[Snyk] Upgrade ts-loader from 4.5.0 to 9.5.1 #23

snyk-io · 2024-07-16T14:08:18Z

This PR was automatically created by Snyk using the credentials of a real user.

![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade ts-loader from 4.5.0 to 9.5.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

The recommended version is 78 versions ahead of your current version.
The recommended version was released on 8 months ago.

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Cryptographic Issues SNYK-JS-ELLIPTIC-571484	75	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	75	Proof of Concept
Arbitrary File Overwrite SNYK-JS-TAR-1536528	75	No Known Exploit
Arbitrary File Overwrite SNYK-JS-TAR-1536531	75	No Known Exploit
Prototype Pollution SNYK-JS-Y18N-1021887	75	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	75	No Known Exploit
Arbitrary File Write SNYK-JS-TAR-1579147	75	No Known Exploit
Arbitrary File Write SNYK-JS-TAR-1579152	75	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	75	Proof of Concept
Prototype Pollution SNYK-JS-AJV-584908	75	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	75	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-536840	75	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	75	Proof of Concept
Arbitrary Code Injection SNYK-JS-SERIALIZEJAVASCRIPT-570062	75	Proof of Concept
Arbitrary File Write SNYK-JS-TAR-1579155	75	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	75	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6056521	75	No Known Exploit
Improper Verification of Cryptographic Signature SNYK-JS-BROWSERIFYSIGN-6037026	75	No Known Exploit
Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	75	Proof of Concept
Prototype Pollution SNYK-JS-INI-1048974	75	Proof of Concept
Prototype Pollution SNYK-JS-LOADERUTILS-3043105	75	No Known Exploit
Timing Attack SNYK-JS-ELLIPTIC-511941	75	No Known Exploit
Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	75	Proof of Concept
Prototype Pollution SNYK-JS-YARGSPARSER-560381	75	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-TERSER-2806366	75	No Known Exploit
Prototype Pollution SNYK-JS-MINIMIST-559764	75	Proof of Concept
Prototype Pollution SNYK-JS-MINIMIST-559764	75	Proof of Concept
Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	75	No Known Exploit
Prototype Pollution SNYK-JS-JSON5-3182856	75	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	75	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	75	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	75	No Known Exploit
Prototype Pollution SNYK-JS-MINIMIST-2429795	75	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	75	No Known Exploit
Prototype Pollution SNYK-JS-MINIMIST-2429795	75	Proof of Concept
Regular Expression Denial of Service (ReDoS) npm:debug:20170905	75	Proof of Concept
Validation Bypass SNYK-JS-KINDOF-537849	75	Proof of Concept

Release notes

Package name: ts-loader

9.5.1 - 2023-11-15
- fix: inputSourceMap can be null [#1638] - thanks @ johnnyreilly and @ michaeltford
9.5.0 - 2023-10-07
- Feature: map the input source map in case ts-loader is used in a loader pipeline - thanks @ Ka0o0 and @ bojanv55
9.4.4 - 2023-06-28
- Bug fix: let users override skipLibCheck - thanks @ haakonflatval-cognite
9.4.3 - 2023-05-23
- Bug fix: add config file as build dependency - thanks @ alexander-akait
9.4.2 - 2022-12-01
- Bug fix: Use custom transformer when building solution references [#1025] - thanks @ feosuna1
9.4.1 - 2022-09-20
- Hotfix: Disable enhanced-resolve - thanks @ manuth
9.4.0 - 2022-09-19
- Add Support for Resolving .cjs, .mjs, .cts and .mts Files [#1503] - thanks @ manuth
9.3.1 - 2022-06-22
- Bug fix: Generate declaration files for js files if allowJs is set to true [#1260] - thanks @ hediet and @ mvilliger
9.3.0 - 2022-04-30
- simplify configuration for fork-ts-checker-webpack-plugin - thanks @ piotr-oles
9.2.9 - 2022-04-26
- make v9 latest following v8 release - thanks @ johnnyreilly
9.2.8 - 2022-03-11
9.2.7 - 2022-03-01
9.2.6 - 2021-09-20
9.2.5 - 2021-08-03
9.2.4 - 2021-07-24
9.2.3 - 2021-06-06
9.2.2 - 2021-05-22
9.2.1 - 2021-05-19
9.2.0 - 2021-05-18
9.1.2 - 2021-05-05
9.1.1 - 2021-04-24
9.1.0 - 2021-04-22
9.0.2 - 2021-04-20
9.0.1 - 2021-04-20
9.0.0 - 2021-04-18
8.4.0 - 2022-04-26
8.3.0 - 2021-05-19
8.2.0 - 2021-04-23
8.1.0 - 2021-03-28
8.0.18 - 2021-03-11
8.0.17 - 2021-02-10
8.0.16 - 2021-02-08
8.0.15 - 2021-02-04
8.0.14 - 2021-01-05
8.0.13 - 2020-12-31
8.0.12 - 2020-12-11
8.0.11 - 2020-11-09
8.0.10 - 2020-11-07
8.0.9 - 2020-11-04
8.0.8 - 2020-11-04
8.0.7 - 2020-10-24
8.0.6 - 2020-10-20
8.0.5 - 2020-10-13
8.0.4 - 2020-09-19
8.0.3 - 2020-08-24
8.0.2 - 2020-08-01
8.0.1 - 2020-07-15
8.0.0 - 2020-07-08
7.0.5 - 2020-05-24
7.0.4 - 2020-05-11
7.0.3 - 2020-05-07
7.0.2 - 2020-04-30
7.0.1 - 2020-04-20
7.0.0 - 2020-04-15
6.2.2 - 2020-03-22
6.2.1 - 2019-10-23
6.2.0 - 2019-09-29
6.1.2 - 2019-09-21
6.1.1 - 2019-09-20
6.1.0 - 2019-09-10
6.0.4 - 2019-06-21
6.0.3 - 2019-06-17
6.0.2 - 2019-05-31
6.0.1 - 2019-05-19
6.0.0 - 2019-05-06
5.4.5 - 2019-05-01
5.4.4 - 2019-04-26
5.4.3 - 2019-04-22
5.3.3 - 2019-01-05
5.3.2 - 2018-12-21
5.3.1 - 2018-11-27
5.3.0 - 2018-10-31
5.2.2 - 2018-10-14
5.2.1 - 2018-09-25
5.2.0 - 2018-09-23
5.1.1 - 2018-09-15
5.1.0 - 2018-09-09
5.0.0 - 2018-09-03
4.5.0 - 2018-08-17

from ts-loader GitHub release notes

Important

Warning: This PR contains a major version upgrade, and may be a breaking change.
Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.
Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade ts-loader from 4.5.0 to 9.5.1. See this package in npm: ts-loader See this project in Snyk: https://app.snyk.io/org/cachiman/project/d3fbea66-89da-46ac-ae14-dcfc05abf492?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

google-cla · 2024-07-16T14:08:23Z

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade ts-loader from 4.5.0 to 9.5.1 #23

[Snyk] Upgrade ts-loader from 4.5.0 to 9.5.1 #23

snyk-io bot commented Jul 16, 2024

google-cla bot commented Jul 16, 2024

[Snyk] Upgrade ts-loader from 4.5.0 to 9.5.1 #23

Are you sure you want to change the base?

[Snyk] Upgrade ts-loader from 4.5.0 to 9.5.1 #23

Conversation

snyk-io bot commented Jul 16, 2024

Snyk has created this PR to upgrade ts-loader from 4.5.0 to 9.5.1.

Issues fixed by the recommended upgrade:

google-cla bot commented Jul 16, 2024