Skip to content

[Snyk] Security upgrade phantomjs-prebuilt from 2.1.7 to 2.1.15#2

Open
snyk-bot wants to merge 1 commit intomasterfrom
snyk-fix-e46fd500f57cafcb6fc61e1c7334768a
Open

[Snyk] Security upgrade phantomjs-prebuilt from 2.1.7 to 2.1.15#2
snyk-bot wants to merge 1 commit intomasterfrom
snyk-fix-e46fd500f57cafcb6fc61e1c7334768a

Conversation

@snyk-bot
Copy link
Copy Markdown

@snyk-bot snyk-bot commented Mar 23, 2022

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
low severity 471/1000
Why? Recently disclosed, Has a fix available, CVSS 3.7		 Prototype Pollution
SNYK-JS-MINIMIST-2429795		 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: phantomjs-prebuilt The new version differs by 54 commits.
  • a98231b Merge pull request #733 from avindra/patch-1
  • 19c6d4c Bump package.json version
  • 65b57f7 Merge pull request #732 from Ilshidur/patch-1
  • cc52482 Dependencies update : fix security issues
  • 750d5f3 Merge pull request #653 from Medium/nicks/bump
  • 379d3ae Upgrade some deps
  • df5e2ea Merge pull request #652 from nanaya/master
  • 1d2898e Don't download osx binary on freebsd/openbsd
  • e0d2e61 Merge pull request #627 from Medium/nicks/bump
  • d652351 Update version
  • ac0da0b Merge pull request #625 from marcbachmann/patch-1
  • 1cf3ef3 Upgrade to es6-promise@4.0.3
  • 3d44598 Merge pull request #624 from jdalton/readme
  • d8ebc23 Add readme note for CI caching. [ci skip]
  • ae83e7a tweak readme text
  • b612260 Add a section to the FAQ on unsupported OSes/processors
  • 2dead42 Merge pull request #603 from Medium/nicks/bundling
  • 076b959 remove bundledDependencies.
  • b9555f1 Merge pull request #601 from carsonip/master
  • fca4006 Add bzip2 to troubleshooting
  • fdb40fe bump version
  • df332c6 Merge pull request #593 from Medium/nicks/error
  • 3a2c9e6 bump version
  • 644fd3c Merge pull request #592 from Medium/nicks/error

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

@snyk-bot
fix: package.json to reduce vulnerabilities
49c6c65 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@snyk-bot