Skip to content

[Snyk-dev] Security upgrade quasar-cli from 0.15.14 to 0.17.0 #37

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk-dev] Security upgrade quasar-cli from 0.15.14 to 0.17.0 #37

wants to merge 1 commit into from

Conversation

gjvis
Copy link
Owner

@gjvis gjvis commented May 16, 2022

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-BROWSERSLIST-1090194		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: quasar-cli The new version differs by 188 commits.
  • 6bdc66b chore: Bump version to official v0.17
  • dcf8a81 chore: Remove debugging statement
  • 0d9c96b fix: SSR + PWA issue
  • 9192374 feat: Update store template & deps
  • a44ba57 chore: Bump version
  • f130c34 perf: Improve preFetch performance; add preFetch param (previousRoute)
  • 2671960 feat: failsafe for parseBuildEnv
  • e68a55f chore: Various fixes & deps updates
  • eaff16b perf: Enhance dev-server cleanup
  • e10e718 fix: HMR failing in certain scenarios for SSR
  • d09b30d feat: index.template.html support for <%= htmlWebpackPlugin.process.env %>
  • 2047aa6 chore: Bump version
  • bc06ede fix: Force "/" as publicPath for SSR
  • e7ace95 fix: preFetch() currentRoute parameter
  • 13b00fa feat: SSR - dev & prod common code through src-ssr/extension.js
  • 085172a feat: Automatically set devtools, performance & productionTip for Vue.config
  • bd5534d feat: SSR error page when developing and server encounters an error
  • 8e394de chore: Bump version
  • dcf2034 fix: Corner case in app plugins. "currentRoute" and "redirect" parameters need to be dropped.
  • 9442cba chore: Bump version
  • 1bd6361 feat: Quasar plugin & preFetch new params: currentRoute, redirect
  • a987404 chore: Small addition to previous commit
  • 60e2ecb feat: createRouter(), createStore() and preFetch() now also receive ssrContext as param
  • 24df317 fix: preFetch() in App.vue

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gjvis @snyk-bot