Coder Social home page Coder Social logo

p3ol / oak Goto Github PK

View Code? Open in Web Editor NEW
48.0 4.0 9.0 19.63 MB

🌳 Modern, lightweight & modulable page builder

Home Page: https://p3ol.github.io/oak/

License: MIT License

JavaScript 5.15% Sass 7.05% TypeScript 87.81%
builder drag-and-drop website-builder page-builder nocode visual-editor wysiwyg

oak's Issues

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.sortby:4.7.0

Vulnerabilities

DepShield reports that this application's usage of lodash.sortby:4.7.0 results in the following vulnerability(s):

Occurrences

lodash.sortby:4.7.0 is a transitive dependency introduced by the following direct dependency(s):

lerna:3.22.1
        └─ @lerna/create:3.22.0
              └─ whatwg-url:7.1.0
                    └─ lodash.sortby:4.7.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 5.3) Vulnerability due to usage of kind-of:4.0.0

Vulnerabilities

DepShield reports that this application's usage of kind-of:4.0.0 results in the following vulnerability(s):

Occurrences

kind-of:4.0.0 is a transitive dependency introduced by the following direct dependency(s):

webpack:4.44.1
        └─ micromatch:3.1.10
              └─ snapdragon:0.8.2
                    └─ base:0.11.2
                          └─ cache-base:1.0.1
                                └─ has-value:1.0.0
                                      └─ has-values:1.0.0
                                            └─ kind-of:4.0.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.5) Vulnerability due to usage of q:1.5.1

Vulnerabilities

DepShield reports that this application's usage of q:1.5.1 results in the following vulnerability(s):

Occurrences

q:1.5.1 is a transitive dependency introduced by the following direct dependency(s):

lerna:3.22.1
        └─ @lerna/version:3.22.1
              └─ @lerna/conventional-commits:3.22.0
                    └─ conventional-changelog-angular:5.0.11
                          └─ q:1.5.1
                    └─ conventional-changelog-core:3.2.3
                          └─ q:1.5.1
                    └─ conventional-recommended-bump:5.0.1
                          └─ q:1.5.1

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

Detected dependencies

Branch master
github-actions
.github/workflows/ci.yml
  • actions/checkout v4
  • actions/setup-node v4
  • actions/checkout v4
  • actions/setup-node v4
  • codecov/codecov-action v4.5.0
  • actions/checkout v4
  • actions/setup-node v4
.github/workflows/gh-pages.yml
  • actions/checkout v4
  • actions/setup-node v4
  • actions/configure-pages v5
  • actions/upload-pages-artifact v3
  • actions/deploy-pages v4
npm
package.json
  • @babel/eslint-plugin 7.25.1
  • @ckeditor/ckeditor5-alignment 41.4.2
  • @ckeditor/ckeditor5-basic-styles 41.4.2
  • @ckeditor/ckeditor5-block-quote 41.4.2
  • @ckeditor/ckeditor5-core 41.4.2
  • @ckeditor/ckeditor5-dev-translations 40.2.3
  • @ckeditor/ckeditor5-dev-utils 40.2.3
  • @ckeditor/ckeditor5-editor-classic 41.4.2
  • @ckeditor/ckeditor5-editor-multi-root 41.4.2
  • @ckeditor/ckeditor5-engine 41.4.2
  • @ckeditor/ckeditor5-essentials 41.4.2
  • @ckeditor/ckeditor5-font 41.4.2
  • @ckeditor/ckeditor5-horizontal-line 41.4.2
  • @ckeditor/ckeditor5-indent 41.4.2
  • @ckeditor/ckeditor5-link 41.4.2
  • @ckeditor/ckeditor5-list 41.4.2
  • @ckeditor/ckeditor5-paragraph 41.4.2
  • @ckeditor/ckeditor5-react 7.0.0
  • @ckeditor/ckeditor5-remove-format 41.4.2
  • @ckeditor/ckeditor5-table 41.4.2
  • @ckeditor/ckeditor5-theme-lark 41.4.2
  • @ckeditor/ckeditor5-typing 41.4.2
  • @ckeditor/ckeditor5-ui 41.4.2
  • @ckeditor/ckeditor5-utils 41.4.2
  • @ckeditor/ckeditor5-watchdog 41.4.2
  • @junipero/core 3.7.1
  • @junipero/tailwind-plugin 3.7.1
  • @percy/storybook 6.0.2
  • @poool/eslint-config 3.0.1
  • @poool/eslint-config-react 3.0.1
  • @poool/eslint-plugin 3.0.0
  • @remirror/pm 2.0.9
  • @remirror/react 2.0.35
  • @rollup/plugin-alias 5.1.1
  • @rollup/plugin-commonjs 26.0.3
  • @rollup/plugin-node-resolve 15.3.0
  • @rollup/plugin-swc 0.4.0
  • @rollup/plugin-terser 0.4.4
  • @storybook/addon-actions 8.3.3
  • @storybook/addon-storysource 8.3.3
  • @storybook/addon-styling-webpack 1.0.0
  • @storybook/addon-themes 8.3.3
  • @storybook/addon-webpack5-compiler-swc 1.0.5
  • @storybook/react 8.3.3
  • @storybook/react-webpack5 8.3.3
  • @storybook/theming 8.3.3
  • @swc/core 1.7.28
  • @swc/jest 0.2.36
  • @testing-library/dom 10.4.0
  • @testing-library/jest-dom 6.5.0
  • @testing-library/react 16.0.1
  • @types/jest 29.5.13
  • @types/node 22.6.1
  • @types/react 18.3.9
  • @types/react-dom 18.3.0
  • @typescript-eslint/parser 8.7.0
  • autoprefixer 10.4.20
  • ckeditor5 41.4.2
  • css-loader 7.1.2
  • eslint 8.57.1
  • eslint-config-standard 17.1.0
  • eslint-plugin-import 2.30.0
  • eslint-plugin-n 17.10.3
  • eslint-plugin-promise 7.1.0
  • eslint-plugin-react 7.36.1
  • jest 29.7.0
  • jest-css-modules-transform 4.4.2
  • jest-environment-jsdom 29.7.0
  • jest-transform-stub 2.0.0
  • lerna 8.1.8
  • lerna-changelog 2.2.0
  • postcss 8.4.47
  • postcss-loader 8.1.1
  • react 18.3.1
  • react-dom 18.3.1
  • remirror 2.0.40
  • rollup 4.22.4
  • rollup-plugin-postcss 4.0.2
  • sass 1.79.3
  • sass-loader 16.0.2
  • storybook 8.3.3
  • storybook-dark-mode 4.0.2
  • style-loader 4.0.0
  • swc-loader 0.2.6
  • tailwindcss 3.4.13
  • terser-webpack-plugin 5.3.10
  • typescript 5.6.2
  • webpack 5.94.0
  • webpack-cli 5.1.4
  • yarn 4.5.0
packages/addon-ckeditor5-react/package.json
  • @ckeditor/ckeditor5-react ^6.0.0 || ^7.0.0
  • react ^18.0.0
  • react-dom ^18.0.0
  • node >= 18
packages/addon-remirror/package.json
  • @remirror/pm ^2.0.0
  • @remirror/react ^2.0.0
  • react ^18.0.0
  • react-dom ^18.0.0
  • remirror ^2.0.0
  • node >= 18
packages/ckeditor5-build-custom/package.json
  • react ^18.0.0
  • react-dom ^18.0.0
  • node >= 18
packages/core/package.json
  • @junipero/core 3.7.1
  • uuid 10.0.0
  • node >= 18
packages/react/package.json
  • @floating-ui/react 0.26.24
  • @junipero/hooks 3.7.0
  • @junipero/react 3.8.1
  • @junipero/transitions 3.8.1
  • uuid 10.0.0
  • react ^18.0.0
  • react-dom ^18.0.0
  • node >= 18
packages/strapi-plugin/package.json
  • @ckeditor/ckeditor5-react 7.0.0
  • @remirror/pm 2.0.9
  • @remirror/react 2.0.35
  • @strapi/design-system 1.19.0
  • @strapi/icons 1.19.0
  • remirror 2.0.40
  • styled-components 6.1.13
  • @strapi/strapi ^4.4.0
  • react ^17.0.2 || ^18.0.0
  • react-dom ^17.0.2 || ^18.0.0
  • node >= 18
packages/theme/package.json
  • @junipero/theme 3.7.0
  • node >= 18
Branch develop
github-actions
.github/workflows/ci.yml
  • actions/checkout v4
  • actions/setup-node v4
  • actions/checkout v4
  • actions/setup-node v4
  • codecov/codecov-action v4.5.0
  • actions/checkout v4
  • actions/setup-node v4
.github/workflows/gh-pages.yml
  • actions/checkout v4
  • actions/setup-node v4
  • actions/configure-pages v5
  • actions/upload-pages-artifact v3
  • actions/deploy-pages v4
npm
package.json
  • @babel/eslint-plugin 7.25.1
  • @ckeditor/ckeditor5-alignment 43.1.0
  • @ckeditor/ckeditor5-basic-styles 43.1.0
  • @ckeditor/ckeditor5-block-quote 43.1.0
  • @ckeditor/ckeditor5-core 43.1.0
  • @ckeditor/ckeditor5-dev-translations 43.0.0
  • @ckeditor/ckeditor5-dev-utils 43.0.0
  • @ckeditor/ckeditor5-editor-classic 43.1.0
  • @ckeditor/ckeditor5-editor-multi-root 43.1.0
  • @ckeditor/ckeditor5-engine 43.1.0
  • @ckeditor/ckeditor5-essentials 43.1.0
  • @ckeditor/ckeditor5-font 43.1.0
  • @ckeditor/ckeditor5-horizontal-line 43.1.0
  • @ckeditor/ckeditor5-indent 43.1.0
  • @ckeditor/ckeditor5-link 43.1.0
  • @ckeditor/ckeditor5-list 43.1.0
  • @ckeditor/ckeditor5-paragraph 43.1.0
  • @ckeditor/ckeditor5-react 9.2.0
  • @ckeditor/ckeditor5-remove-format 43.1.0
  • @ckeditor/ckeditor5-table 43.1.0
  • @ckeditor/ckeditor5-theme-lark 43.1.0
  • @ckeditor/ckeditor5-typing 43.1.0
  • @ckeditor/ckeditor5-ui 43.1.0
  • @ckeditor/ckeditor5-utils 43.1.0
  • @ckeditor/ckeditor5-watchdog 43.1.0
  • @junipero/core 3.7.1
  • @junipero/tailwind-plugin 3.7.1
  • @percy/storybook 6.0.2
  • @poool/eslint-config 3.0.1
  • @poool/eslint-config-react 3.0.1
  • @poool/eslint-plugin 3.0.0
  • @remirror/pm 2.0.9
  • @remirror/react 2.0.35
  • @rollup/plugin-alias 5.1.1
  • @rollup/plugin-commonjs 26.0.3
  • @rollup/plugin-node-resolve 15.3.0
  • @rollup/plugin-swc 0.4.0
  • @rollup/plugin-terser 0.4.4
  • @storybook/addon-actions 8.3.3
  • @storybook/addon-storysource 8.3.3
  • @storybook/addon-styling-webpack 1.0.0
  • @storybook/addon-themes 8.3.3
  • @storybook/addon-webpack5-compiler-swc 1.0.5
  • @storybook/react 8.3.3
  • @storybook/react-webpack5 8.3.3
  • @storybook/theming 8.3.3
  • @swc/core 1.7.28
  • @swc/jest 0.2.36
  • @testing-library/dom 10.4.0
  • @testing-library/jest-dom 6.5.0
  • @testing-library/react 16.0.1
  • @types/jest 29.5.13
  • @types/node 22.6.1
  • @types/react 18.3.9
  • @types/react-dom 18.3.0
  • @typescript-eslint/parser 8.7.0
  • autoprefixer 10.4.20
  • ckeditor5 43.1.0
  • css-loader 7.1.2
  • eslint 8.57.1
  • eslint-config-standard 17.1.0
  • eslint-plugin-import 2.30.0
  • eslint-plugin-n 17.10.3
  • eslint-plugin-promise 7.1.0
  • eslint-plugin-react 7.36.1
  • jest 29.7.0
  • jest-css-modules-transform 4.4.2
  • jest-environment-jsdom 29.7.0
  • jest-transform-stub 2.0.0
  • lerna 8.1.8
  • lerna-changelog 2.2.0
  • postcss 8.4.47
  • postcss-loader 8.1.1
  • react 18.3.1
  • react-dom 18.3.1
  • remirror 2.0.40
  • rollup 4.22.4
  • rollup-plugin-postcss 4.0.2
  • sass 1.79.3
  • sass-loader 16.0.2
  • storybook 8.3.3
  • storybook-dark-mode 4.0.2
  • style-loader 4.0.0
  • swc-loader 0.2.6
  • tailwindcss 3.4.13
  • terser-webpack-plugin 5.3.10
  • typescript 5.6.2
  • webpack 5.94.0
  • webpack-cli 5.1.4
  • yarn 4.5.0
packages/addon-ckeditor5-react/package.json
  • @ckeditor/ckeditor5-react ^6.0.0 || ^7.0.0
  • react ^18.0.0
  • react-dom ^18.0.0
  • node >= 18
packages/addon-remirror/package.json
  • @remirror/pm ^2.0.0
  • @remirror/react ^2.0.0
  • react ^18.0.0
  • react-dom ^18.0.0
  • remirror ^2.0.0
  • node >= 18
packages/ckeditor5-build-custom/package.json
  • react ^18.0.0
  • react-dom ^18.0.0
  • node >= 18
packages/core/package.json
  • @junipero/core 3.7.1
  • uuid 10.0.0
  • node >= 18
packages/react/package.json
  • @floating-ui/react 0.26.24
  • @junipero/hooks 3.7.0
  • @junipero/react 3.8.1
  • @junipero/transitions 3.8.1
  • uuid 10.0.0
  • react ^18.0.0
  • react-dom ^18.0.0
  • node >= 18
packages/strapi-plugin/package.json
  • @ckeditor/ckeditor5-react 9.2.0
  • @remirror/pm 2.0.9
  • @remirror/react 2.0.35
  • @strapi/design-system 1.19.0
  • @strapi/icons 1.19.0
  • remirror 2.0.40
  • styled-components 6.1.13
  • @strapi/strapi ^4.4.0
  • react ^17.0.2 || ^18.0.0
  • react-dom ^17.0.2 || ^18.0.0
  • node >= 18
packages/theme/package.json
  • @junipero/theme 3.7.0
  • node >= 18
  • Check this box to trigger a request for Renovate to run again on this repository

Action Required: Fix Renovate Configuration

There is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop PRs until it is resolved.

Error type: undefined. Note: this is a nested preset so please contact the preset author if you are unable to fix it yourself.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash._reinterpolate:3.0.0

Vulnerabilities

DepShield reports that this application's usage of lodash._reinterpolate:3.0.0 results in the following vulnerability(s):

Occurrences

lodash._reinterpolate:3.0.0 is a transitive dependency introduced by the following direct dependency(s):

lerna:3.22.1
        └─ @lerna/version:3.22.1
              └─ @lerna/conventional-commits:3.22.0
                    └─ lodash.template:4.5.0
                          └─ lodash._reinterpolate:3.0.0
                          └─ lodash.templatesettings:4.2.0
                                └─ lodash._reinterpolate:3.0.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 5.3) Vulnerability due to usage of kind-of:5.1.0

Vulnerabilities

DepShield reports that this application's usage of kind-of:5.1.0 results in the following vulnerability(s):

Occurrences

kind-of:5.1.0 is a transitive dependency introduced by the following direct dependency(s):

webpack:4.44.1
        └─ micromatch:3.1.10
              └─ snapdragon:0.8.2
                    └─ define-property:0.2.5
                          └─ is-descriptor:0.1.6
                                └─ kind-of:5.1.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.5) Vulnerability due to usage of acorn:6.4.1

Vulnerabilities

DepShield reports that this application's usage of acorn:6.4.1 results in the following vulnerability(s):

Occurrences

acorn:6.4.1 is a transitive dependency introduced by the following direct dependency(s):

webpack:4.44.1
        └─ acorn:6.4.1

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.uniq:4.5.0

Vulnerabilities

DepShield reports that this application's usage of lodash.uniq:4.5.0 results in the following vulnerability(s):

Occurrences

lodash.uniq:4.5.0 is a transitive dependency introduced by the following direct dependency(s):

lerna:3.22.1
        └─ @lerna/version:3.22.1
              └─ @lerna/github-client:3.22.0
                    └─ @octokit/rest:16.43.2
                          └─ lodash.uniq:4.5.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.camelcase:4.3.0

Vulnerabilities

DepShield reports that this application's usage of lodash.camelcase:4.3.0 results in the following vulnerability(s):

Occurrences

lodash.camelcase:4.3.0 is a transitive dependency introduced by the following direct dependency(s):

rollup-plugin-postcss:3.1.5
        └─ postcss-modules:2.0.0
              └─ lodash.camelcase:4.3.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.memoize:4.1.2

Vulnerabilities

DepShield reports that this application's usage of lodash.memoize:4.1.2 results in the following vulnerability(s):

Occurrences

lodash.memoize:4.1.2 is a transitive dependency introduced by the following direct dependency(s):

@storybook/addon-storysource:5.3.19
        └─ @storybook/components:5.3.19
              └─ simplebar-react:1.2.3
                    └─ simplebar:4.2.3
                          └─ lodash.memoize:4.1.2

rollup-plugin-postcss:3.1.5
        └─ cssnano:4.1.10
              └─ cssnano-preset-default:4.0.7
                    └─ postcss-merge-rules:4.0.3
                          └─ caniuse-api:3.0.0
                                └─ lodash.memoize:4.1.2

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 5.3) Vulnerability due to usage of kind-of:2.0.1

Vulnerabilities

DepShield reports that this application's usage of kind-of:2.0.1 results in the following vulnerability(s):

Occurrences

kind-of:2.0.1 is a transitive dependency introduced by the following direct dependency(s):

@storybook/react:5.3.19
        └─ @svgr/webpack:4.3.3
              └─ @svgr/plugin-svgo:4.3.1
                    └─ merge-deep:3.0.2
                          └─ clone-deep:0.2.4
                                └─ shallow-clone:0.1.2
                                      └─ kind-of:2.0.1

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 5.3) Vulnerability due to usage of kind-of:3.2.2

Vulnerabilities

DepShield reports that this application's usage of kind-of:3.2.2 results in the following vulnerability(s):

Occurrences

kind-of:3.2.2 is a transitive dependency introduced by the following direct dependency(s):

webpack:4.44.1
        └─ micromatch:3.1.10
              └─ braces:2.3.2
                    └─ fill-range:4.0.0
                          └─ is-number:3.0.0
                                └─ kind-of:3.2.2
                    └─ snapdragon-node:2.1.1
                          └─ snapdragon-util:3.0.1
                                └─ kind-of:3.2.2
              └─ snapdragon:0.8.2
                    └─ base:0.11.2
                          └─ cache-base:1.0.1
                                └─ to-object-path:0.3.0
                                      └─ kind-of:3.2.2
                          └─ class-utils:0.3.6
                                └─ static-extend:0.1.2
                                      └─ object-copy:0.1.0
                                            └─ kind-of:3.2.2
                    └─ define-property:0.2.5
                          └─ is-descriptor:0.1.6
                                └─ is-accessor-descriptor:0.1.6
                                      └─ kind-of:3.2.2
                                └─ is-data-descriptor:0.1.4
                                      └─ kind-of:3.2.2

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.clonedeep:4.5.0

Vulnerabilities

DepShield reports that this application's usage of lodash.clonedeep:4.5.0 results in the following vulnerability(s):

Occurrences

lodash.clonedeep:4.5.0 is a transitive dependency introduced by the following direct dependency(s):

lerna:3.22.1
        └─ @lerna/publish:3.22.1
              └─ @lerna/npm-publish:3.18.5
                    └─ @evocateur/libnpmpublish:1.2.2
                          └─ lodash.clonedeep:4.5.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.get:4.4.2

Vulnerabilities

DepShield reports that this application's usage of lodash.get:4.4.2 results in the following vulnerability(s):

Occurrences

lodash.get:4.4.2 is a transitive dependency introduced by the following direct dependency(s):

lerna:3.22.1
        └─ @lerna/version:3.22.1
              └─ @lerna/github-client:3.22.0
                    └─ @octokit/rest:16.43.2
                          └─ lodash.get:4.4.2

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.set:4.3.2

Vulnerabilities

DepShield reports that this application's usage of lodash.set:4.3.2 results in the following vulnerability(s):

Occurrences

lodash.set:4.3.2 is a transitive dependency introduced by the following direct dependency(s):

lerna:3.22.1
        └─ @lerna/version:3.22.1
              └─ @lerna/github-client:3.22.0
                    └─ @octokit/rest:16.43.2
                          └─ lodash.set:4.3.2

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.debounce:4.0.8

Vulnerabilities

DepShield reports that this application's usage of lodash.debounce:4.0.8 results in the following vulnerability(s):

Occurrences

lodash.debounce:4.0.8 is a transitive dependency introduced by the following direct dependency(s):

@storybook/addon-storysource:5.3.19
        └─ @storybook/components:5.3.19
              └─ simplebar-react:1.2.3
                    └─ simplebar:4.2.3
                          └─ lodash.debounce:4.0.8

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.5) Vulnerability due to usage of debug:2.6.9

Vulnerabilities

DepShield reports that this application's usage of debug:2.6.9 results in the following vulnerability(s):

Occurrences

debug:2.6.9 is a transitive dependency introduced by the following direct dependency(s):

@percy/storybook:3.3.0
        └─ @percy/react-percy-api-client:0.4.6
              └─ debug:2.6.9
        └─ puppeteer:1.20.0
              └─ extract-zip:1.7.0
                    └─ debug:2.6.9

eslint-plugin-import:2.22.0
        └─ eslint-import-resolver-node:0.3.4
              └─ debug:2.6.9
        └─ eslint-module-utils:2.6.0
              └─ debug:2.6.9
        └─ debug:2.6.9

webpack:4.44.1
        └─ micromatch:3.1.10
              └─ extglob:2.0.4
                    └─ expand-brackets:2.1.4
                          └─ debug:2.6.9
              └─ snapdragon:0.8.2
                    └─ debug:2.6.9

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.5) Vulnerability due to usage of express:4.17.1

Vulnerabilities

DepShield reports that this application's usage of express:4.17.1 results in the following vulnerability(s):

Occurrences

express:4.17.1 is a transitive dependency introduced by the following direct dependency(s):

@storybook/react:5.3.19
        └─ @storybook/core:5.3.19
              └─ express:4.17.1

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.throttle:4.1.1

Vulnerabilities

DepShield reports that this application's usage of lodash.throttle:4.1.1 results in the following vulnerability(s):

Occurrences

lodash.throttle:4.1.1 is a transitive dependency introduced by the following direct dependency(s):

@storybook/addon-storysource:5.3.19
        └─ @storybook/components:5.3.19
              └─ simplebar-react:1.2.3
                    └─ simplebar:4.2.3
                          └─ lodash.throttle:4.1.1

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.5) Vulnerability due to usage of yargs-parser:5.0.0-security.0

Vulnerabilities

DepShield reports that this application's usage of yargs-parser:5.0.0-security.0 results in the following vulnerability(s):

Occurrences

yargs-parser:5.0.0-security.0 is a transitive dependency introduced by the following direct dependency(s):

@percy/storybook:3.3.0
        └─ yargs:7.1.1
              └─ yargs-parser:5.0.0-security.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.