Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade pixi.js from 4.3.0 to 4.8.4 #16

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade pixi.js from 4.3.0 to 4.8.4 #16

wants to merge 1 commit into from

Conversation

Coteh
Copy link
Owner

@Coteh Coteh commented Nov 16, 2023

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ISMOBILEJS-72624		 No No Known Exploit
Commit messages
Package name: pixi.js The new version differs by 250 commits.
  • 1f51a74 4.8.4
  • 5b78c15 Updates resource-loader@2.2.3
  • 4aed4f7 Bumps resource-loader in package-lock.json
  • 7e91c4c Update resource-loader (#5288)
  • d9ac3a7 Updates package-lock.json for ismobilejs
  • 4c0cbf4 Fixes vulnerability in ismobilejs (#5285)
  • c57ea4e Bumps earcut to 2.1.4 (#5279)
  • f045061 Rename parameters for user-friendly Ellipse (#5274)
  • 21f86f9 Updates resource-loader to support cross-origin via iframe (#5268)
  • 6a90c33 4.8.3
  • b6daf11 Updates old examples for BaseRenderTexture (#5262)
  • 138c0bf Fix Graphics _localBounds calculation with lineAlignment (#5245)
  • af381a4 Fix orientation for rounded rect (#5241)
  • 79db187 Fixes problem with destroying active framebuffer (#5257)
  • f913327 Fixes defaultAnchor to be included with Texture.clone (#5261)
  • cde1ecf Fixes TilingSprite for canvas to account rotated textures from texture atlas (#5243)
  • 6950f77 Renames Filter constructor argument from uniform to uniformData (#5239)
  • 90268cd Rotation cache optimization (#5230)
  • db0df69 Fix lineAlignment default value in JS doc (#5224)
  • bd4b758 UpdateTexture should not switch FrameBuffer (#5225)
  • 8db11a4 Uint16 UV attribute rounding error (#5218)
  • 62be8e9 Revert "LOD Bias support for BaseTexture (#5120)" (#5211)
  • 249ad86 LOD Bias support for BaseTexture (#5120)
  • 8e95851 Mask graphics holes in CanvasRenderer (#5202)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
馃 View latest project report

馃洜 Adjust project settings

馃摎 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

馃 Regular Expression Denial of Service (ReDoS)

@Coteh Coteh force-pushed the master branch 5 times, most recently from 6b5de48 to 61c0053 Compare January 15, 2024 21:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@Coteh @snyk-bot