Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[Snyk] Fix for 1 vulnerabilities #109

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Fix for 1 vulnerabilities #109

wants to merge 1 commit into from

Conversation

saurabharch
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
critical severity 858/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 9.3		 Authentication Bypass
SNYK-JS-HAWK-6969142		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: gulp-sass The new version differs by 65 commits.
  • ee03918 Merge pull request #254 from dlmanning/2.x
  • 598d16f Merge pull request #248 from Snugug/feature/contributing
  • dec985f Merge pull request #253 from Snugug/feature/3.0-bump
  • c033adf ⬆️ Update Node Sass to 3.0
  • 083e6bc 🔥 Remove reference to branch
  • e072993 🔥 Remove Branching Model section
  • ee07858 🎨 Update formatting of CHANGELOG entry
  • 299c18f 📝 Add Contributing guidelines
  • 33aa1f7 Merge pull request #238 from sarenji/2.x
  • 2b21a49 Update to node-sass beta 7
  • c1d629c Allow you to change the compiler and expose it
  • cc2f815 bump node-sass to 3.0.0-beta.4
  • 9b69aaa Merge pull request #228 from Snugug/2.x-datastream
  • b7ade97 Indented Syntax support
  • ad6e6e4 Tests for file rename and file contents change
  • 0fefd16 Updated vars and includePaths based on comments
  • 700ca8d Merge pull request #222 from Keats/filename
  • 5b8d4eb Nope, shouldn't be , should be file name
  • 4c4c3c1 A little bit of source map massaging
  • bea198e Updated Tests
  • 3cdf1a3 Passing file as data
  • 5c7777f Rebase on top of 2.x
  • de6af93 Add a sass file to the inheritance test
  • 25ee16f Replace indent.sass to match an existing issue

See the full diff

Package name: nodegit The new version differs by 250 commits.
  • 6f700f0 Update README to show 0.6.0 as stable
  • 4cac52e Bump to 0.6.0
  • a586bd5 Merge pull request #815 from nodegit/pr/812
  • 4ca29ca Negate `fromRegistry` check
  • 92adf34 Configure `node-gyp` for compiling with nwjs/electron
  • 3fe3b98 Fix npm registry detection
  • adb5bea Get the right path for tools.
  • 0e78673 Better logs.
  • 0949d1f Don't care about the native nodeish version anymore.
  • 4c97b46 Merge pull request #807 from smith-kyle/hotfix-blame-options
  • 1cca68a Merge pull request [Snyk] Upgrade nodegit from 0.4.1 to 0.26.4 #1 from nodegit/hotfix-blame-options
  • 2c5d381 Make `git_blame_file` options optional
  • d0b122f Merge pull request #806 from srajko/rebase-next-callback
  • efe2239 Merge pull request #803 from smith-kyle/annotated-commit-tests
  • 6ca5946 Merge pull request #809 from JJ/master
  • d08a8e2 Adds a missing test
  • 0503cac Add beforeNextFn callback for rebase
  • e8fff33 Point Travis badge to master branch not last build
  • a5d4526 Added blame tests
  • 15e36bc Updated Blame.file to allow null options
  • 2c9478a Merge pull request #790 from nodegit/update-modules
  • 8cbc46f update/tighten modules
  • b7cf874 First pass at AnnotatedCommit tests
  • 8c1f704 fix oversight in #802

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Authentication Bypass

@snyk-bot
fix: package.json to reduce vulnerabilities
b612728 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HAWK-6969142
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@saurabharch @snyk-bot