Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade resolve.exports from 1.1.0 to 1.1.1 #10

Open
wants to merge 16 commits into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade resolve.exports from 1.1.0 to 1.1.1 #10

wants to merge 16 commits into from

Conversation

SherfeyInv
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade resolve.exports from 1.1.0 to 1.1.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 1 version ahead of your current version.

  • The recommended version was released on a year ago.

Release notes
Package name: resolve.exports
  • 1.1.1 - 2023-01-11

    Patches

    • Handle subpath entry names that start with a dot (#20):
      Thank you @ ErikMikkelson
    • Allow subpath patterns to include "*" anywhere (#16, #22): 7e41d63
    • Support null resolved values: (#16): d3bda82
    • Allow multiple "*" within the resolved value (#9):

    All these fixes allow the following package.json example to be resolved correctly (according to the latest "exports" resolution specification):

    {
  "name": "foobar",
  "exports": {
    // subpath w/ leading "."
    "./.ini": "./.ini",
    // nullable (private) values
    "./features/internal/*": null,
    "./features/*": "./src/features/*.js",
    "./features/private/*": null,
    // allow "*" anywhere in pattern
    "./views/*": "./src/views/*.js",
    "./views/*.jsx": "./src/views/*.jsx",
    "./views/*/template": "./src/views/*.html",
    // multiple wildcards in value
    "./es*": "./esm/*/GAP/*.js"
    // "foobar/es2015" => "./esm/2015/GAP/2015.js"
    // "foobar/es2015/a/b" => "./esm/2015/a/b/GAP/2015/a/b.js"
  }
}

    Types

    Chores

    • Add additional tests for subpath pattern depth (#23): 0bae61e
      Thank you @ huntie
    • Add Node 16.x and 18x to CI testing matrix: 4908584

    Full Changelog: v1.1.0...v1.1.1

  • 1.1.0 - 2021-10-15

    Features

    • Add unsafe option (#12, #13): 0b69d12
      Note: This option should not be used by most consumers, but is made available for edge cases. As the name suggests, this is "unsafe" and breaks away from the default Node resolve conditions.

    Chores

    Full Changelog: v1.0.2...v1.1.0

from resolve.exports GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

snyk-bot and others added 16 commits May 24, 2024 15:18
@snyk-bot
fix: upgrade typescript from 4.8.4 to 4.9.5
d663ac1 
Snyk has created this PR to upgrade typescript from 4.8.4 to 4.9.5.

See this package in npm:
typescript

See this project in Snyk:
https://app.snyk.io/org/sherfeyinv/project/e31943af-0ba8-4268-af6d-ad837b975fd3?utm_source=github&utm_medium=referral&page=upgrade-pr
@snyk-bot
fix: upgrade fast-glob from 3.2.7 to 3.3.2
9645c13 
Snyk has created this PR to upgrade fast-glob from 3.2.7 to 3.3.2.

See this package in npm:
fast-glob

See this project in Snyk:
https://app.snyk.io/org/sherfeyinv/project/605bca3a-582e-4705-9bb6-f64d8166f56f?utm_source=github&utm_medium=referral&page=upgrade-pr
@snyk-bot
fix: upgrade source-map-support from 0.5.19 to 0.5.21
f715657 
Snyk has created this PR to upgrade source-map-support from 0.5.19 to 0.5.21.

See this package in npm:
source-map-support

See this project in Snyk:
https://app.snyk.io/org/sherfeyinv/project/605bca3a-582e-4705-9bb6-f64d8166f56f?utm_source=github&utm_medium=referral&page=upgrade-pr
@snyk-bot
fix: upgrade ora from 5.3.0 to 5.4.1
6be563a 
Snyk has created this PR to upgrade ora from 5.3.0 to 5.4.1.

See this package in npm:
ora

See this project in Snyk:
https://app.snyk.io/org/sherfeyinv/project/605bca3a-582e-4705-9bb6-f64d8166f56f?utm_source=github&utm_medium=referral&page=upgrade-pr
@snyk-bot
fix: upgrade minimatch from 9.0.3 to 9.0.4
0b754dd 
Snyk has created this PR to upgrade minimatch from 9.0.3 to 9.0.4.

See this package in npm:
minimatch

See this project in Snyk:
https://app.snyk.io/org/sherfeyinv/project/605bca3a-582e-4705-9bb6-f64d8166f56f?utm_source=github&utm_medium=referral&page=upgrade-pr
@snyk-bot
fix: packages/rollup/package.json to reduce vulnerabilities
cec8d45 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
@snyk-bot
fix: packages/nx/src/plugins/js/lock-file/__fixtures__/nextjs/package…
60e2073 
….json & packages/nx/src/plugins/js/lock-file/__fixtures__/nextjs/package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-SEMVER-3247795
@SherfeyInv
Merge pull request #7 from SherfeyInv/snyk-fix-8dd87137a2fefea73e804f…
ba0eeeb 
…bf7e40fd40

[Snyk] Security upgrade @nrwl/next from 15.3.3 to 15.8.0
@SherfeyInv
Merge pull request #6 from SherfeyInv/snyk-fix-0d2512c57c48a6af495e64…
e148399 
…f9dce456b5

[Snyk] Security upgrade @rollup/plugin-commonjs from 25.0.8 to 26.0.0
@SherfeyInv
Merge pull request #5 from SherfeyInv/snyk-upgrade-2e2cbec910adcbbdf4…
9045a82 
…8d9187fb02d5bb

[Snyk] Upgrade minimatch from 9.0.3 to 9.0.4
@SherfeyInv
Merge branch 'master' into snyk-upgrade-fcc49cd8969831c78d6bccb6957f4814
56d632b
@SherfeyInv
Merge pull request #4 from SherfeyInv/snyk-upgrade-fcc49cd8969831c78d…
2d7092a 
…6bccb6957f4814

[Snyk] Upgrade ora from 5.3.0 to 5.4.1
@SherfeyInv
Merge pull request #3 from SherfeyInv/snyk-upgrade-76492e3d94360173c1…
23d31ab 
…82dd27adeac755

[Snyk] Upgrade source-map-support from 0.5.19 to 0.5.21
@SherfeyInv
Merge pull request #2 from SherfeyInv/snyk-upgrade-71c0181c53cec4a103…
8c9ade1 
…d05cee031bc304

[Snyk] Upgrade fast-glob from 3.2.7 to 3.3.2
@SherfeyInv
Merge pull request #1 from SherfeyInv/snyk-upgrade-c346dfa2e35904bda5…
ff593c2 
…13311aa1ed03c5

[Snyk] Upgrade typescript from 4.8.4 to 4.9.5
@snyk-bot
fix: upgrade resolve.exports from 1.1.0 to 1.1.1
4d0f6bd 
Snyk has created this PR to upgrade resolve.exports from 1.1.0 to 1.1.1.

See this package in npm:
resolve.exports

See this project in Snyk:
https://app.snyk.io/org/sherfeyinv/project/6183de9a-219d-4332-93d0-d1103a3a4646?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@SherfeyInv @snyk-bot