[Snyk] Fix for 1 vulnerabilities #304

snyk-bot · 2022-07-31T18:33:00Z

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-NODEFETCH-2964180	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: next

The new version differs by 250 commits.

07431d3 v12.0.9
c938e20 v12.0.9-canary.12
c385d1b REMOVE: duplicate key in docs/testing.md (G-DZV90KQTF9 github/docs#33681)
9b98c5a chore(docs): update security headers specification (Repo sync github/docs#33673)
865a079 v12.0.9-canary.11
b5d4564 Revert "Relay Support in Rust Compiler" (Repo sync github/docs#33699)
5c6c385 Use relative path for example (Repo sync github/docs#33565)
65c63c9 v12.0.9-canary.10
b20eb99 Relay Support in Rust Compiler (Revert "Address 20 En-US Standardizations" github/docs#33240)
99d4d6c Implement web server as the request handler for edge SSR (Missing "endpoints" and "permissions" documentation for REST API endpoints for teams github/docs#33635)
f0e31ee feat(next-swc): Update swc (Repo sync github/docs#33675)
d055fee Updated docs for getServerSideProps and getStaticProps return values (Repo sync github/docs#33577)
8d1c585 v12.0.9-canary.9
72658c9 fix(errors/no-cache): `netlify-plugin-cache-nextjs` has been deprecated (Repo sync github/docs#33629)
7452c0b Add `lazyRoot` optional property to `next/image` component (Delete content/index.md github/docs#33290)
9dd0399 feat(next-swc): Update swc (Repo sync github/docs#33628)
eba64c2 Clarify `headers` config option description (Update working-with-the-docker-registry.md github/docs#33484)
f60a480 v12.0.9-canary.8
c13d9a0 Update other instances of node-fetch (Delete content/get-started/start-your-journey/index.md github/docs#33617)
e8c15e5 Ensure fetch polyfill is loaded in next-server (Delete content/search-github/searching-on-github/index.md github/docs#33616)
9a2d97c [examples] Add new Tailwind CSS Prettier plugin to example (Repo sync github/docs#33614)
562439d Update to latest version of turbo (Break up run-on sentence in deleting-your-personal-account#deleting-y… github/docs#33613)
3329ac6 v12.0.9-canary.7
c71465d Clarify `next/image` usage with `next export` based on feedback. (Repo sync github/docs#33555)

See the full diff

Package name: node-fetch

The new version differs by 24 commits.

2880238 fix: ReDoS referrer (Behance github/docs#1611)
e87b093 fix(Headers): don't forward secure headers on protocol change (Amazoncloud.tv github/docs#1599)
bcfb71c chore: remove triple-slash directives from typings (repo sync github/docs#1285) (sudo-mode.md github/docs#1287)
95165d5 fix spelling (Don't specify registry specific path github/docs#1602)
11b7033 fix: possibly flaky test (add recent localization contributors**1 github/docs#1523)
4f43c9e fix: always warn Request.data ([email protected] github/docs#1550)
1c5ed6b fix: undefined reference to response.body when aborted (repo sync github/docs#1578)
a92b5d5 fix: use space in accept-encoding values (Webpage github/docs#1572)
0f122b8 docs: fix formdata code example (Thanks very much for contributing! Your pull request has been merged 🎉 You should see your changes appear on the site in approximately 24 hours. github/docs#1562)
6ae9c76 docs(readme): response.clone() is not async (Favicon might be invisible github/docs#1560)
043a5fc Fix leaking listeners (repo sync github/docs#1295) (repo sync github/docs#1474)
004b3ac fix: don't uppercase unknown methods (Update configuring-docker-for-use-with-github-packages.md github/docs#1542)
c33e393 Fix Code of Conduct link in Readme. (Sk_live github/docs#1532)
6875205 docs: Fix link markup to Options definition (Instruction list being repeated thrice. github/docs#1525)
6425e20 fix: handle bom in text and json (repo sync github/docs#1482)
a4ea5f9 fix: add missing formdata export to types (Rename contributing/localization-checklist.md to contributing/massto/… github/docs#1518)
61b3b5a fix: cancel request example import (Update about-pull-requests.md github/docs#1513)
5e78af3 Replace changelog with valid url (Fix typo github/docs#1506)
9014db7 types: support `agent: false` (Include work around for wildcards in HTTP Proxy Exclusion list on GHES github/docs#1502)
2e1f3a5 chore: fix typo in credential error message (Suggest to avoid "Master branch" instead of "Default branch" github/docs#1496)
4ce2ce5 docs(readme): fix typo (Update githubs-products.md github/docs#1489)
ba23fd2 docs: remove the changelog (repo sync github/docs#1464)
8fedc1b core: move support and feature to discussion (repo sync github/docs#1471)
0b43b9f docs: update formdata example (repo sync github/docs#1465)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

…ctions.md to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN9-APT-407402 - https://snyk.io/vuln/SNYK-DEBIAN9-E2FSPROGS-468975 - https://snyk.io/vuln/SNYK-DEBIAN9-E2FSPROGS-540843 - https://snyk.io/vuln/SNYK-DEBIAN9-LIBGCRYPT20-1582895 - https://snyk.io/vuln/SNYK-DEBIAN9-TAR-312293

…upport-for-github-actions.md to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN9-APT-407402 - https://snyk.io/vuln/SNYK-DEBIAN9-E2FSPROGS-468975 - https://snyk.io/vuln/SNYK-DEBIAN9-E2FSPROGS-540843 - https://snyk.io/vuln/SNYK-DEBIAN9-LIBGCRYPT20-1582895 - https://snyk.io/vuln/SNYK-DEBIAN9-TAR-312293

…9d077594033c96c

Bumps [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) from 17.0.38 to 18.0.9. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) --- updated-dependencies: - dependency-name: "@types/react" dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

…upport-for-github-actions.md to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN9-APT-407402 - https://snyk.io/vuln/SNYK-DEBIAN9-E2FSPROGS-468975 - https://snyk.io/vuln/SNYK-DEBIAN9-E2FSPROGS-540843 - https://snyk.io/vuln/SNYK-DEBIAN9-LIBGCRYPT20-1582895 - https://snyk.io/vuln/SNYK-DEBIAN9-TAR-312293

Bumps [dotenv](https://github.com/motdotla/dotenv) from 10.0.0 to 16.0.1. - [Release notes](https://github.com/motdotla/dotenv/releases) - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](motdotla/dotenv@v10.0.0...v16.0.1) --- updated-dependencies: - dependency-name: dotenv dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [actions/github-script](https://github.com/actions/github-script) from 2b34a689ec86a68d8ab9478298f91d5401337b7d to 6.1.0. This release includes the previously tagged commit. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@2b34a68...7a5c598) --- updated-dependencies: - dependency-name: actions/github-script dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>

…c087938ecaab6f0

Bumps [helmet](https://github.com/helmetjs/helmet) from 4.6.0 to 5.1.0. - [Release notes](https://github.com/helmetjs/helmet/releases) - [Changelog](https://github.com/helmetjs/helmet/blob/main/CHANGELOG.md) - [Commits](helmetjs/helmet@v4.6.0...v5.1.0) --- updated-dependencies: - dependency-name: helmet dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps node from 16.13.2-alpine to 18.2.0-alpine. --- updated-dependencies: - dependency-name: node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [got](https://github.com/sindresorhus/got) from 11.8.2 to 12.1.0. - [Release notes](https://github.com/sindresorhus/got/releases) - [Commits](sindresorhus/got@v11.8.2...v12.1.0) --- updated-dependencies: - dependency-name: got dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [puppeteer](https://github.com/puppeteer/puppeteer) from 9.1.1 to 14.1.2. - [Release notes](https://github.com/puppeteer/puppeteer/releases) - [Changelog](https://github.com/puppeteer/puppeteer/blob/main/CHANGELOG.md) - [Commits](puppeteer/puppeteer@v9.1.1...v14.1.2) --- updated-dependencies: - dependency-name: puppeteer dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [@primer/react](https://github.com/primer/react) from 34.6.0 to 35.2.2. - [Release notes](https://github.com/primer/react/releases) - [Changelog](https://github.com/primer/react/blob/main/CHANGELOG.md) - [Commits](primer/react@v34.6.0...v35.2.2) --- updated-dependencies: - dependency-name: "@primer/react" dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

…imer/react-35.2.2 Bump @primer/react from 34.6.0 to 35.2.2

…ppeteer-14.1.2 Bump puppeteer from 9.1.1 to 14.1.2

Bumps [@primer/css](https://github.com/primer/css) from 19.4.0 to 20.2.2. - [Release notes](https://github.com/primer/css/releases) - [Changelog](https://github.com/primer/css/blob/main/CHANGELOG.md) - [Commits](primer/css@v19.4.0...v20.2.2) --- updated-dependencies: - dependency-name: "@primer/css" dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [lint-staged](https://github.com/okonet/lint-staged) from 12.3.3 to 13.0.0. - [Release notes](https://github.com/okonet/lint-staged/releases) - [Commits](lint-staged/lint-staged@v12.3.3...v13.0.0) --- updated-dependencies: - dependency-name: lint-staged dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [actions/setup-node](https://github.com/actions/setup-node) from 2.5.1 to 3.3.0. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@1f8c6b9...eeb10cf) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

…actions/setup-node-3.3.0 Bump actions/setup-node from 2.5.1 to 3.3.0

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.9.0 to 3. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@7f9d37f...e551b19) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3.12.1 to 4.0.4. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@f22a7da...923ad83) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

…peter-evans/create-pull-request-4.0.4 Bump peter-evans/create-pull-request from 3.12.1 to 4.0.4

…docker/build-push-action-3 Bump docker/build-push-action from 2.9.0 to 3

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.0.31 to 2.1.12. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@1a927e9...27ea8f8) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [peter-evans/find-comment](https://github.com/peter-evans/find-comment) from 1.3.0 to 2. - [Release notes](https://github.com/peter-evans/find-comment/releases) - [Commits](peter-evans/find-comment@d2dae40...1769778) --- updated-dependencies: - dependency-name: peter-evans/find-comment dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

…github/codeql-action-2.1.12 Bump github/codeql-action from 1.0.31 to 2.1.12

…peter-evans/find-comment-2 Bump peter-evans/find-comment from 1.3.0 to 2

…nt-staged-13.0.0 Bump lint-staged from 12.3.3 to 13.0.0

…lmet-5.1.0 Bump helmet from 4.6.0 to 5.1.0

…actions/github-script-7a5c598405937d486b0331594b5da2b14db670da Bump actions/github-script from 2b34a689ec86a68d8ab9478298f91d5401337b7d to 6.1.0

…ob-8.0.3 Bump glob from 7.2.0 to 8.0.3

…tenv-16.0.1 Bump dotenv from 10.0.0 to 16.0.1

…1984ffa8b78b6d3 [Snyk] Security upgrade debian from 9.5-slim to 9-slim

…0359c8ec4aaa6fc [Snyk] Security upgrade debian from 9.5-slim to 9-slim

…e80f836b3fa9107 [Snyk] Security upgrade debian from 9.5-slim to 9-slim

Bumps [husky](https://github.com/typicode/husky) from 7.0.4 to 8.0.1. - [Release notes](https://github.com/typicode/husky/releases) - [Commits](typicode/husky@v7.0.4...v8.0.1) --- updated-dependencies: - dependency-name: husky dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [@jest/globals](https://github.com/facebook/jest/tree/HEAD/packages/jest-globals) from 27.4.6 to 28.1.1. - [Release notes](https://github.com/facebook/jest/releases) - [Changelog](https://github.com/facebook/jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/jest/commits/v28.1.1/packages/jest-globals) --- updated-dependencies: - dependency-name: "@jest/globals" dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [actions/cache](https://github.com/actions/cache) from 2.1.7 to 3.0.4. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@937d244...c3f1317) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 1.6.0 to 2. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@94ab11c...dc7b971) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

…st/globals-28.1.1 build(deps-dev): bump @jest/globals from 27.4.6 to 28.1.1

…docker/setup-buildx-action-2 build(deps): bump docker/setup-buildx-action from 1.6.0 to 2

…actions/cache-3.0.4 build(deps): bump actions/cache from 2.1.7 to 3.0.4

…pes/react-18.0.9 Bump @types/react from 17.0.38 to 18.0.9

…sky-8.0.1 Bump husky from 7.0.4 to 8.0.1

Bumps [puppeteer](https://github.com/puppeteer/puppeteer) from 14.1.2 to 15.3.0. - [Release notes](https://github.com/puppeteer/puppeteer/releases) - [Changelog](https://github.com/puppeteer/puppeteer/blob/main/CHANGELOG.md) - [Commits](puppeteer/puppeteer@v14.1.2...v15.3.0) --- updated-dependencies: - dependency-name: puppeteer dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

…ppeteer-15.3.0 build(deps): bump puppeteer from 14.1.2 to 15.3.0

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NODEFETCH-2964180

snyk-bot and others added 30 commits April 20, 2022 19:56

Merge pull request #221 from MarcelRaschke/snyk-fix-d3d98a990c19e0702…

09efe22

…9d077594033c96c

Merge pull request #215 from MarcelRaschke/snyk-fix-03cd5bbcb16c37561…

7d38597

…c087938ecaab6f0

Bump node from 16.13.2-alpine to 18.2.0-alpine

fe19549

Bumps node from 16.13.2-alpine to 18.2.0-alpine. --- updated-dependencies: - dependency-name: node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

Merge pull request #275 from MarcelRaschke/dependabot/npm_and_yarn/pr…

f06a523

…imer/react-35.2.2 Bump @primer/react from 34.6.0 to 35.2.2

Merge pull request #274 from MarcelRaschke/dependabot/npm_and_yarn/pu…

0bd8f30

…ppeteer-14.1.2 Bump puppeteer from 9.1.1 to 14.1.2

Merge pull request #277 from MarcelRaschke/dependabot/github_actions/…

2b18ef0

…actions/setup-node-3.3.0 Bump actions/setup-node from 2.5.1 to 3.3.0

Merge pull request #279 from MarcelRaschke/dependabot/github_actions/…

5761740

…peter-evans/create-pull-request-4.0.4 Bump peter-evans/create-pull-request from 3.12.1 to 4.0.4

Merge pull request #278 from MarcelRaschke/dependabot/github_actions/…

9896ac0

…docker/build-push-action-3 Bump docker/build-push-action from 2.9.0 to 3

Merge pull request #280 from MarcelRaschke/dependabot/github_actions/…

8f92983

…github/codeql-action-2.1.12 Bump github/codeql-action from 1.0.31 to 2.1.12

Merge pull request #281 from MarcelRaschke/dependabot/github_actions/…

01333b1

…peter-evans/find-comment-2 Bump peter-evans/find-comment from 1.3.0 to 2

Merge pull request #276 from MarcelRaschke/dependabot/npm_and_yarn/li…

adaefa7

…nt-staged-13.0.0 Bump lint-staged from 12.3.3 to 13.0.0

MarcelRaschke and others added 19 commits June 11, 2022 09:38

Merge pull request #268 from MarcelRaschke/dependabot/npm_and_yarn/he…

319540c

…lmet-5.1.0 Bump helmet from 4.6.0 to 5.1.0

Merge pull request #266 from MarcelRaschke/dependabot/github_actions/…

f40e3a0

…actions/github-script-7a5c598405937d486b0331594b5da2b14db670da Bump actions/github-script from 2b34a689ec86a68d8ab9478298f91d5401337b7d to 6.1.0

Merge pull request #264 from MarcelRaschke/dependabot/npm_and_yarn/gl…

e220eb7

…ob-8.0.3 Bump glob from 7.2.0 to 8.0.3

Merge pull request #262 from MarcelRaschke/dependabot/npm_and_yarn/do…

8fad403

…tenv-16.0.1 Bump dotenv from 10.0.0 to 16.0.1

Merge pull request #260 from MarcelRaschke/snyk-fix-ce84b5837de786e74…

79bf7e1

…1984ffa8b78b6d3 [Snyk] Security upgrade debian from 9.5-slim to 9-slim

Merge pull request #259 from MarcelRaschke/snyk-fix-3f828cf9f9d45dcbb…

9c5435d

…0359c8ec4aaa6fc [Snyk] Security upgrade debian from 9.5-slim to 9-slim

Merge pull request #258 from MarcelRaschke/snyk-fix-d1c3f8bb2db00c9fb…

414bcad

…e80f836b3fa9107 [Snyk] Security upgrade debian from 9.5-slim to 9-slim

Merge pull request #283 from MarcelRaschke/dependabot/npm_and_yarn/je…

b30525f

…st/globals-28.1.1 build(deps-dev): bump @jest/globals from 27.4.6 to 28.1.1

Merge pull request #285 from MarcelRaschke/dependabot/github_actions/…

7531100

…docker/setup-buildx-action-2 build(deps): bump docker/setup-buildx-action from 1.6.0 to 2

Merge pull request #284 from MarcelRaschke/dependabot/github_actions/…

aed178c

…actions/cache-3.0.4 build(deps): bump actions/cache from 2.1.7 to 3.0.4

Merge pull request #244 from MarcelRaschke/dependabot/npm_and_yarn/ty…

8730870

…pes/react-18.0.9 Bump @types/react from 17.0.38 to 18.0.9

Merge pull request #243 from MarcelRaschke/dependabot/npm_and_yarn/hu…

f9e9398

…sky-8.0.1 Bump husky from 7.0.4 to 8.0.1

Merge pull request #292 from MarcelRaschke/dependabot/npm_and_yarn/pu…

5a9214b

…ppeteer-15.3.0 build(deps): bump puppeteer from 14.1.2 to 15.3.0

fix: package.json & package-lock.json to reduce vulnerabilities

62c701b

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-NODEFETCH-2964180

snyk-bot had a problem deploying to preview-env-304 July 31, 2022 18:33 Failure

MarcelRaschke force-pushed the main branch from 5a9214b to 65368ce Compare September 28, 2022 15:35

MarcelRaschke approved these changes Jan 1, 2024

View reviewed changes

MarcelRaschke linked an issue Jan 1, 2024 that may be closed by this pull request

Fix code scanning alert - Incomplete string escaping or encoding #378

Closed

MarcelRaschke added this to the main milestone Jan 1, 2024

MarcelRaschke added ⤵️ pull dependencies Pull requests that update a dependency file labels Jan 1, 2024

MarcelRaschke assigned MarcelRaschke and snyk-bot Jan 1, 2024

MarcelRaschke closed this Aug 4, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Snyk] Fix for 1 vulnerabilities #304

[Snyk] Fix for 1 vulnerabilities #304

Uh oh!

snyk-bot commented Jul 31, 2022

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

[Snyk] Fix for 1 vulnerabilities #304

[Snyk] Fix for 1 vulnerabilities #304

Uh oh!

Conversation

snyk-bot commented Jul 31, 2022

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants