René's URL Explorer Experiment

Title: [Snyk] Security upgrade webpack-dev-server from 2.7.1 to 4.0.0 by one3chens · Pull Request #71 · feicc/angular-cli · GitHub

Open Graph Title: [Snyk] Security upgrade webpack-dev-server from 2.7.1 to 4.0.0 by one3chens · Pull Request #71 · feicc/angular-cli

X Title: [Snyk] Security upgrade webpack-dev-server from 2.7.1 to 4.0.0 by one3chens · Pull Request #71 · feicc/angular-cli

Description: This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. Changes included in this PR Changes to the following files to upgrade the vulnerable dependencies to a fixed version: package.json package-lock.json Vulnerabilities that will be fixed With an upgrade: Severity Priority Score (*) Issue Breaking Change Exploit Maturity 661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5 Uncontrolled resource consumption SNYK-JS-BRACES-6838727 Yes No Known Exploit 661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5 Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728 Yes No Known Exploit (*) Note that the real score may have changed since the PR was raised. Commit messages Package name: webpack-dev-server The new version differs by 250 commits. c9271b9 chore(release): 4.0.0 18bf369 test: fix stability (angular#3676) cdcabb2 fix: respect protocol from browser for manual setup (angular#3675) 1768d6b fix: initial reloading for lazy compilation (angular#3662) 4f5bab1 docs: improve examples (angular#3672) f2d87fb fix: improve https CLI output (angular#3673) 0277c5e chore: remove redundant console statements (angular#3671) 16fcdbc docs: add `ipc` example (angular#3667) 8915fb8 test: add e2e tests for built in routes (angular#3669) 4d1cbe1 docs: ask `version` information in issue template (angular#3668) b6c1881 chore(deps-dev): bump core-js from 3.16.1 to 3.16.2 (angular#3666) ffa8cc5 chore(deps-dev): bump supertest from 6.1.5 to 6.1.6 (angular#3665) f1fdaa7 chore(release): 4.0.0-rc.1 c4678bc fix: legacy API (angular#3660) d8bdd03 test: fix stability (angular#3661) 22b1414 refactor: remove `killable` (angular#3657) 75bafbf test: add e2e tests for module federation (angular#3658) 493ccbd chore(deps): update `ws` (angular#3652) ae8c523 test: add e2e test for universal compiler (angular#3656) f94b84f chore(deps): update (angular#3655) 1923132 test: fix cli 2adfd01 test: fix todo (angular#3653) 6e2cbde fix: proxy logging and allow to pass options without the `target` option (angular#3651) c9ccc96 fix: respect infastructureLogging.level for client.logging (angular#3613) See the full diff Check the changes in this PR to ensure they won't cause issues with your project. Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: 🧐 View latest project report 🛠 Adjust project settings 📚 Read more about Snyk's upgrade and patch logic Learn how to fix vulnerabilities with free interactive lessons: 🦉 Uncontrolled resource consumption

Open Graph Description: This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. Changes inc...

X Description: This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. Changes inc...

Opengraph URL: https://github.com/feicc/angular-cli/pull/71

X: @github

direct link

Domain: patch-diff.githubusercontent.com

Links:

Viewport: width=device-width