Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade: enzyme-adapter-react-16, react, react-dom, colorthief, jest-canvas-mock, react-easy-emoji, react-headroom, react-lottie, react-scripts, sass #227

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade: enzyme-adapter-react-16, react, react-dom, colorthief, jest-canvas-mock, react-easy-emoji, react-headroom, react-lottie, react-scripts, sass #227

wants to merge 1 commit into from

Conversation

SakshL
Copy link
Owner

@SakshL SakshL commented Sep 10, 2024

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

enzyme-adapter-react-16
from 1.15.6 to 1.15.8 | 2 versions ahead of your current version | 7 months ago
on 2024-02-10
react
from 16.13.1 to 16.14.0 | 1 version ahead of your current version | 4 years ago
on 2020-10-14
react-dom
from 16.13.1 to 16.14.0 | 1 version ahead of your current version | 4 years ago
on 2020-10-14
colorthief
from 2.3.2 to 2.4.0 | 1 version ahead of your current version | 2 years ago
on 2023-02-28
jest-canvas-mock
from 2.3.1 to 2.5.2 | 4 versions ahead of your current version | a year ago
on 2023-06-28
react-easy-emoji
from 1.4.0 to 1.8.1 | 5 versions ahead of your current version | 2 years ago
on 2023-01-09
react-headroom
from 3.0.0 to 3.2.1 | 5 versions ahead of your current version | 2 years ago
on 2022-09-26
react-lottie
from 1.2.3 to 1.2.4 | 1 version ahead of your current version | 8 months ago
on 2024-01-04
react-scripts
from 3.4.3 to 3.4.4 | 1 version ahead of your current version | 4 years ago
on 2020-10-20
sass
from 1.32.8 to 1.77.8 | 131 versions ahead of your current version | 2 months ago
on 2024-07-11

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Prototype Pollution
SNYK-JS-OBJECTPATH-1017036		 686 Proof of Concept
high severity Prototype Pollution
SNYK-JS-OBJECTPATH-1585658		 686 No Known Exploit
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ES5EXT-6095076		 686 Proof of Concept
medium severity Prototype Pollution
SNYK-JS-OBJECTPATH-1569453		 686 Proof of Concept
Release notes
Package name: enzyme-adapter-react-16
  • 1.15.8 - 2024-02-10
    • [refactor] use hasown instead of has
    • [deps] update in-range deps
    • [meta] run build/files steps in prepack, not prepublish
  • 1.15.7 - 2022-11-05
    • [fix] isEmptyRender: properly detect memoized SFCs returning null
    • [fix] avoid a crash with lazy components
    • [fix] fix simulateError() on Memo component (#2525)
    • [babel] add babel-plugin-add-module-exports and fully use ESM syntax
    • [deps] update enzyme-shallow-equal, enzyme-adapter-utils, object.assign, object.values, prop-types
    • [meta] use npmignore to autogenerate
    • [eslint] switch to @ babel/eslint-parser, fix lintingan npmignore file
    • [dev deps] update @ babel/cli, @ babel/core, eslint, eslint-config-airbnb, eslint-config-airbnb-base, eslint-plugin-import, eslint-plugin-jsx-a11y, eslint-plugin-markdown, eslint-plugin-react, eslint-plugin-react-hooks
    • [dev deps] update safe-publish-latest; use prepublishOnly
  • 1.15.6 - 2021-01-20
from enzyme-adapter-react-16 GitHub release notes
Package name: react from react GitHub release notes
Package name: react-dom from react-dom GitHub release notes
Package name: colorthief from colorthief GitHub release notes
Package name: jest-canvas-mock from jest-canvas-mock GitHub release notes
Package name: react-easy-emoji from react-easy-emoji GitHub release notes
Package name: react-headroom
  • 3.2.1 - 2022-09-26
    • fixed peer dependency warnings for react 18 (#207)
  • 3.2.0 - 2021-10-10
    • add pin property (#205)
  • 3.1.1 - 2021-03-30
    • fix Safari glitch when scrolling up quickly (#194)
  • 3.1.0 - 2020-12-03
    • use passive event listeners if browser supports it #186
    • added tag prop which can be used to render different html elements of the wrapper (defaults to "div" ) #191
    • added prettier and re-formatted code #192
  • 3.0.1 - 2020-11-25
    • Fix issue with errors when parent no longer existed when calling componentWillUnmount #184
    • Fix peer dependency warnings for react^17 #187
  • 3.0.0 - 2019-10-12

    3.0.0

from react-headroom GitHub release notes
Package name: react-lottie from react-lottie GitHub release notes
Package name: react-scripts
  • 3.4.4 - 2020-10-20
  • 3.4.3 - 2020-08-12
from react-scripts GitHub release notes
Package name: sass
  • 1.77.8 - 2024-07-11

    To install Sass 1.77.8, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

    Changes

    • No user-visible changes.

    See the full changelog for changes in earlier releases.

  • 1.77.7 - 2024-07-09

    See sass/sass#3885

  • 1.77.6 - 2024-06-17

    …264)

  • 1.77.5 - 2024-06-11

    To install Sass 1.77.5, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

    Changes

    • Fully trim redundant selectors generated by @ extend.

    See the full changelog for changes in earlier releases.

  • 1.77.4 - 2024-05-30

    To install Sass 1.77.4, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

    Changes

    Embedded Sass

    • Support passing Version input for fatalDeprecations as string over embedded protocol.

    • Fix a bug in the JS Embedded Host where Version could be incorrectly accepted as input for silenceDeprecations and futureDeprecations in pure JS.

    See the full changelog for changes in earlier releases.

  • 1.77.3 - 2024-05-29
  • 1.77.2 - 2024-05-16
  • 1.77.1 - 2024-05-10
  • 1.77.0 - 2024-05-07
  • 1.76.0 - 2024-04-30
  • 1.75.0 - 2024-04-11
  • 1.74.1 - 2024-04-04
  • 1.72.0 - 2024-03-13
  • 1.71.1 - 2024-02-21
  • 1.71.0 - 2024-02-16
  • 1.70.0 - 2024-01-18
  • 1.69.7 - 2024-01-02
  • 1.69.6 - 2023-12-28
  • 1.69.5 - 2023-10-26
  • 1.69.4 - 2023-10-17
  • 1.69.3 - 2023-10-12
  • 1.69.2 - 2023-10-10
  • 1.69.1 - 2023-10-09
  • 1.69.0 - 2023-10-05
  • 1.68.0 - 2023-09-21
  • 1.67.0 - 2023-09-14
  • 1.66.1 - 2023-08-18
  • 1.66.0 - 2023-08-17
  • 1.65.1 - 2023-08-09
  • 1.65.0 - 2023-08-09
  • 1.64.2 - 2023-07-31
  • 1.64.1 - 2023-07-22
  • 1.64.0 - 2023-07-20
  • 1.63.6 - 2023-06-21
  • 1.63.5 - 2023-06-21
  • 1.63.4 - 2023-06-14
  • 1.63.3 - 2023-06-09
  • 1.63.2 - 2023-06-08
  • 1.63.1 - 2023-06-08
  • 1.63.0 - 2023-06-07
  • 1.62.1 - 2023-04-25
  • 1.62.0 - 2023-04-11
  • 1.61.0 - 2023-04-06
  • 1.60.0 - 2023-03-23
  • 1.59.3 - 2023-03-14
  • 1.59.2 - 2023-03-11
  • 1.59.1 - 2023-03-10
  • 1.59.0 - 2023-03-10
  • 1.58.3 - 2023-02-18
  • 1.58.2 - 2023-02-17
  • 1.58.1 - 2023-02-14
  • 1.58.0 - 2023-02-01
  • 1.57.1 - 2022-12-19
  • 1.57.0 - 2022-12-17
  • 1.56.2 - 2022-12-08
  • 1.56.1 - 2022-11-09
  • 1.56.0 - 2022-11-04
  • 1.55.0 - 2022-09-21
  • 1.54.9 - 2022-09-07
  • 1.54.8 - 2022-08-31
  • 1.54.7 - 2022-08-31
  • 1.54.6 - 2022-08-29
  • 1.54.5 - 2022-08-19
  • 1.54.4 - 2022-08-10
  • 1.54.3 - 2022-08-04
  • 1.54.2 - 2022-08-03
  • 1.54.1 - 2022-08-02
  • 1.54.0 - 2022-07-22
  • 1.53.0 - 2022-06-22
  • 1.52.3 - 2022-06-08
  • 1.52.2 - 2022-06-03
  • 1.52.1 - 2022-05-20
  • 1.52.0 - 2022-05-20
  • 1.51.0 - 2022-04-26
  • 1.50.1 - 2022-04-19
  • 1.50.0 - 2022-04-07
  • 1.49.11 - 2022-04-01
  • 1.49.10 - 2022-03-30
  • 1.49.9 - 2022-02-24
  • 1.49.8 - 2022-02-17
  • 1.49.7 - 2022-02-01
  • 1.49.6 - 2022-02-01
  • 1.49.5 - 2022-02-01
  • 1.49.4 - 2022-02-01
  • 1.49.3 - 2022-02-01
  • 1.49.2 - 2022-02-01
  • 1.49.1 - 2022-01-31
  • 1.49.0 - 2022-01-18
  • 1.48.0 - 2022-01-13
  • 1.47.0 - 2022-01-07
  • 1.46.0 - 2022-01-06
  • 1.45.2 - 2021-12-31
  • 1.45.1 - 2021-12-21
  • 1.45.0 - 2021-12-10
  • 1.45.0-rc.2 - 2021-12-02
  • 1.45.0-rc.1 - 2021-11-30
  • 1.44.0 - 2021-11-30
  • 1.43.5 - 2021-11-24
  • 1.43.4 - 2021-10-26
  • 1.43.3 - 2021-10-21
  • 1.43.2 - 2021-10-13
  • 1.42.1 - 2021-09-22
  • 1.42.0 - 2021-09-21
  • 1.41.1 - 2021-09-16
  • 1.41.0 - 2021-09-14
  • 1.40.1 - 2021-09-14
  • 1.40.0 - 2021-09-13
  • 1.39.2 - 2021-09-10
  • 1.39.1 - 2021-09-09
  • 1.39.0 - 2021-09-02
  • 1.38.2 - 2021-08-28
  • 1.38.1 - 2021-08-23
  • 1.38.0 - 2021-08-17
  • 1.37.5 - 2021-08-04
  • 1.37.4 - 2021-08-03
  • 1.37.3 - 2021-08-03
  • 1.37.2 - 2021-08-03
  • 1.37.1 - 2021-08-02
  • 1.37.0 - 2021-07-30
  • 1.36.0 - 2021-07-23
  • 1.35.2 - 2021-07-07
  • 1.35.1 - 2021-06-15
  • 1.35.0 - 2021-06-15
  • 1.34.1 - 2021-06-02
  • 1.34.0 - 2021-05-22
  • 1.33.0 - 2021-05-21
  • 1.32.13 - 2021-05-12
  • 1.32.12 - 2021-04-28
  • 1.32.11 - 2021-04-19
  • 1.32.10 - 2021-04-16
  • 1.32.9 - 2021-04-16
  • 1.32.8 - 2021-02-18
from sass GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade multiple dependencies with Snyk
9111aa4 
Snyk has created this PR to upgrade:
  - enzyme-adapter-react-16 from 1.15.6 to 1.15.8.
    See this package in npm: https://www.npmjs.com/package/enzyme-adapter-react-16
  - react from 16.13.1 to 16.14.0.
    See this package in npm: https://www.npmjs.com/package/react
  - react-dom from 16.13.1 to 16.14.0.
    See this package in npm: https://www.npmjs.com/package/react-dom
  - colorthief from 2.3.2 to 2.4.0.
    See this package in npm: https://www.npmjs.com/package/colorthief
  - jest-canvas-mock from 2.3.1 to 2.5.2.
    See this package in npm: https://www.npmjs.com/package/jest-canvas-mock
  - react-easy-emoji from 1.4.0 to 1.8.1.
    See this package in npm: https://www.npmjs.com/package/react-easy-emoji
  - react-headroom from 3.0.0 to 3.2.1.
    See this package in npm: https://www.npmjs.com/package/react-headroom
  - react-lottie from 1.2.3 to 1.2.4.
    See this package in npm: https://www.npmjs.com/package/react-lottie
  - react-scripts from 3.4.3 to 3.4.4.
    See this package in npm: https://www.npmjs.com/package/react-scripts
  - sass from 1.32.8 to 1.77.8.
    See this package in npm: https://www.npmjs.com/package/sass

See this project in Snyk:
https://app.snyk.io/org/notsaksh/project/d171e90d-2e8f-4cf3-a955-bf7f349aa8e3?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@SakshL @snyk-bot