New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

VM-332 - MEND - Update dependency nanoid to v3.3.7 #28

Open

copper-mend-app wants to merge 1 commit into develop from fix-VM-332-MEND_nanoid-3.x-lockfile

copper-mend-app bot commented May 24, 2024

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
nanoid	`3.1.12` -> `3.3.7`

This PR resolves the vulnerabilities described in Issue #-1

Version 3.1.12

Risk Change	Critical	High	Medium	Low
N/A	0	0	1	0

Version 3.3.7

Risk Change	Critical	High	Medium	Low
-100%	0 (--)	0 (--)	0 (-1 )	0 (--)

Mend ensures you have the greatest risk reduction ("Recommended Fix"-highlighted in green) by removing as many vulnerabilities as possible. Click to see how we calculate risk reduction.

Release Notes

ai/nanoid (nanoid)

`v3.3.7`

Fixed node16 TypeScript support (by Saadi Myftija).

`v3.3.6`

Fixed package.

`v3.3.5`

Backport funding information.

`v3.3.4`

Fixed --help in CLI (by @Lete114).

`v3.3.3`

Reduced size (by Anton Khlynovskiy).

`v3.3.2`

Fixed enhanced-resolve support.

`v3.3.1`

Reduced package size.

`v3.3.0`

`v3.2.0`

`v3.1.32`

Reduced async exports size (by Artyom Arutyunyan).
Moved from Jest to uvu (by Vitaly Baev).

`v3.1.31`

Fixed collision vulnerability on object in size (by Artyom Arutyunyan).

`v3.1.30`

Reduced size for project with brotli compression (by Anton Khlynovskiy).

`v3.1.29`

Reduced npm package size.

`v3.1.28`

Reduced npm package size.

`v3.1.27`

Cleaned dependencies from development tools.

`v3.1.26`

Improved performance (by Eitan Har-Shoshanim).
Reduced npm package size.

`v3.1.25`

Fixed browserify support.

`v3.1.24`

Fixed browserify support (by Artur Paikin).

`v3.1.23`

Fixed esbuild support.

`v3.1.22`

Added default and browser.default to package.exports.

`v3.1.21`

Reduced npm package size.

`v3.1.20`

Fix ES modules support.

`v3.1.19`

Reduced customAlphabet size (by Enrico Scherlies).

`v3.1.18`

Fixed package.exports.

`v3.1.17`

Added files without process.

`v3.1.16`

Speeded up Nano ID 4 times (by Peter Boyer).

`v3.1.15`

Fixed package.types path.

`v3.1.14`

Added package.types.

`v3.1.13`

Removed Node.js 15.0.0 with randomFillSync regression from engines.node.

If you want to rebase/retry this PR, check this box


          VM-332 - MEND - Update dependency nanoid to v3.3.7

d28a8f1

copper-mend-app bot added the security fix label

copper-mend-app bot changed the title ~~VM-332 - MEND - Update dependency nanoid to v3.3.7~~ VM-332 - MEND - Update dependency nanoid to v3.3.7 - autoclosed

copper-mend-app bot closed this

copper-mend-app bot deleted the fix-VM-332-MEND_nanoid-3.x-lockfile branch

May 28, 2024 18:14

copper-mend-app bot restored the fix-VM-332-MEND_nanoid-3.x-lockfile branch

May 29, 2024 18:13

copper-mend-app bot changed the title ~~VM-332 - MEND - Update dependency nanoid to v3.3.7 - autoclosed~~ VM-332 - MEND - Update dependency nanoid to v3.3.7

copper-mend-app bot reopened this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels