Skip to content

[Snyk] Fix for 1 vulnerabilities#21

Open
snyk-bot wants to merge 1 commit into
masterfrom
snyk-fix-510681b6329cd24acb88d75b79fb4af9
Open

[Snyk] Fix for 1 vulnerabilities#21
snyk-bot wants to merge 1 commit into
masterfrom
snyk-fix-510681b6329cd24acb88d75b79fb4af9

Conversation

@snyk-bot

Copy link
Copy Markdown

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
low severity 471/1000
Why? Recently disclosed, Has a fix available, CVSS 3.7
Prototype Pollution
SNYK-JS-MINIMIST-2429795
Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: gulp-ng-annotate The new version differs by 7 commits.

See the full diff

Package name: gulp-sass The new version differs by 65 commits.
  • ee03918 Merge pull request #254 from dlmanning/2.x
  • 598d16f Merge pull request #248 from Snugug/feature/contributing
  • dec985f Merge pull request #253 from Snugug/feature/3.0-bump
  • c033adf ⬆️ Update Node Sass to 3.0
  • 083e6bc 🔥 Remove reference to branch
  • e072993 🔥 Remove Branching Model section
  • ee07858 🎨 Update formatting of CHANGELOG entry
  • 299c18f 📝 Add Contributing guidelines
  • 33aa1f7 Merge pull request #238 from sarenji/2.x
  • 2b21a49 Update to node-sass beta 7
  • c1d629c Allow you to change the compiler and expose it
  • cc2f815 bump node-sass to 3.0.0-beta.4
  • 9b69aaa Merge pull request #228 from Snugug/2.x-datastream
  • b7ade97 Indented Syntax support
  • ad6e6e4 Tests for file rename and file contents change
  • 0fefd16 Updated vars and includePaths based on comments
  • 700ca8d Merge pull request #222 from Keats/filename
  • 5b8d4eb Nope, shouldn't be , should be file name
  • 4c4c3c1 A little bit of source map massaging
  • bea198e Updated Tests
  • 3cdf1a3 Passing file as data
  • 5c7777f Rebase on top of 2.x
  • de6af93 Add a sass file to the inheritance test
  • 25ee16f Replace indent.sass to match an existing issue

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

1 participant