Skip to content

[Snyk] Security upgrade fbl from 1.13.2 to 1.14.0#51

Open
snyk-bot wants to merge 1 commit intomasterfrom
snyk-fix-c9ce18f8e674a03e9c277b4869c2c53e
Open

[Snyk] Security upgrade fbl from 1.13.2 to 1.14.0#51
snyk-bot wants to merge 1 commit intomasterfrom
snyk-fix-c9ce18f8e674a03e9c277b4869c2c53e

Conversation

@snyk-bot
Copy link
Copy Markdown

@snyk-bot snyk-bot commented Sep 8, 2020

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 619/1000
Why? Has a fix available, CVSS 8.1		 Prototype Pollution
SNYK-JS-AJV-584908		 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: fbl The new version differs by 187 commits.
  • e3e0cde chore: merge remote changes
  • 68e4cbf chore: bump version
  • fc8fc1a ci: update version
  • 45a5f8e fix: cli not being invoked correctly
  • c3246cc ci: update version
  • b694eb1 ci: update circleci config
  • 8cb8c49 fix: uuid module imports
  • dc35a20 feat: update dependencies and make related code adjustments
  • 204324e feat: update dependencies and make related code adjustments
  • 48f2bb2 Merge pull request #701 from FireBlinkLTD/snyk-upgrade-7ccb226f5b4067ff7b00006e10280689
  • 39f7a37 fix: upgrade snyk from 1.369.3 to 1.370.1
  • 5fed261 Merge pull request #699 from FireBlinkLTD/snyk-upgrade-479766c9b4c486de7e622f3380f94ed4
  • d1b0e8c fix: upgrade snyk from 1.361.3 to 1.362.0
  • dab8486 Merge pull request #698 from FireBlinkLTD/snyk-fix-454602fb5fb2d6ac1b668694b4ba0ed0
  • 1087d1a fix: package.json & yarn.lock to reduce vulnerabilities
  • df63ab8 Merge pull request #697 from FireBlinkLTD/snyk-upgrade-48b3d85569ea4595c2310eb5f729ef7f
  • ddc4495 fix: upgrade snyk from 1.342.2 to 1.345.1
  • ded0a50 Merge pull request #696 from FireBlinkLTD/snyk-upgrade-fcd0ba2608a640d13afcc8619cda72e6
  • 96e17ba fix: upgrade humanize-duration from 3.23.0 to 3.23.1
  • 28a8860 Merge pull request #695 from FireBlinkLTD/snyk-upgrade-1d60480c0f0e2b30b37c33f26b4da3b3
  • 1940db2 fix: upgrade snyk from 1.327.0 to 1.329.0
  • 75ab37d Merge pull request #694 from FireBlinkLTD/snyk-upgrade-14fad883779d8a03d3e655716e2fd869
  • ec2ca3d fix: upgrade js-yaml from 3.13.1 to 3.14.0
  • b23a31c Merge pull request #693 from FireBlinkLTD/snyk-upgrade-7089f53b42a14d38e44c043612a94f3d

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

@snyk-bot
fix: package.json to reduce vulnerabilities
5d00a2d 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AJV-584908
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@snyk-bot