René's URL Explorer Experiment

Title: [Snyk] Security upgrade stylus from 0.54.5 to 0.64.0 by one3chens · Pull Request #80 · feicc/angular-cli · GitHub

Open Graph Title: [Snyk] Security upgrade stylus from 0.54.5 to 0.64.0 by one3chens · Pull Request #80 · feicc/angular-cli

X Title: [Snyk] Security upgrade stylus from 0.54.5 to 0.64.0 by one3chens · Pull Request #80 · feicc/angular-cli

Description: Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. Changes included in this PR Changes to the following files to upgrade the vulnerable dependencies to a fixed version: package.json package-lock.json Vulnerabilities that will be fixed With an upgrade: Severity Priority Score (*) Issue Breaking Change Exploit Maturity 631/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.2 Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116 No Proof of Concept 479/1000 Why? Has a fix available, CVSS 5.3 Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818 No No Known Exploit (*) Note that the real score may have changed since the PR was raised. Commit messages Package name: stylus The new version differs by 250 commits. d6f55c1 fix: package.json format b67c717 0.64.0 9ad9ead chore(deps): bump glob from 7.1.6 to 10.4.5 (angular#2899) 391765f chore(deps): bump sax from 1.3.0 to 1.4.1 (angular#2878) 17654bf style: improve jsdoc for Render.define (angular#2893) 3f6aa97 chore(deps): bump denoland/setup-deno from 1 to 2 (angular#2898) fae5469 chore(deps): bump cookie and express in /docs (angular#2900) e2a0e8b chore(deps): bump body-parser and express in /docs (angular#2896) bea9687 chore(deps-dev): bump braces from 3.0.2 to 3.0.3 in /docs (angular#2885) 20523e6 chore(deps-dev): bump ejs from 3.1.8 to 3.1.10 in /docs (angular#2871) bbcb632 ci: add node v22 (angular#2870) 8f3e19b chore(deps-dev): bump mocha from 9.2.2 to 10.4.0 (angular#2864) a7e00c2 chore(deps-dev): bump express from 4.18.1 to 4.19.2 in /docs (angular#2865) 25aeae3 chore(deps-dev): bump vite from 2.9.17 to 2.9.18 in /docs (angular#2867) c5b0b90 0.63.0 (angular#2862) bf27a3a chore(deps): update @ adobe/css-tools to 4.3.2 (angular#2861) a358ad1 chore(deps-dev): bump vite from 2.9.16 to 2.9.17 in /docs (angular#2854) 62105f4 chore: update readme.md (angular#2845) 6de4526 0.62.0 (angular#2844) 49e3266 fix: super calls (angular#2843) e8f078f 0.61.0 (angular#2837) 566a9f2 chore(deps): bump @ adobe/css-tools from 4.2.0 to 4.3.1 (angular#2818) c07d246 chore: Remove node v10 and v12 which are EOL (angular#2834) a650f4d chore(deps): bump actions/setup-node from 3 to 4 (angular#2833) See the full diff Check the changes in this PR to ensure they won't cause issues with your project. Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: 🧐 View latest project report 🛠 Adjust project settings 📚 Read more about Snyk's upgrade and patch logic Learn how to fix vulnerabilities with free interactive lessons: 🦉 Regular Expression Denial of Service (ReDoS)

Open Graph Description: Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. Changes included in this PR Changes to the following files to upgrade the vulnerable depe...

X Description: Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project. Changes included in this PR Changes to the following files to upgrade the vulnerable depe...

Opengraph URL: https://github.com/feicc/angular-cli/pull/80

X: @github

direct link

Domain: patch-diff.githubusercontent.com

Links:

Viewport: width=device-width