[Snyk] Upgrade: , rxjs, , core-js, material-icons, socket.io-client, zone.js #789

slatersnyk · 2024-09-08T07:59:42Z

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on

@angular-devkit/build-angular
from 0.1000.8 to 0.1102.19 | 76 versions ahead of your current version | 2 years ago
on 2022-03-31
rxjs
from 6.6.2 to 6.6.7 | 4 versions ahead of your current version | 3 years ago
on 2021-03-28
@nguniversal/express-engine
from 10.0.1 to 10.1.0 | 3 versions ahead of your current version | 4 years ago
on 2020-09-03
core-js
from 3.22.8 to 3.38.0 | 42 versions ahead of your current version | a month ago
on 2024-08-04
material-icons
from 0.3.1 to 0.7.7 | 20 versions ahead of your current version | 3 years ago
on 2021-07-22
socket.io-client
from 2.4.0 to 2.5.0 | 1 version ahead of your current version | 2 years ago
on 2022-06-26
zone.js
from 0.10.3 to 0.14.10 | 24 versions ahead of your current version | a month ago
on 2024-08-05

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577918	776	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ES5EXT-6095076	776	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIHTML-1296849	776	Proof of Concept
Improper Verification of Cryptographic Signature SNYK-JS-BROWSERIFYSIGN-6037026	776	No Known Exploit
Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	776	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-NTHCHECK-1586032	776	Proof of Concept
Prototype Pollution SNYK-JS-OBJECTPATH-1017036	776	Proof of Concept
Prototype Pollution SNYK-JS-OBJECTPATH-1585658	776	No Known Exploit
Open Redirect SNYK-JS-EXPRESS-6474509	776	No Known Exploit
Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	776	Proof of Concept
Prototype Pollution SNYK-JS-JSON5-3182856	776	Proof of Concept
Prototype Pollution SNYK-JS-JSON5-3182856	776	Proof of Concept
Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577916	776	Proof of Concept
Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577917	776	Proof of Concept
Prototype Pollution SNYK-JS-OBJECTPATH-1569453	776	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	776	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	776	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	776	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	776	Proof of Concept

Release notes

Package name: @angular-devkit/build-angular

0.1102.19 - 2022-03-31
0.1102.18 - 2022-01-13
0.1102.17 - 2021-12-16
0.1102.16 - 2021-12-15
0.1102.15 - 2021-10-27
0.1102.14 - 2021-06-03
0.1102.13 - 2021-05-12
0.1102.12 - 2021-05-06
0.1102.11 - 2021-04-28
0.1102.10 - 2021-04-21
0.1102.9 - 2021-04-14
0.1102.8 - 2021-04-07
0.1102.7 - 2021-04-02
0.1102.6 - 2021-03-24
0.1102.5 - 2021-03-17
0.1102.4 - 2021-03-10
0.1102.3 - 2021-03-03
0.1102.2 - 2021-02-24
0.1102.1 - 2021-02-17
0.1102.0 - 2021-02-11
0.1102.0-rc.1 - 2021-02-05
0.1102.0-rc.0 - 2021-02-05
0.1102.0-next.0 - 2021-01-28
0.1101.4 - 2021-02-05
0.1101.3 - 2021-02-05
0.1101.2 - 2021-01-28
0.1101.1 - 2021-01-22
0.1101.0 - 2021-01-20
0.1101.0-rc.0 - 2021-01-14
0.1101.0-next.4 - 2021-01-06
0.1101.0-next.3 - 2020-12-17
0.1101.0-next.2 - 2020-12-09
0.1101.0-next.1 - 2020-12-03
0.1101.0-next.0 - 2020-11-18
0.1100.7 - 2021-01-14
0.1100.6 - 2021-01-06
0.1100.5 - 2020-12-17
0.1100.4 - 2020-12-09
0.1100.3 - 2020-12-02
0.1100.2 - 2020-11-18
0.1100.1 - 2020-11-12
0.1100.0 - 2020-11-11
0.1100.0-rc.3 - 2020-11-10
0.1100.0-rc.2 - 2020-11-05
0.1100.0-rc.1 - 2020-10-28
0.1100.0-rc.0 - 2020-10-22
0.1100.0-next.7 - 2020-10-15
0.1100.0-next.6 - 2020-10-08
0.1100.0-next.5 - 2020-10-08
0.1100.0-next.4 - 2020-10-01
0.1100.0-next.3 - 2020-09-23
0.1100.0-next.2 - 2020-09-17
0.1100.0-next.1 - 2020-09-10
0.1100.0-next.0 - 2020-09-02
0.1002.4 - 2021-12-16
0.1002.3 - 2021-02-25
0.1002.2 - 2021-02-05
0.1002.1 - 2020-12-17
0.1002.0 - 2020-10-22
0.1001.7 - 2020-10-15
0.1001.6 - 2020-10-08
0.1001.5 - 2020-10-08
0.1001.4 - 2020-10-01
0.1001.3 - 2020-09-23
0.1001.2 - 2020-09-17
0.1001.1 - 2020-09-10
0.1001.0 - 2020-09-02
0.1001.0-rc.0 - 2020-08-26
0.1001.0-next.7 - 2020-08-25
0.1001.0-next.6 - 2020-08-21
0.1001.0-next.5 - 2020-08-13
0.1001.0-next.4 - 2020-08-06
0.1001.0-next.3 - 2020-07-31
0.1001.0-next.2 - 2020-07-22
0.1001.0-next.1 - 2020-07-15
0.1001.0-next.0 - 2020-07-09
0.1000.8 - 2020-08-26

from @angular-devkit/build-angular GitHub release notes

Package name: rxjs

6.6.7 - 2021-03-28
6.6.6 - 2021-02-25
6.6.4 - 2021-02-24
6.6.3 - 2020-09-06
6.6.2 - 2020-07-31

from rxjs GitHub release notes

Package name: @nguniversal/express-engine

10.1.0 - 2020-09-03
commit 3f841ef
Author: Keen Yee Liau kyliau@google.com
Date: Wed Sep 2 21:17:50 2020 -0700
```
release: v10.1.0
```
commit f92baae
Author: dependabot[bot] <49699333+dependabot[bot]@ users.noreply.github.com>
Date: Wed Sep 2 17:35:00 2020 +0000
bl from 4.0.2 to 4.0.3.
- Release notes
- Commits
Signed-off-by: dependabot[bot] <support@github.com>">
```
build(deps): bump bl from 4.0.2 to 4.0.3
Bumps bl from 4.0.2 to 4.0.3.

Release notes
Commits

Signed-off-by: dependabot[bot] <support@github.com>
```
commit 09ae8c0
Author: Renovate Bot bot@renovateapp.com
Date: Wed Sep 2 16:51:20 2020 +0000
```
build: update karma to version 5.2.1
```
commit 132de1e
Author: Keen Yee Liau kyliau@google.com
Date: Thu Aug 27 10:42:25 2020 -0700
```
release: v10.1.0-rc.0
```
commit 756d0b1
Author: Alan Agius alan.agius4@gmail.com
Date: Thu Aug 27 10:08:22 2020 +0200
```
build: update Angular packages to 10.1.0-rc.0
```
commit 0eb7253
Author: Alan Agius alan.agius4@gmail.com
Date: Wed Aug 26 10:20:21 2020 +0200
```
build: update @ types/hapi__hapi to version ^20.0.0
```
commit b8a0040
Author: Alan Agius alan.agius4@gmail.com
Date: Wed Aug 26 08:23:46 2020 +0200
```
build: update to TypeScript 4.0
```
commit e47dbc8
Author: Renovate Bot bot@renovateapp.com
Date: Sat Aug 22 05:05:28 2020 +0000
```
build: update ts-node to version 9.0.0
```
commit f3efa35
Author: Renovate Bot bot@renovateapp.com
Date: Sat Aug 15 05:04:27 2020 +0000
```
build: update rollup to version ~2.26.0
```
commit 7bdd58d
Author: Renovate Bot bot@renovateapp.com
Date: Fri Aug 14 05:04:39 2020 +0000
```
build: update rollup to version ~2.25.0
```
commit 1b2ddbb
Author: Renovate Bot bot@renovateapp.com
Date: Thu Aug 13 05:05:04 2020 +0000
```
build: update karma-jasmine to version 4.0.1
```
commit d45d9b1
Author: renovate[bot] <29139614+renovate[bot]@ users.noreply.github.com>
Date: Wed Aug 12 01:29:03 2020 -0400
bot@renovateapp.com>">
```
build: update karma-jasmine to version 4.0.0 (#1798)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
```

10.1.0-rc.0 - 2020-08-27
commit 132de1e

Author: Keen Yee Liau kyliau@google.com

Date: Thu Aug 27 10:42:25 2020 -0700
```
release: v10.1.0-rc.0
```
commit 756d0b1
Author: Alan Agius alan.agius4@gmail.com
Date: Thu Aug 27 10:08:22 2020 +0200
```
build: update Angular packages to 10.1.0-rc.0
```
commit 0eb7253
Author: Alan Agius alan.agius4@gmail.com
Date: Wed Aug 26 10:20:21 2020 +0200
```
build: update @ types/hapi__hapi to version ^20.0.0
```
commit b8a0040
Author: Alan Agius alan.agius4@gmail.com
Date: Wed Aug 26 08:23:46 2020 +0200
```
build: update to TypeScript 4.0
```
commit e47dbc8
Author: Renovate Bot bot@renovateapp.com
Date: Sat Aug 22 05:05:28 2020 +0000
```
build: update ts-node to version 9.0.0
```
commit f3efa35
Author: Renovate Bot bot@renovateapp.com
Date: Sat Aug 15 05:04:27 2020 +0000
```
build: update rollup to version ~2.26.0
```
commit 7bdd58d
Author: Renovate Bot bot@renovateapp.com
Date: Fri Aug 14 05:04:39 2020 +0000
```
build: update rollup to version ~2.25.0
```
commit 1b2ddbb
Author: Renovate Bot bot@renovateapp.com
Date: Thu Aug 13 05:05:04 2020 +0000
```
build: update karma-jasmine to version 4.0.1
```
commit d45d9b1
Author: renovate[bot] <29139614+renovate[bot]@ users.noreply.github.com>
Date: Wed Aug 12 01:29:03 2020 -0400
bot@renovateapp.com>">
```
build: update karma-jasmine to version 4.0.0 (#1798)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
```

10.0.2 - 2020-08-11
commit 4e949a3

Author: Keen Yee Liau kyliau@google.com

Date: Tue Aug 11 14:18:43 2020 -0700
```
release: v10.0.2
```
commit 34ec6be
Author: renovate[bot] <29139614+renovate[bot]@ users.noreply.github.com>
Date: Mon Aug 10 12:16:47 2020 +0200
bot@renovateapp.com>">
```
build: update concurrently to version 5.3.0 (#1791)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
```
commit b5c2eb2
Author: An Sergei ahn.sergei@gmail.com
Date: Sat Aug 8 03:38:10 2020 +1000
http://api.example.com?params=1&params=2&params=3 cache key will be http://api.example.com?params=1
for api http://api.example.com?params=1&params=2 cache key will be the same http://api.example.com?params=1
and therefor API request will not be sent to server.">
```
fix(common): handle arrays in querystrings
caching GET request with query string with array of parameter gets the first value only.

it breaks caching for the same url with different query string for example

for api http://api.example.com?params=1&amp;params=2&amp;params=3 cache key will be http://api.example.com?params=1

for api http://api.example.com?params=1&amp;params=2 cache key will be the same http://api.example.com?params=1

and therefor API request will not be sent to server.
```
commit 7a4032a
Author: Renovate Bot bot@renovateapp.com
Date: Sat Aug 1 12:55:23 2020 +0000
```
build: update terser to version ^5.0.0
```
commit da64943
Author: Renovate Bot bot@renovateapp.com
Date: Sat Aug 1 05:04:50 2020 +0000
```
build: update tslint to version 6.1.3
```
commit adb8965
Author: Alan Agius alan.agius4@gmail.com
Date: Fri Jul 31 20:02:00 2020 +0200

docs: fix bug template
The bug template is not showing

commit 06b5113
Author: Renovate Bot bot@renovateapp.com
Date: Wed Jul 29 05:04:49 2020 +0000
```
build: update karma to version 5.1.1
```
commit c57bd3f
Author: Renovate Bot bot@renovateapp.com
Date: Fri Jul 24 05:04:28 2020 +0000
```
build: update rollup to version ~2.23.0
```
commit e158998
Author: Renovate Bot bot@renovateapp.com
Date: Fri Jul 24 05:04:10 2020 +0000
```
build: update jasmine-core to version 3.6.0
```
commit 5e14b93
Author: Renovate Bot bot@renovateapp.com
Date: Mon Jul 20 07:42:26 2020 +0000
```
build: update to version
```
commit df1881a
Author: Renovate Bot bot@renovateapp.com
Date: Sat Jul 18 12:54:36 2020 +0000
```
build: update rollup to version ~2.22.0
```
commit ef4e27d
Author: Renovate Bot bot@renovateapp.com
Date: Sat Jul 18 05:05:57 2020 +0000
```
build: update puppeteer to version ~5.2.0
```
commit c7a4cdf
Author: Renovate Bot bot@renovateapp.com
Date: Thu Jul 16 21:47:03 2020 +0000
```
build: update to version
```
commit b31a26b
Author: Renovate Bot bot@renovateapp.com
Date: Mon Jul 13 08:55:21 2020 +0000
```
build: update puppeteer to version ~5.1.0
```
commit eadf4d4
Author: Alan Agius alan.agius4@gmail.com
Date: Wed Jul 8 16:34:48 2020 +0200
https://github.com/angular/angular/blob/fd65958b887f6ea8dd5235e6de1d533e4c578602/packages/bazel/src/ng_package/ng_package.bzl#L226-L228

Users using UMD bundles, shouldn't be needing to add the tslib script, also this is important because tslib is a direct depedency of the package and not a peer depedency.

This is also to align with the Angular FW packages.">
```
build: embed tslib in umd bundles (#1760)
When tslib is listed as part of the globals, it will not be embedded in the UMD bundles.

https://github.com/angular/angular/blob/fd65958b887f6ea8dd5235e6de1d533e4c578602/packages/bazel/src/ng_package/ng_package.bzl#L226-L228
Users using UMD bundles, shouldn't be needing to add the tslib script, also this is important because tslib is a direct depedency of the package and not a peer depedency.
This is also to align with the Angular FW packages.
```
commit 9e0a150
Author: Renovate Bot bot@renovateapp.com
Date: Wed Jul 8 05:07:47 2020 +0000
```
build: update rollup to version ~2.21.0
```
commit 2aab22f
Author: Adam Plumer caerus.karu@gmail.com
Date: Sat Jun 27 16:17:36 2020 -0500
```
fixup! docs: update issue template and Gotchas guide
```
commit cc6f717
Author: Adam Plumer caerus.karu@gmail.com
Date: Sat Jun 27 16:16:29 2020 -0500
```
fixup! docs: update issue template and Gotchas guide
```
commit 394f30f
Author: Adam Plumer caerus.karu@gmail.com
Date: Sat Jun 13 22:34:22 2020 -0500

docs: update issue template and Gotchas guide The Gotchas guide hasn't been updated in quite some time. This refresh adds a more structured layout with explicit examples and solutions for the most common issues.
This also updates the issue template to add a note about what constitutes an appropriate issue, and a link to the gotchas guide.

commit 6fc561b
Author: Renovate Bot bot@renovateapp.com
Date: Tue Jul 7 05:06:10 2020 +0000
```
build: update rollup to version ~2.20.0
```
commit 6be1af9
Author: Renovate Bot bot@renovateapp.com
Date: Mon Jul 6 07:42:30 2020 +0000
```
build: update to version
```
commit 7a4e603
Author: Renovate Bot bot@renovateapp.com
Date: Sun Jul 5 05:31:05 2020 +0000
```
build: update rollup to version ~2.19.0
```
commit fd444a1
Author: renovate[bot] <29139614+renovate[bot]@ users.noreply.github.com>
Date: Fri Jul 3 01:27:01 2020 -0500
bot@renovateapp.com>">
```
build: update to version (#1717)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
```
commit dc2b87c
Author: renovate[bot] <29139614+renovate[bot]@ users.noreply.github.com>
Date: Fri Jul 3 01:04:56 2020 -0500
bot@renovateapp.com>">
```
build: update codelyzer to version 6.0.0 (#1752)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
```
commit 61c7e3d
Author: renovate[bot] <29139614+renovate[bot]@ users.noreply.github.com>
Date: Fri Jul 3 00:47:20 2020 -0500
bot@renovateapp.com>">
```
build: update puppeteer to version ~5.0.0 (#1753)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
```

10.0.1 - 2020-06-30
commit 8a32f27

Author: Keen Yee Liau kyliau@google.com

Date: Tue Jun 30 13:57:38 2020 -0700
```
release: v10.0.1
```
commit c262c72
Author: Alan Agius alan.agius4@gmail.com
Date: Fri Jun 26 13:00:45 2020 +0200
```
build: update lock file and @ types/node resolutions
```
commit 2dbe674
Author: Alan Agius alan.agius4@gmail.com
Date: Fri Jun 26 10:52:35 2020 +0200

fix(express-engine): RenderOptions is not assignable to object
Closes #1744

commit 0ebf846
Author: Alan Agius alan.agius4@gmail.com
Date: Fri Jun 26 10:45:56 2020 +0200
```
fix(express-engine): fix return type for app method
```
commit 9024f1c
Author: Alan Agius alan.agius4@gmail.com
Date: Fri Jun 26 10:41:24 2020 +0200
```
test: enable strict mode testing
```
commit ea49db1
Author: Alan Agius alan.agius4@gmail.com
Date: Thu Jun 25 12:14:20 2020 +0200
```
tests: update tests to work with version 10
```

from @nguniversal/express-engine GitHub release notes

Package name: core-js

3.38.0 - 2024-08-04
- Changes v3.37.1...v3.38.0
- RegExp.escape proposal:
  - Built-ins:
    - RegExp.escape
  - Moved to stage 3, June 2024 and July 2024 TC39 meetings
  - Updated the way of escaping, regex-escaping/77
  - Throw an error on non-strings, regex-escaping/58
  - Added /actual/ namespace entries, unconditional forced replacement changed to feature detection
- Promise.try proposal:
  - Built-ins:
    - Promise.try
  - Moved to stage 3, June 2024 TC39 meeting
  - Added /actual/ namespace entries, unconditional forced replacement changed to feature detection
- Uint8Array to / from base64 and hex stage 3 proposal:
  - Built-ins:
    - Uint8Array.fromBase64
    - Uint8Array.fromHex
    - Uint8Array.prototype.setFromBase64
    - Uint8Array.prototype.setFromHex
    - Uint8Array.prototype.toBase64
    - Uint8Array.prototype.toHex
  - Added Uint8Array.prototype.{ setFromBase64, setFromHex } methods
  - Added Uint8Array.fromBase64 and Uint8Array.prototype.setFromBase64 lastChunkHandling option, proposal-arraybuffer-base64/33
  - Added Uint8Array.prototype.toBase64 omitPadding option, proposal-arraybuffer-base64/60
  - Added throwing a TypeError on arrays backed by detached buffers
  - Unconditional forced replacement changed to feature detection
- Fixed RegExp named capture groups polyfill in combination with non-capturing groups, #1352, thanks @ Ulop
- Improved some cases of environment detection
- Uses process.getBuiltinModule for getting built-in NodeJS modules where it's available
- Uses https instead of http in URL constructor feature detection to avoid extra notifications from some overly vigilant security scanners, #1345
- Some minor optimizations
- Updated browserslist in core-js-compat dependencies that fixes an upstream issue with incorrect interpretation of some browserslist queries, #1344, browserslist/829, browserslist/836
- Compat data improvements:
  - Added Safari 18.0 compat data:
  - Math.f16round and DataView.prototype.{ getFloat16, setFloat16 } marked as shipped from FF129
  - Symbol.asyncDispose added and marked as supported from V8 ~ Chromium 127
  - Promise.try added and marked as supported from V8 ~ Chromium 128
  - Added Deno 1.44 and 1.45 compat data mapping
  - self descriptor is broken in Deno 1.45.3 (again)
  - Added Electron 32 and 33 compat data mapping
  - Added Opera Android 83 compat data mapping
  - Added Samsung Internet 27 compat data mapping
  - Added Oculus Quest Browser 34 compat data mapping
3.37.1 - 2024-05-14
- Changes v3.37.0...v3.37.1
- Fixed URL.parse feature detection for some specific cases
- Compat data improvements:
  - Set methods proposal added and marked as supported from FF 127
  - Symbol.dispose added and marked as supported from V8 ~ Chromium 125
  - Math.f16round and DataView.prototype.{ getFloat16, setFloat16 } added and marked as supported from Deno 1.43
  - URL.parse added and marked as supported from Chromium 126
  - URL.parse added and marked as supported from NodeJS 22.0
  - URL.parse added and marked as supported from Deno 1.43
  - Added Rhino 1.7.15 compat data, many features marked as supported
  - Added NodeJS 22.0 compat data mapping
  - Added Deno 1.43 compat data mapping
  - Added Electron 31 compat data mapping
  - Updated Opera Android 82 compat data mapping
  - Added Samsung Internet 26 compat data mapping
  - Added Oculus Quest Browser 33 compat data mapping
3.37.0 - 2024-04-16
- Changes v3.36.1...v3.37.0
- New Set methods proposal:
  - Built-ins:
    - Set.prototype.intersection
    - Set.prototype.union
    - Set.prototype.difference
    - Set.prototype.symmetricDifference
    - Set.prototype.isSubsetOf
    - Set.prototype.isSupersetOf
    - Set.prototype.isDisjointFrom
  - Moved to stable ES, April 2024 TC39 meeting
  - Added es. namespace modules, /es/ and /stable/ namespaces entries
- Explicit Resource Management stage 3 proposal
  - Some minor updates like explicit-resource-management/217
- Added Math.sumPrecise stage 2.7 proposal:
  - Built-ins:
    - Math.sumPrecise
- Promise.try proposal:
  - Built-ins:
    - Promise.try
  - Added optional arguments support, promise-try/16
  - Moved to stage 2.7, April 2024 TC39 meeting
- RegExp.escape stage 2 proposal:
  - Moved to hex-escape semantics, regex-escaping/67
    - It's not the final change of the way of escaping, waiting for regex-escaping/77 soon
- Pattern matching stage 1 proposal:
  - Built-ins:
    - Symbol.customMatcher
  - Once again, the used well-known symbol was renamed
  - Added new entries for that
- Added Extractors stage 1 proposal:
  - Built-ins:
    - Symbol.customMatcher
  - Since the Symbol.customMatcher well-known symbol from the pattern matching p...

Snyk has created this PR to upgrade: - @angular-devkit/build-angular from 0.1000.8 to 0.1102.19. See this package in npm: https://www.npmjs.com/package/@angular-devkit/build-angular - rxjs from 6.6.2 to 6.6.7. See this package in npm: https://www.npmjs.com/package/rxjs - @nguniversal/express-engine from 10.0.1 to 10.1.0. See this package in npm: https://www.npmjs.com/package/@nguniversal/express-engine - core-js from 3.22.8 to 3.38.0. See this package in npm: https://www.npmjs.com/package/core-js - material-icons from 0.3.1 to 0.7.7. See this package in npm: https://www.npmjs.com/package/material-icons - socket.io-client from 2.4.0 to 2.5.0. See this package in npm: https://www.npmjs.com/package/socket.io-client - zone.js from 0.10.3 to 0.14.10. See this package in npm: https://www.npmjs.com/package/zone.js See this project in Snyk: https://app.snyk.io/org/victoria.slater/project/ff20ccbf-1f3e-4a45-9798-6831b54191be?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade: , rxjs, , core-js, material-icons, socket.io-client, zone.js #789

[Snyk] Upgrade: , rxjs, , core-js, material-icons, socket.io-client, zone.js #789

slatersnyk commented Sep 8, 2024

[Snyk] Upgrade: , rxjs, , core-js, material-icons, socket.io-client, zone.js #789

Are you sure you want to change the base?

[Snyk] Upgrade: , rxjs, , core-js, material-icons, socket.io-client, zone.js #789

Conversation

slatersnyk commented Sep 8, 2024

Snyk has created this PR to upgrade multiple dependencies.

Issues fixed by the recommended upgrade: