Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade rxdb from 9.19.0 to 15.0.0 #9

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Security upgrade rxdb from 9.19.0 to 15.0.0 #9

wants to merge 1 commit into from

Conversation

tfSheol
Copy link
Owner

@tfSheol tfSheol commented Dec 20, 2023

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 644/1000
Why? Has a fix available, CVSS 8.6		 Use of Weak Hash
SNYK-JS-CRYPTOJS-6028119		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: rxdb The new version differs by 250 commits.
  • ff5a4e8 15.0.0
  • 73d0b60 Update before-next-major.md
  • 8038bcb UPDATE text
  • 57621e9 FIX link
  • d24acaf fix(deps): update dependency graphql-ws to v5.14.3
  • 657cbf1 15.0.0-beta.47
  • 39751c6 Update custom-storage.ts
  • d5b01dc Update package.json
  • 9287269 15.0.0-beta.46
  • 7a107c7 ADD fuzzing (#5405)
  • 226cfbb fix(deps): update dependency event-reduce-js to v5.2.7
  • 34e5769 chore(deps): update typescript-eslint monorepo to v6.15.0 (#5407)
  • 8f12095 chore(deps): update vue monorepo to v3.3.13
  • bcac869 fix(deps): update dependency event-reduce-js to v5.2.6 (#5408)
  • 4a9607f chore(deps): update dependency html-webpack-plugin to v5.6.0 (#5410)
  • 44de1c4 15.0.0-beta.45
  • be76926 chore(deps): update dependency testcafe-hammerhead to v31.7.0 (#5404)
  • 00f90a8 Feature/no more statics (#5406)
  • 54ec146 fix(deps): update dependency prism-react-renderer to v2.3.1
  • 2f93556 chore(deps): update actions/setup-node action to v4.0.1 (#5401)
  • d6ebc4e fix(deps): update dependency react-native to v0.73.1 (#5402)
  • dc8a30d fix(deps): update dependency event-reduce-js to v5.2.4 (#5400)
  • 4a89e69 chore(deps): update dependency @ types/node to v20.10.5
  • 86e637b UPDATE docs

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Use of Weak Hash

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tfSheol @snyk-bot