[Snyk] Upgrade mira from 1.3.0 to 1.5.0 #5
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade mira from 1.3.0 to 1.5.0. See this package in npm: https://www.npmjs.com/package/mira See this project in Snyk: https://app.snyk.io/org/katie_roberts/project/fc7a1190-cc80-4232-bbb4-92492d07584c?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade mira from 1.3.0 to 1.5.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-PRISMJS-1585202
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-PRISMJS-1314893
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-PRISMJS-1076581
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-NORMALIZEURL-1296539
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-INI-1048974
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-PRISMJS-2404333
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-PARSEURL-2942134
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-PARSEURL-2936249
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-DOCSIFY-1066017
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-PARSEURL-2935947
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-PARSEURL-2935944
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-NODEFETCH-2342118
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-DOMPURIFY-2863266
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-DOMPURIFY-1035544
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-DOMPURIFY-1016634
Why? Proof of Concept exploit, CVSS 7.5
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: mira
-
1.5.0 - 2021-03-15
-
1.5.0-beta - 2021-02-17
-
1.4.1 - 2020-10-22
-
1.4.0 - 2020-10-12
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
1.3.0 - 2020-09-02
from mira GitHub release notesfdb03cb chore: update CDK to 1.89.0 (#154)
68e3f05 Merge pull request #153 from nearform/dependabot/npm_and_yarn/node-notifier-8.0.1
af9d5fd Merge pull request #152 from nearform/dependabot/npm_and_yarn/dompurify-2.2.6
96c2691 Merge pull request #151 from nearform/dependabot/npm_and_yarn/ini-1.3.8
68dde7d Bump ini from 1.3.5 to 1.3.8
e02ac79 Bump dompurify from 2.0.12 to 2.2.6
861a2d6 Bump node-notifier from 8.0.0 to 8.0.1
345931e Merge pull request #150 from nearform/dependabot/npm_and_yarn/highlight.js-10.4.1
50f5f80 (origin/dependabot/npm_and_yarn/highlight.js-10.4.1) Bump highlight.js from 10.1.2 to 10.4.1
498da64 Updates YML for GH test runner (#147)
d6c7356 fix(errors): add valid process exit value on error #130 (#140)
a5cdc8f Feature/version management (#134)
b304f3a Ensures all folders within are linked (#141)
fdb03cb chore: update CDK to 1.89.0 (#154)
68e3f05 Merge pull request #153 from nearform/dependabot/npm_and_yarn/node-notifier-8.0.1
af9d5fd Merge pull request #152 from nearform/dependabot/npm_and_yarn/dompurify-2.2.6
96c2691 Merge pull request #151 from nearform/dependabot/npm_and_yarn/ini-1.3.8
68dde7d Bump ini from 1.3.5 to 1.3.8
e02ac79 Bump dompurify from 2.0.12 to 2.2.6
861a2d6 Bump node-notifier from 8.0.0 to 8.0.1
345931e Merge pull request #150 from nearform/dependabot/npm_and_yarn/highlight.js-10.4.1
50f5f80 (origin/dependabot/npm_and_yarn/highlight.js-10.4.1) Bump highlight.js from 10.1.2 to 10.4.1
498da64 Updates YML for GH test runner (#147)
d6c7356 fix(errors): add valid process exit value on error #130 (#140)
a5cdc8f Feature/version management (#134)
b304f3a Ensures all folders within are linked (#141)
Fix AWS params uniqueness (#138)
Add environment in permissions creation (#136)
Pipeline improvements (#133)
Patches fix for flaky error test. (#129)
Titus sample docs placed in new docs structure (#127)
Changes to the contribution guide for the additional steps in the release process (#85)
Small patch fixing windows (#94)
Feature/constructor types 89 (#90)
Feature/types fix 90 (#93)
Fixes tests on windows while preserving intent of tests. (#97)
Bump node-fetch from 2.6.0 to 2.6.1 (#98)
Fix/local mira (#96)
Fix: set removal policy of CICD KMS key to destroy (#106)
Fix/calleridentity fallback (#108)
Adds the --s3-only quick deploy feature. (#111)
Docs refactor (#115)
feat(deploy): add --require-approval arg support, return error on fail (#117)
fix domain support (#110)
Update CDK version to 1.67.0 (#120)
Feature/cfn sdk lookups (#112)
Read more
Commit messages
Package name: mira
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs