db87a092a2e31c74ed
Open

[Snyk] Security upgrade slim-select from 2.8.1 to 2.9.2#13
Hailfire805 wants to merge 1 commit intomasterfrom
snyk-fix-d52164e8213486db87a092a2e31c74ed

Conversation

@Hailfire805
Copy link
Owner

@Hailfire805 Hailfire805 commented Oct 20, 2024

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • frontend/package.json
    • frontend/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 648/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.1		 Cross-site Scripting (XSS)
SNYK-JS-SLIMSELECT-8161189		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: slim-select The new version differs by 90 commits.
  • 180429e package - version bump
  • ea51e95 output - updated output
  • b4d1061 package - version bump
  • ce5ad81 readme - minor update
  • 3e9c6f1 vite - updated css preprocessor. was giving
  • 1f7475a examples - minor countries update
  • 853cae4 package - minor updates
  • a9a1e40 examples - added countries example
  • b99e770 content location - could be null so updated to reflect.
  • 7267683 examples - added examples section and added countries as a first one
  • f8534f2 Merge pull request Letter training mode monkeytypegame/monkeytype#572 from Shoplifter/master
  • a1d1846 [FIX] use option.textContent instead of option.innerText
  • 873a8e5 use innerText instead of innerHTML for setting an option's text
  • e7e37e2 readme - minor update
  • d528701 package - version bump
  • 97847bf output - dist/docs update
  • e048f97 render - test update
  • f9639de search - allow deselect if single and setting is on
  • 79fbc57 deselect - extend larger area of click for X
  • 385e5d4 addable - updated to allow for enter to run addable function. added addableText. added error type as return to display in main content section.
  • 0ff10cf package - version updates
  • dd7ff9c test - update getOptions options
  • 1527841 test - added keep order test
  • 64a0a80 naming - updated function name

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Hailfire805 @snyk-bot