history [Snyk] Fix for 2 vulnerabilities

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- ui/package.json
- ui/package-lock.json

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	601/1000 Why? Recently disclosed, Has a fix available, CVSS 6.3	Cross-site Scripting (XSS) SNYK-JS-COOKIE-8163060	No	No Known Exploit
	701/1000 Why? Recently disclosed, Has a fix available, CVSS 8.3	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-8172694	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: express

The new version differs by 250 commits.

8e229f9 4.21.1
a024c8a fix(deps): [email protected]
7e562c6 4.21.0
1bcde96 fix(deps): [email protected] (#5946)
7d36477 fix(deps): [email protected] (#5951)
40d2d8f fix(deps): [email protected]
77ada90 Deprecate `"back"` magic string in redirects (#5935)
21df421 4.20.0
4c9ddc1 feat: upgrade to [email protected]
9ebe5d5 feat: upgrade to [email protected] (#5928)
ec4a01b feat: upgrade to [email protected] (#5926)
54271f6 fix: don't render redirect values in anchor href
125bb74 [email protected] (#5902)
2a980ad [email protected] (#5781)
a3e7e05 docs: specify new instructions for `question` and `discuss`
c5addb9 deps: [email protected] (#5603)
e35380a docs: add @ IamLizu to the triage team (#5836)
f5b6e67 docs: update scorecard link (#5814)
2177f67 docs: add OSSF Scorecard badge (#5436)
f4bd86e Replace Appveyor windows testing with GHA (#5599)
2ec589c Fix Contributor Covenant link definition reference in attribution section (#5762)
4cf7eed remove minor version pinning from ci (#5722)
6d08471 📝 update people, add ctcpip to TC (#5683)
61421a8 skip QUERY tests for Node 21 only, still not supported (#5695)

Package name: webpack

The new version differs by 250 commits.

610f368 5.0.0
5ce65c1 update examples
bbe1230 Merge pull request #11628 from webpack/bugfix/real-content-hash
75ecff2 5.0.0-rc.6
bfc35d6 Merge pull request #11603 from MayaWolf/master
76e8cbd Merge pull request #11622 from webpack/dependabot/npm_and_yarn/types/node-13.13.25
9fd1be2 chore(deps-dev): bump @ types/node from 13.13.23 to 13.13.25
36bcfaa Merge pull request #11621 from webpack/bugfix/11619
9130d10 fix called variables with ProvidePlugin
3e42105 Merge pull request #11620 from webpack/bugfix/11617
4709719 skip connections copied to concatenated module
57b493f 5.0.0-rc.5
1658e2f Merge pull request #11618 from webpack/bugfix/11615
a8fb45d fixes crash in SideEffectsFlagPlugin
84b196d emit error instead of crashing when unexpected problem occurs
5573fed Merge pull request #11601 from Hornwitser/improve-suggested-polyfill-config
9b5cce9 Merge pull request #11609 from snitin315/export-types
37c495c export type RuleSetUseItem
39faf34 export type RuleSetUse
e5fd246 export type RuleSetConditionAbsolute
660baad export RuleSetCondition types
13e3ca5 Merge pull request #11602 from webpack/bugfix/shared-runtime-chunk
9c0587e Merge pull request #11606 from webpack/dependabot/npm_and_yarn/simple-git-2.21.0
502d166 Merge pull request #11607 from webpack/dependabot/npm_and_yarn/acorn-8.0.4

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

Learn how to fix vulnerabilities with free interactive lessons:

Oct 13 '24 04:10 danactive

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
history	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Oct 13, 2024 4:43am

Oct 13 '24 04:10 vercel[bot]

Resolved as UI folder is deleted

Jun 08 '25 17:06 danactive