Restsplain
Restsplain copied to clipboard
humanmade
[Snyk] Fix for 1 vulnerabilities
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- app/package.json
- app/package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-610226 |
No | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: react-router
The new version differs by 54 commits.- ea8eba8 v5.0.0
- ae658c8 Restrict react-router deps. Upgrade rrd history.
- eef79d5 v4.4.0
- 3a1a54e Release from Travis CI
- fa98bc7 v4.4.0-beta.8
- 3a52bec Use history 4.9.0
- 4736cfe Remove use of eval in dev
- 15cd05e Fix typo in comment (#6615)
- 481d2a1 Less-specific prop type
- f4081ae Polyfill Element for Node (#6607)
- 065950c v4.4.0-beta.7
- 5fb7c1b Fixes #6605 where sample code in website is offset. Mobile still good. (#6606)
- 3e86a90 Upgrade to webpack 4; eliminate audit warnings
- 00d5d0a Use static instead of public dir
- 63f8234 Update deploy script
- a35dd73 wording
- 8e28044 new mailing list service
- 37c1160 Update website deploy key
- 9cb66b9 Give the monorepo package a name
- e634f0b change from ariaCurrent to aria-current (#6599)
- f30b789 More docs tweaks
- 71bf1f6 Avoid using non-existent <markdown> element
- b2c6fa0 Throw when using 2 different builds in dev
- 130f7ec Use CommonJS + fewer shared variables in Rollup config
Package name: react-router-dom
The new version differs by 54 commits.- ea8eba8 v5.0.0
- ae658c8 Restrict react-router deps. Upgrade rrd history.
- eef79d5 v4.4.0
- 3a1a54e Release from Travis CI
- fa98bc7 v4.4.0-beta.8
- 3a52bec Use history 4.9.0
- 4736cfe Remove use of eval in dev
- 15cd05e Fix typo in comment (#6615)
- 481d2a1 Less-specific prop type
- f4081ae Polyfill Element for Node (#6607)
- 065950c v4.4.0-beta.7
- 5fb7c1b Fixes #6605 where sample code in website is offset. Mobile still good. (#6606)
- 3e86a90 Upgrade to webpack 4; eliminate audit warnings
- 00d5d0a Use static instead of public dir
- 63f8234 Update deploy script
- a35dd73 wording
- 8e28044 new mailing list service
- 37c1160 Update website deploy key
- 9cb66b9 Give the monorepo package a name
- e634f0b change from ariaCurrent to aria-current (#6599)
- f30b789 More docs tweaks
- 71bf1f6 Avoid using non-existent <markdown> element
- b2c6fa0 Throw when using 2 different builds in dev
- 130f7ec Use CommonJS + fewer shared variables in Rollup config
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
