Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade webpack from 4.42.1 to 4.43.0 #60

Merged
merged 1 commit into from
May 25, 2020

Conversation

snyk-bot
Copy link
Contributor

Snyk has created this PR to upgrade webpack from 4.42.1 to 4.43.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released a month ago, on 2020-04-21.

The recommended version fixes:

Severity Issue Exploit Maturity
Prototype Pollution
SNYK-JS-YARGSPARSER-560381
Proof of Concept
Release notes
Package name: webpack
  • 4.43.0 - 2020-04-21

    Features

    • add module.hot.invalidate() to HMR API

    Dependencies

    • push versions for forced security updates
  • 4.42.1 - 2020-03-24

    Bugfixes

    • update webassemblyjs dependencies for instruction update
    • update mkdirp dependency for security reasons
from webpack GitHub release notes
Commit messages
Package name: webpack
  • c9d4ff7 4.43.0
  • 9a2febd Merge pull request #10715 from webpack/hmr/invalidate-4
  • a53bb8f add invalidate method to HMR
  • 4c644bf Merge pull request #10518 from TechieForFun/webpack-4
  • 9efaba2 Merge pull request #10571 from mjziolko/watchpack-vuln
  • a704715 Merge pull request #10622 from webpack/ci/fix-azure
  • 7f843e8 fix vm images in azure
  • 9c23e18 Update watchpack to the most recent minor version to remove mimimist vulnerability.
  • 499b537 revert unneccessary changes
  • c9bb7a9 Update snapshots of tests
  • 4023e8c Update package.json, yarn.lock
  • 2ca966c Update package.json
  • a7cfbfe Update package.json
  • f97fedc Update package.json for tests
  • 3320b9d Update on yarn.lock
  • 0fe7c5a Update yarn.lock
  • 6526134 Update package.json

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@DavidKindler DavidKindler merged commit 81d8ed1 into master May 25, 2020
@DavidKindler DavidKindler deleted the snyk-upgrade-6f9e4060f330ce77fb6faa44f180bf65 branch May 25, 2020 13:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants