patternfly-css icon indicating copy to clipboard operation
patternfly-css copied to clipboard
verified publisher icon patternfly

[Snyk] Security upgrade browser-sync from 2.18.13 to 2.25.0

Open snyk-bot opened this issue 4 years ago • 0 comments

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 566/1000
Why? Recently disclosed, Has a fix available, CVSS 5.6		 Prototype Pollution
SNYK-JS-OBJECTPATH-1569453		 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: browser-sync The new version differs by 172 commits.
  • 5b5d543 v2.25.0
  • 900e23e chore: package-lock files
  • 92bf7d8 Merge branch '1431-fix-host-bind'
  • 5ba14b2 v2.25.0-alpha.0
  • 7c0ad4e lerna: initial version
  • c108af8 lerna: more path updates
  • 4ac3a49 lerna: updated more stuff since the move to lerna
  • c2db878 Ensure 'build-all' works in all packages
  • d6198f9 lerna: bring in server/client/ui
  • 325c775 lerna: add browser-sync-ui
  • 9cd5c2d adding lerna
  • a0b2e56 adding 'listen' param
  • d641916 feature: adding 'listen' option to restrict binding of interfaces
  • ef12e9a chore: change API of option transforms
  • cf0febd docs: emphasize a coupld of points - fixes #1461
  • 16487ad docs: added additional note about httpModule option - fixes #1485
  • b7f664e Merge pull request #1593 from raux/master
  • 58240c6 Merge pull request #1602 from adamjaffeback/fix/localtunnelAudit#1587
  • 27f2173 deps: npm audit for localtunnel - fixes #1587
  • 8c28e8c 2.24.7
  • 9e96603 fix: scroll - add missing init method for window.name method of scroll restoring - fixes #1586 #1457 #1457
  • 48286e0 fix: proxy Port gets unnecesarily rewritten in Proxy - fixes #1577
  • a6578a3 deps: [email protected] [email protected] [email protected]
  • ef6bfa5 Merge pull request #1582 from strarsis/patch-1

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

snyk-bot avatar Aug 28 '21 06:08 snyk-bot