[Snyk] Upgrade react-scripts from 1.1.1 to 1.1.5 by snyk-bot · Pull Request #5 · BeeTech-global/bee-hook-client

snyk-bot · 2019-12-18T08:04:22Z

Snyk has created this PR to upgrade react-scripts from 1.1.1 to 1.1.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 4 versions ahead of your current version.
The recommended version was released a year ago, on 2018-08-22.

The recommended version fixes:

Severity	Issue
	Open Redirect npm:url-parse:20180731
	Open Redirect npm:url-parse:20180731
	Regular Expression Denial of Service (ReDoS) npm:sshpk:20180409
	Regular Expression Denial of Service (ReDoS) npm:sshpk:20180409
	Prototype Override npm:querystringify:20180419
	Prototype Override npm:querystringify:20180419
	Arbitrary Command Injection npm:macaddress:20180511
	Prototype Pollution npm:extend:20180424
	Regular Expression Denial of Service (ReDoS) npm:diff:20180305
	Prototype Pollution npm:deep-extend:20180409
	Arbitrary File Overwrite SNYK-JS-TAR-174125
	Arbitrary Code Execution SNYK-JS-REACTDEVUTILS-72875
	Prototype Pollution SNYK-JS-HANDLEBARS-534988
	Arbitrary Code Execution SNYK-JS-HANDLEBARS-534478
	Denial of Service (DoS) SNYK-JS-HANDLEBARS-480388
	Prototype Pollution SNYK-JS-HANDLEBARS-469063
	Prototype Pollution SNYK-JS-HANDLEBARS-174183
	Prototype Pollution SNYK-JS-HANDLEBARS-173692
	Arbitrary File Overwrite SNYK-JS-FSTREAM-174725
	Regular Expression Denial of Service (ReDoS) npm:tough-cookie:20170905
	Uninitialized Memory Exposure npm:stringstream:20180511
	Regular Expression Denial of Service (ReDoS) npm:node-forge:20180226
	Prototype Pollution npm:hoek:20180212
	Insecure Randomness npm:cryptiles:20180710
	Timing Attack SNYK-JS-ELLIPTIC-511941
	Regular Expression Denial of Service (ReDoS) npm:nwmatcher:20180305
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905
	Regular Expression Denial of Service (ReDoS) npm:clean-css:20180306
	Prototype Pollution SNYK-JS-MERGE-72553

Release notes

Package name: react-scripts

1.1.5 - 2018-08-22
1.1.4 - 2018-04-04
1.1.3 - 2018-04-03
1.1.2 - 2018-04-02
1.1.1 - 2018-02-09

from react-scripts GitHub release notes

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade react-scripts from 1.1.1 to 1.1.5. See this package in NPM: https://www.npmjs.com/package/react-scripts See this project in Snyk: https://app.snyk.io/org/beetech/project/70c2b814-76b9-4ad8-9bd6-d288cacbbb04?utm_source=github&utm_medium=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade react-scripts from 1.1.1 to 1.1.5#5

[Snyk] Upgrade react-scripts from 1.1.1 to 1.1.5#5
snyk-bot wants to merge 1 commit intomasterfrom
snyk-upgrade-7361bf28eec5b073e019f9a104a89224

snyk-bot commented Dec 18, 2019

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

snyk-bot commented Dec 18, 2019

Snyk has created this PR to upgrade react-scripts from 1.1.1 to 1.1.5.

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant