Skip to content
This repository has been archived by the owner on Feb 12, 2022. It is now read-only.

[Snyk] Security upgrade codemirror from 5.39.0 to 5.54.0 #1100

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

[Snyk] Security upgrade codemirror from 5.39.0 to 5.54.0 #1100

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

✨What is Merge Advice? We check thousands of dependency upgrade pull requests and CI tests every day to see which upgrades were successfully merged. After crunching this data, we give a recommendation on how safe we think the change is for you to merge without causing issues. Learn more, and share your feedback to help improve this feature. 🙏

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • ArgusWeb/app/package.json
    • ArgusWeb/app/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
low severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-CODEMIRROR-569611		 No No Known Exploit
Commit messages
Package name: codemirror The new version differs by 250 commits.
  • a5497d1 Mark version 5.54.0
  • 4377c08 [gfm mode] add fencedCodeBlockDefaultMode option
  • e56014c [soy mode] Fix bug with "map" in type name
  • 8facd90 [vim] Allow Ex-Commands with non-word names
  • 25e7a32 [match-highlighter] Fix issue in highlighting non-alphanumeric tokens
  • b6ac63e Proper escaping of \s
  • 890cb6b [javascript mode] Fix a runaway regexp
  • 0884405 [runmode addon] Add support for lookahead
  • a810aee [mode/meta] Remove unwanted space in TiddlyWiki mode name
  • 8e260c2 [dart mode] Add `late` and `required` keywords, `Null` and `Never` types
  • 0de283c [tcl mode] Add # as a lineComment
  • 2e841f6 Add a sponsors section to the website
  • 632f30b Increase size of scrollbar-hack gap
  • a9774d9 [javascript operator] Properly implement optional chaining operator
  • b6a75e5 [matchbrackets addon] Disable highlighting when the editor isn't focused
  • c41dec1 Also ignore clipboard events inside widgets in contenteditable input mode
  • dfa4bda [runmode standalone] Add support for globalThis
  • 6890f98 Don't mess with the selection when refocusing a text field
  • a67ed9a [javascript mode] Allow class fields in non-TS mode
  • 46f2723 [javascript mode] Add support for private properties
  • 0b64369 Disable scroll workaround in start-drag handler for Safari
  • ad54953 [vim bindings] Remove a duplicate entry in defaultExCommandMap
  • e8c0a77 Disable scroll-on-focus in drag focus kludge
  • 64e4504 [python mode] Somewhat improve handling of format specs in format strings

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

@snyk-bot
fix: ArgusWeb/app/package.json & ArgusWeb/app/package-lock.json to re…
3eee560 
…duce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-CODEMIRROR-569611
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
cla:signed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@snyk-bot