Skip to content

[Snyk] Security upgrade astro from 5.10.1 to 5.14.3 #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Security upgrade astro from 5.10.1 to 5.14.3 #8

wants to merge 1 commit into from

Conversation

BekahHW
Copy link
Contributor

@BekahHW BekahHW commented Oct 17, 2025

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • package.json
  • package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
medium severity Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
SNYK-JS-ASTRO-13535085		   738  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

@BekahHW BekahHW requested a review from adiati98 as a code owner October 17, 2025 08:21
github-actions[bot]
github-actions bot reviewed Oct 17, 2025
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR Compliance Checks

Thank you for your Pull Request! We have run several checks on this pull request in order to make sure it's suitable for merging into this project. The results are listed in the following section.

Issue Reference

In order to be considered for merging, the pull request description must refer to a specific issue number.
This check is looking for a phrase similar to: "Fixes #XYZ" or "Resolves #XYZ" where XYZ is the issue number that this pull request is meant to address.

Conventional Commit PR Title

In order to be considered for merging, the pull request title must match the specification in conventional commits. You can edit the title in order for this check to pass.
Most often, our PR titles are something like one of these:

  • docs: correct typo in README
  • feat: implement dark mode"
  • fix: correct remove button behavior

Linting Errors

  • Found type "null", must be one of "feat","fix","docs","style","refactor","perf","test","build","ci","chore","revert"
  • No subject found

Watched Files

This pull request modifies specific files that require careful review by the maintainers.

Files Matched

  • package-lock.json
  • package.json

@netlify Netlify
Copy link

netlify bot commented Oct 17, 2025
edited
Loading

Deploy Preview for oss-communities ready!

Name Link
🔨 Latest commit 7b8cc5e
🔍 Latest deploy log https://app.netlify.com/projects/oss-communities/deploys/68f1fc6f8f06070008f1efd0
😎 Deploy Preview https://deploy-preview-8--oss-communities.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@adiati98 adiati98 Awaiting requested review from adiati98 adiati98 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@BekahHW @snyk-bot