Skip to content

Update dependency sw-precache-webpack-plugin to v1 #25

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
dev-mend-for-github-com wants to merge 1 commit into
base: alpha
Choose a base branch
from

Update dependency sw-precache-webpack-plugin to v1

4ebdb41
Select commit
Loading
Failed to load commit list.
Open

Update dependency sw-precache-webpack-plugin to v1 #25

Update dependency sw-precache-webpack-plugin to v1
4ebdb41
Select commit
Loading
Failed to load commit list.
Dev - Mend for GitHub.com / Mend Security Check failed Jan 22, 2026 in 2m 11s

Security Report

❗️Scan Warnings: The scan completed with warnings. The integration encountered issues with one or more projects in this repository. Consequently, there may be gaps in the coverage of open-source dependencies used in the repository.

Scan Details Report

general

/tmp/ws-scm/spectrum
Step Level Description Details
Checking if vulnerabilities are reachable ⚠Warn Problem occurred while performing the reachability stage Reachability update request path not found

You have successfully remediated 25 vulnerabilities, but introduced 1 new vulnerabilities in this branch.

❌ New vulnerabilities:
Vulnerability Severity CVSS Score Vulnerable Library Direct Library Suggested Fix Issue Reachability
CVE-2021-23337

Path to dependency file: /api/package.json

Path to vulnerable library: /api/package.json

Dependency Hierarchy:

-> sw-precache-webpack-plugin-1.0.0.tgz (Root Library)

   -> ❌ lodash.template-4.5.0.tgz (Vulnerable Library)

High 7.2 Transitive lodash.template-4.5.0.tgz sw-precache-webpack-plugin-1.0.0.tgz Transitive lodash - 4.17.21,lodash-es - 4.17.21 None

✔️ Remediated vulnerabilities:

Vulnerability Vulnerable Library
GHSA-f52g-6jhx-586p handlebars-4.1.2.tgz
GHSA-6chw-6frg-f759 acorn-6.1.1.tgz
GHSA-v2p6-4mp7-3r9v underscore.string-2.4.0.tgz
GHSA-c3m8-x3cg-qm2c helmet-csp-2.7.1.tgz
GHSA-w42g-7vfc-xf37 apollo-server-core-2.9.12.tgz
GHSA-7fhm-mqm4-2wp7 acorn-6.1.1.tgz
GHSA-pc5p-h8pf-mvwp https-proxy-agent-2.2.1.tgz
GHSA-64g7-mvw6-v9qj shelljs-0.8.3.tgz
GHSA-35jh-r3h4-6jhm lodash-4.17.15.tgz
CVE-2025-404142 buffers-0.1.1.tgz
GHSA-7fhm-mqm4-2wp7 minimist-0.0.8.tgz
GHSA-w42g-7vfc-xf37 apollo-server-core-2.5.0-alpha.0.tgz
GHSA-7wwv-vh3v-89cq highlight.js-9.15.8.tgz
GHSA-7fhm-mqm4-2wp7 acorn-4.0.13.tgz
GHSA-35jh-r3h4-6jhm lodash-4.17.11.tgz
GHSA-w42g-7vfc-xf37 apollo-server-express-2.9.12.tgz
GHSA-8x6c-cv3v-vp6g cacheable-request-2.1.4.tgz
GHSA-q2c6-c6pm-g3gh handlebars-4.1.2.tgz
GHSA-j5g3-5c8r-7qfx apollo-server-core-2.9.12.tgz
GHSA-7fhm-mqm4-2wp7 minimist-1.2.0.tgz
GHSA-g95f-p29q-9xw4 braces-1.8.5.tgz
GHSA-7fhm-mqm4-2wp7 minimist-0.0.10.tgz
GHSA-w42g-7vfc-xf37 apollo-server-express-2.5.0-alpha.0.tgz
GHSA-j5g3-5c8r-7qfx apollo-server-core-2.5.0-alpha.0.tgz
GHSA-4xcv-9jjx-gfj3 mem-1.1.0.tgz

Base branch total remaining vulnerabilities: 227
Base branch commit: d8a4d1743dfb4e8c2596563c8b569bb9ec3f1892


Total libraries scanned: 1802

Scan token: d22d8426d4854634850dd1b114e57bd7

View more details on Dev - Mend for GitHub.com