Skip to content
This repository was archived by the owner on Mar 13, 2025. It is now read-only.

[Snyk] Upgrade topcoder-react-utils from 0.7.8 to 0.9.2 #38

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade topcoder-react-utils from 0.7.8 to 0.9.2 #38

wants to merge 1 commit into from
+1,092 −625

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade topcoder-react-utils from 0.7.8 to 0.9.2.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 6 versions ahead of your current version.
  • The recommended version was released 3 years ago, on 2019-03-07.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Improper Input Validation
SNYK-JS-URLPARSE-543307		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-73638		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-608086		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-450202		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Command Injection
SNYK-JS-LODASH-1040724		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-73638		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-608086		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-450202		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Command Injection
SNYK-JS-LODASH-1040724		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Open Redirect
SNYK-JS-URLPARSE-1533425		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Improper Input Validation
SNYK-JS-URLPARSE-1078283		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary Code Injection
SNYK-JS-MORGAN-72579		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-MINIMIST-559764		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-73639		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-590103		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-LODASH-567746		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-73639		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-590103		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-LODASH-567746		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Configuration Override
SNYK-JS-HELMETCSP-469436		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: topcoder-react-utils
  • 0.9.2 - 2019-03-07
  • 0.9.1 - 2018-12-25

    Merge branch '0.9'

  • 0.9.0 - 2018-12-25

    Improvements of build scripts in package.json

  • 0.8.1 - 2018-08-26

    …ons in the template

  • 0.8.0 - 2018-08-06

    High chances that it will break something, thus spawns a separate branch
    for that.

  • 0.7.9 - 2019-03-07
  • 0.7.8 - 2018-09-06

    v0.7.5.1 is not a legit npm version, thus v0.7.8

from topcoder-react-utils GitHub release notes
Commit messages
Package name: topcoder-react-utils
  • c1b4497 version bump
  • b383a29 Inline styles on buttons and links
  • 4b47806 Merge branch '0.9'
  • 7ac60e7 Improvements of build scripts in package.json
  • 43525c2 Adds default button theme, and box-sizing of all elements
  • 742647b Adds `disabled` prop to <Link> and <NavLink>
  • 0e34db4 Updates Node version in the CircleCI script
  • 79ec1b6 A few minor config fixes
  • 114d11d README update
  • c00555b Removes `react-hot-loader/patch` from dev Webpack config
  • ebf453f FIX: The real fix of requireWeak(..) use compatibility with `npm link`?
  • afaf54e Update of dependencies
  • 3c558fd FIX: resolveWeak(..) used in the way compatible with `npm link`
  • 48f1ee0 Update of dependencies
  • 6425de2 Misc fixes
  • 76d8c39 FIX: Some imports / exports had wrong syntax, not supported by Babel 7
  • c7cb64a Update of all dependencies to the latest versions
  • a492e96 Merge branch '0.7.5' into 0.8
  • 4822413 Adds Modal tests
  • 9aa6bd1 ds Modal component
  • d7c3561 Merge branch 'develop'
  • 94949ac Ads Modal component
  • 8d34ee8 Updates Development section of README
  • f3da912 Server rendered: option to inject extra scripts into different locations in the template

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@snyk-bot
fix: upgrade topcoder-react-utils from 0.7.8 to 0.9.2

Unverified

This user has not yet uploaded their public signing key.
GPG key ID: 09541BBFF0C4C795
Learn about vigilant mode
7ec6f19 
Snyk has created this PR to upgrade topcoder-react-utils from 0.7.8 to 0.9.2.

See this package in npm:
https://www.npmjs.com/package/topcoder-react-utils

See this project in Snyk:
https://app.snyk.io/org/jswheeler/project/0c4f9828-689a-49b3-bc8b-87b050dee007?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@snyk-bot