Skip to content

Conversation

mend-for-github-com[bot]
Copy link
Contributor

This PR contains the following updates:

Package Type Update Change
commitlint (source) devDependencies major ^8.3.5 -> ^9.0.0

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity CVSS Score CVE
High High 7.4 CVE-2020-8203
High High 7.2 CVE-2021-23337
Medium Medium 5.3 CVE-2020-28500
Medium Medium 5.3 CVE-2020-7608

Release Notes

conventional-changelog/commitlint

v9.0.1

Compare Source

Note: Version bump only for package commitlint

v8.3.6

Compare Source

Note: Version bump only for package @​commitlint/root

chore: update lodash to 4.17.21
SECURITY: CVE-2021-23337 in package lodash https://nvd.nist.gov/vuln/detail/CVE-2021-23337


  • If you want to rebase/retry this PR, click this checkbox.

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by WhiteSource label Feb 4, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
security fix Security fix generated by WhiteSource
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants