[Snyk] Fix for 1 vulnerabilities #56

2019-12-12T01:01:35Z

argoyle commented

2019-12-12 01:01:35 +00:00

(Migrated from gitlab.com)

Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project.

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.

Changes included in this Merge Request

Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches.
Find out more.

Vulnerabilities that will be fixed

With a Snyk patch:

Severity	Issue
	Command Injection SNYK-JS-TREEKILL-536781

Check the changes in this Merge Request to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

<h3>Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project.</h3> As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user. #### Changes included in this Merge Request - Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches. [Find out more](https://snyk.io/docs/fixing-vulnerabilities/). #### Vulnerabilities that will be fixed ##### With a [Snyk patch](https://snyk.io/docs/fixing-vulnerabilities/#patches): Severity | Issue :-------------------------:|:------------------------- ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | Command Injection <br/> [SNYK-JS-TREEKILL-536781](https://snyk.io/vuln/SNYK-JS-TREEKILL-536781) Check the changes in this Merge Request to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/argoyle/project/fdbefbeb-8f1c-483c-917e-152c9523c009) 🛠 [Adjust project settings](https://app.snyk.io/org/argoyle/project/fdbefbeb-8f1c-483c-917e-152c9523c009/settings) 📚 [Read more about Snyk's upgrade and patch logic](https://snyk.io/docs/fixing-vulnerabilities/) [//]: # (snyk:metadata:{"dependencies":[],"packageManager":"yarn","projectPublicId":"fdbefbeb-8f1c-483c-917e-152c9523c009","type":"auto","patch":["SNYK-JS-TREEKILL-536781"],"vulns":["SNYK-JS-TREEKILL-536781"],"upgrade":[],"isBreakingChange":false,"env":"prod","prType":"fix"})

argoyle commented

2019-12-12 05:27:33 +00:00

(Migrated from gitlab.com)

added 1 commit

e137664a - chore: update yarn.lock

Compare with previous version

added 1 commit <ul><li>e137664a - chore: update yarn.lock</li></ul> [Compare with previous version](/unboundsoftware/dancefinder/dancefinder-app/merge_requests/7/diffs?diff_id=67164181&start_sha=54bbfe6e8d26c0c81a4b9f3cd3e8dd72e29f708e)

argoyle (Migrated from gitlab.com) scheduled this pull request to auto merge when all checks succeed 2019-12-12 05:27:46 +00:00

argoyle commented

2019-12-12 05:38:46 +00:00

(Migrated from gitlab.com)

mentioned in commit 4ba66cb103

mentioned in commit 4ba66cb103ad4c46688c1a57c9fbd5a04f6d1066

argoyle commented

2019-12-12 05:38:46 +00:00

(Migrated from gitlab.com)

merged

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: dancefinder/dancefinder-app#56