examples
examples copied to clipboard
muxinc
[Snyk] Security upgrade contentful-cli from 0.26.1 to 1.2.38
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- contentful-uploader/package.json
- contentful-uploader/package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
718/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.5 |
Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909 |
Yes | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: contentful-cli
The new version differs by 108 commits.- 0aeda56 build(deps): bump tar from 4.4.4 to 6.0.1
- 1cf31ba build(deps): bump prettier from 1.18.2 to 2.0.2 (#280)
- 8e5cd31 build(deps): bump ast-types from 0.11.5 to 0.13.3
- fa11408 build(deps): bump cli-table3 from 0.5.1 to 0.6.0
- 11e187e fix(mkdirp): change usage based on latest version (#305)
- 489d340 build(deps): bump https-proxy-agent from 3.0.1 to 5.0.0
- 4ae22a0 build(deps): bump find-up from 3.0.0 to 4.1.0
- 5b167de build(deps): bump mkdirp from 0.5.1 to 1.0.3
- fa7ef2d build(deps): bump wrap-ansi from 3.0.1 to 6.2.0
- e279735 build(deps): bump camelcase from 5.0.0 to 5.3.1 (#230)
- e6ae6fc build(deps): bump contentful-import from 7.7.0 to 7.7.1
- b5941f5 build(deps-dev): bump lint-staged from 9.4.2 to 10.1.1
- 9833342 build(deps-dev): bump talkback from 1.6.0 to 2.1.1
- 3eb8106 build(deps): bump marked from 0.8.0 to 0.8.2
- ef83679 build(deps-dev): bump eslint-config-prettier from 6.5.0 to 6.10.1
- 9d73e42 build(deps-dev): bump jest from 24.9.0 to 25.2.4
- e405430 build(deps-dev): bump husky from 0.14.3 to 4.2.3
- a507b01 build(deps-dev): bump eslint-plugin-prettier from 3.1.1 to 3.1.2
- 963993a build(deps): bump figlet from 1.2.0 to 1.3.0
- bc78389 build(deps-dev): bump nyc from 14.1.1 to 15.0.0
- 30054aa build(deps-dev): bump rimraf from 2.6.2 to 3.0.2
- 46ec38b build(deps): bump bluebird from 3.5.1 to 3.7.2
- 2e21498 build(deps-dev): bump eslint-plugin-jest from 22.21.0 to 23.8.2
- c807d63 build(deps): bump npm-audit-resolver from 2.1.0 to 2.2.0
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Uncontrolled Resource Consumption ('Resource Exhaustion')
