Skip to content
This repository has been archived by the owner on Apr 2, 2021. It is now read-only.

[Snyk] Upgrade url-loader from 0.5.9 to 0.6.2 #8

Closed

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade url-loader from 0.5.9 to 0.6.2.

merge advice

✨What is Merge Advice? We check thousands of dependency upgrade pull requests and CI tests every day to see which upgrades were successfully merged. After crunching this data, we give a recommendation on how safe we think the change is for you to merge without causing issues. Learn more, and share your feedback to help improve this feature. 🙏

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 3 versions ahead of your current version.
  • The recommended version was released 3 years ago, on 2017-10-04.

The recommended version fixes:

Severity Issue Exploit Maturity
Regular Expression Denial of Service (ReDoS)
npm:mime:20170907
No Known Exploit
Release notes
Package name: url-loader from url-loader GitHub release notes
Commit messages
Package name: url-loader
  • 672ba80 chore(release): 0.6.2
  • b31684d fix: allow use `limit` as string (#96)
  • a8f338e chore(release): 0.6.1
  • 2b01ea2 fix(schema): allow `additionalProperties` (#94)
  • 11dce14 docs: Update changelog with nsp advisory
  • 1934507 chore(release): 0.6.0
  • a1e1fef chore: Fix mime version
  • d19ee2d chore: update `mime` package to avoid deprecation mime type with `woff` and `woff2` (#87)
  • 636ebed feat: add `fallback` option (#88)
  • f3f5fce docs(README): remove confusing `prefix` option (`options.prefix`) (#89)
  • 2de70bb docs(README): fix typo in example (#81)
  • ced5990 feat(index): add options validation (`schema-utils`) (#78)

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@CLAassistant
Copy link

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@cwstege cwstege closed this Aug 25, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Development

Successfully merging this pull request may close these issues.

3 participants