egg-alinode icon indicating copy to clipboard operation
egg-alinode copied to clipboard

[Snyk] Security upgrade mkdirp from 0.5.1 to 1.0.0

Open snyk-bot opened this issue 5 years ago • 1 comments

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
medium severity Prototype Pollution
SNYK-JS-MINIMIST-559764
Yes Proof of Concept
Commit messages
Package name: mkdirp The new version differs by 12 commits.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

snyk-bot avatar Mar 13 '20 00:03 snyk-bot

Codecov Report

:white_check_mark: All modified and coverable lines are covered by tests. :white_check_mark: Project coverage is 95.23%. Comparing base (9b291c4) to head (6dd410d).

Additional details and impacted files
@@           Coverage Diff           @@
##           master      #16   +/-   ##
=======================================
  Coverage   95.23%   95.23%           
=======================================
  Files           3        3           
  Lines          63       63           
=======================================
  Hits           60       60           
  Misses          3        3           

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

:rocket: New features to boost your workflow:
  • :snowflake: Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • :package: JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

codecov[bot] avatar Dec 04 '25 04:12 codecov[bot]