Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): npm audit fix #1023

Merged
merged 1 commit into from
Sep 28, 2024
Merged

build(deps): npm audit fix #1023

merged 1 commit into from
Sep 28, 2024

Conversation

ybiquitous
Copy link
Owner

This pull request fixes the vulnerable packages via npm 10.8.3.

Updated (17)
Package Version Source Detail
@rollup/rollup-android-arm-eabi 4.21.34.22.4 github -
@rollup/rollup-android-arm64 4.21.34.22.4 github -
@rollup/rollup-darwin-arm64 4.21.34.22.4 github -
@rollup/rollup-darwin-x64 4.21.34.22.4 github -
@rollup/rollup-linux-arm-gnueabihf 4.21.34.22.4 github -
@rollup/rollup-linux-arm-musleabihf 4.21.34.22.4 github -
@rollup/rollup-linux-arm64-gnu 4.21.34.22.4 github -
@rollup/rollup-linux-arm64-musl 4.21.34.22.4 github -
@rollup/rollup-linux-powerpc64le-gnu 4.21.34.22.4 github -
@rollup/rollup-linux-riscv64-gnu 4.21.34.22.4 github -
@rollup/rollup-linux-s390x-gnu 4.21.34.22.4 github -
@rollup/rollup-linux-x64-gnu 4.21.34.22.4 github -
@rollup/rollup-linux-x64-musl 4.21.34.22.4 github -
@rollup/rollup-win32-arm64-msvc 4.21.34.22.4 github -
@rollup/rollup-win32-ia32-msvc 4.21.34.22.4 github -
@rollup/rollup-win32-x64-msvc 4.21.34.22.4 github -
rollup 4.21.34.22.4 github [High] DOM Clobbering Gadget found in rollup bundled scripts that leads to XSS (ref)

Created by ybiquitous/npm-audit-fix-action

Summary:
- Updated packages: 17
- Added packages: 0
- Removed packages: 0

Fixed vulnerabilities:
- rollup: "DOM Clobbering Gadget found in rollup bundled scripts that leads to XSS" (GHSA-gcx4-mw62-g8wm)
@ybiquitous ybiquitous added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code security Pull requests that address a security vulnerability labels Sep 24, 2024
@ybiquitous ybiquitous merged commit 6336b61 into main Sep 28, 2024
10 checks passed
@ybiquitous ybiquitous deleted the npm-audit-fix-action/fix branch September 28, 2024 01:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code security Pull requests that address a security vulnerability
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant