Skip to content

fix(auth): update all non-major dependencies #1375

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Aug 13, 2024

fix(auth): update all non-major dependencies

33115c6
Select commit
Loading
Failed to load commit list.
Merged

fix(auth): update all non-major dependencies #1375

fix(auth): update all non-major dependencies
33115c6
Select commit
Loading
Failed to load commit list.
Mend Bolt for GitHub / Mend Security Check failed Aug 13, 2024 in 2m 55s

Security Report

2 new vulnerabilities were introduced in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2024-39338

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

-> @weareinreach/crowdin-0.100.0.tgz (Root Library)

   -> crowdin-api-client-1.35.0.tgz

     -> ❌ axios-1.7.2.tgz (Vulnerable Library)

High 7.5 axios-1.7.2.tgz None
CVE-2024-4067

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

-> lint-staged-15.2.9.tgz (Root Library)

   -> ❌ micromatch-4.0.7.tgz (Vulnerable Library)

Medium 5.3 micromatch-4.0.7.tgz None

Base branch total remaining vulnerabilities: 0
Base branch commit: 95a29df9736883474e7075f70515156f0759a75a


Total libraries scanned: 880

Scan token: 88260218572d4840aeebc8d3d28a3c52

View more details on Mend Bolt for GitHub