Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade multiple dependencies.
👯♂ The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
from 16.8.6 to 16.14.0
on 2020-10-14
from 16.8.6 to 16.14.0
on 2020-10-14
The recommended version fixes:
SNYK-JS-LODASH-567746
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-LODASH-608086
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-MERGEDEEP-1070277
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-LODASH-1040724
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-LODASH-450202
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-MIXINDEEP-450212
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-ACORN-559469
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-ACORN-559469
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-BROWSERIFYSIGN-6037026
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-ELLIPTIC-571484
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-TRIM-1017038
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-UAPARSERJS-1023599
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-HANDLEBARS-1056767
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-HANDLEBARS-173692
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-HANDLEBARS-174183
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-HANDLEBARS-469063
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-HANDLEBARS-480388
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-HANDLEBARS-534478
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-ESLINTUTILS-460220
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-FOLLOWREDIRECTS-6141137
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-DECODEURICOMPONENT-3149970
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-DNSPACKET-1293563
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-INI-1048974
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-ASYNC-2441827
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-LODASH-1018905
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-MINIMIST-559764
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-MINIMIST-559764
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-MINIMIST-559764
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-UAPARSERJS-1072471
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-HANDLEBARS-1279029
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-EVENTSOURCE-2823375
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-FOLLOWREDIRECTS-2332181
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-HANDLEBARS-567742
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-HOSTEDGITINFO-1088355
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-COLORSTRING-1082939
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-HTTPPROXY-569139
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-ISSVG-1085627
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-ISSVG-1243891
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-DOTPROP-543489
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-ELLIPTIC-1064899
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-ELLIPTIC-511941
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-MINIMIST-2429795
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-MINIMIST-2429795
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-MINIMIST-2429795
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-HANDLEBARS-534988
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-FOLLOWREDIRECTS-2396346
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-BABELTRAVERSE-5962462
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-NODEFORGE-598677
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-QS-3153490
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-SEMVER-3247795
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-SEMVER-3247795
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-JSONSCHEMA-1920922
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-TAR-1536531
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-SSRI-1246392
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-TAR-1536528
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-TAR-1536531
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-TAR-1579147
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-TAR-1579152
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-TAR-1579155
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-TAR-1536528
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-TAR-1579147
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-TAR-1579152
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-TAR-1579155
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-TAR-174125
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-TMPL-1583443
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-UAPARSERJS-610226
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-SEMVER-3247795
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-SEMVER-3247795
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-SETVALUE-1540541
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-SETVALUE-450213
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-SETVALUE-1540541
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-SETVALUE-450213
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-URLPARSE-2407770
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-URLPARSE-543307
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-WEBSOCKETEXTENSIONS-570623
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-Y18N-1021887
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-Y18N-1021887
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
npm:chownr:20180731
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
npm:mem:20180117
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-NODENOTIFIER-1035794
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-NWSAPI-2841516
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-PATHPARSE-1077067
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-POSTCSS-1090595
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-URLPARSE-1078283
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-URLPARSE-1533425
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-URLPARSE-2401205
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-URLPARSE-2407759
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-URLPARSE-2412697
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-WS-1296835
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
npm:debug:20170905
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
npm:debug:20170905
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-KINDOF-537849
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-TAR-1536758
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
SNYK-JS-TAR-1536758
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: react
React
React DOM
componentWillReceiveProps
,shouldComponentUpdate
, and so on). (@ gaearon in #18330)Artifacts
React
React.createFactory()
(@ trueadm in #17878)React DOM
style
may cause an unexpected collision (@ sophiebits in #14181, #18002)unstable_createPortal
(@ trueadm in #17880)onMouseEnter
being fired on disabled buttons (@ AlfredoGJ in #17675)shouldComponentUpdate
twice when developing inStrictMode
(@ bvaughn in #17942)version
property to ReactDOM (@ ealush in #15780)toString()
ofdangerouslySetInnerHTML
(@ sebmarkbage in #17773)Concurrent Mode (Experimental)
ReactDOM.createRoot()
(@ trueadm in #17937)ReactDOM.createRoot()
callback params and added warnings on usage (@ bvaughn in #17916)SuspenseList
CPU bound heuristic (@ sebmarkbage in #17455)isPending
only being true when transitioning from inside an input event (@ acdlite in #17382)React.memo
components dropping updates when interrupted by a higher priority update (@ acdlite in #18091)Artifacts
React DOM
useEffect
) not being fired in a multi-root app. (@ acdlite in #17347)React Is
lazy
andmemo
types considered elements instead of components (@ bvaughn in #17278)Artifacts
• react: https://unpkg.com/[email protected]/umd/
• react-art: https://unpkg.com/[email protected]/umd/
• react-dom: https://unpkg.com/[email protected]/umd/
• react-is: https://unpkg.com/[email protected]/umd/
• react-test-renderer: https://unpkg.com/[email protected]/umd/
• scheduler: https://unpkg.com/[email protected]/umd/
Package name: react-dom
React
React DOM
componentWillReceiveProps
,shouldComponentUpdate
, and so on). (@ gaearon in #18330)Artifacts
React
React.createFactory()
(@ trueadm in #17878)React DOM
style
may cause an unexpected collision (@ sophiebits in #14181, #18002)unstable_createPortal
(@ trueadm in #17880)onMouseEnter
being fired on disabled buttons (@ AlfredoGJ in #17675)shouldComponentUpdate
twice when developing inStrictMode
(@ bvaughn in #17942)version
property to ReactDOM (@ ealush in #15780)toString()
ofdangerouslySetInnerHTML
(@ sebmarkbage in #17773)Concurrent Mode (Experimental)
ReactDOM.createRoot()
(@ trueadm in #17937)ReactDOM.createRoot()
callback params and added warnings on usage (@ bvaughn in #17916)SuspenseList
CPU bound heuristic (@ sebmarkbage in #17455)isPending
only being true when transitioning from inside an input event (@ acdlite in #17382)React.memo
components dropping updates when interrupted by a higher priority update (@ acdlite in #18091)Artifacts
React DOM
useEffect
) not being fired in a multi-root app. (@ acdlite in #17347)React Is
lazy
andmemo
types considered elements instead of components (@ bvaughn in #17278)Artifacts
• react: https://unpkg.com/[email protected]/umd/
• react-art: https://unpkg.com/[email protected]/umd/
• react-dom: https://unpkg.com/[email protected]/umd/
• react-is: https://unpkg.com/[email protected]/umd/
• react-test-renderer: https://unpkg.com/[email protected]/umd/
• scheduler: https://unpkg.com/[email protected]/umd/
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs