sylvaincombes / jquery-images-compare Goto Github PK

Vulnerabilities

DepShield reports that this application's usage of debug:2.6.9 results in the following vulnerability(s):

• (CVSS 7.5) CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')

Occurrences

debug:2.6.9 is a transitive dependency introduced by the following direct dependency(s):

• node-qunit-phantomjs:2.1.0
        └─ phantomjs-prebuilt:2.1.16
              └─ extract-zip:1.6.7
                    └─ debug:2.6.9

• qunit:2.8.0
        └─ findup-sync:2.0.0
              └─ micromatch:3.1.10
                    └─ extglob:2.0.4
                          └─ expand-brackets:2.1.4
                                └─ debug:2.6.9
                    └─ snapdragon:0.8.2
                          └─ debug:2.6.9

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

Vulnerabilities

DepShield reports that this application's usage of phantomjs-prebuilt:2.1.16 results in the following vulnerability(s):

• (CVSS 7.4) CWE-300: Channel Accessible by Non-Endpoint ('Man-in-the-Middle')

Occurrences

phantomjs-prebuilt:2.1.16 is a transitive dependency introduced by the following direct dependency(s):

• node-qunit-phantomjs:2.1.0
        └─ phantomjs-prebuilt:2.1.16

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

Vulnerabilities

DepShield reports that this application's usage of d:1.0.0 results in the following vulnerability(s):

• (CVSS 7.5) CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Occurrences

d:1.0.0 is a transitive dependency introduced by the following direct dependency(s):

• copy-cli:1.2.1
        └─ cli-color:1.4.0
              └─ d:1.0.0
              └─ es5-ext:0.10.46
                    └─ es6-symbol:3.1.1
                          └─ d:1.0.0
              └─ es6-iterator:2.0.3
                    └─ d:1.0.0
              └─ memoizee:0.4.14
                    └─ d:1.0.0
                    └─ es6-weak-map:2.0.2
                          └─ d:1.0.0
                    └─ event-emitter:0.3.5
                          └─ d:1.0.0

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

When using two png images the left one shows the right one underneath, as the right one is not clipped, how do I prevent this?

Vulnerabilities

DepShield reports that this application's usage of set-value:2.0.0 results in the following vulnerability(s):

• (CVSS 7.5) CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')

Occurrences

set-value:2.0.0 is a transitive dependency introduced by the following direct dependency(s):

• qunit:2.8.0
        └─ findup-sync:2.0.0
              └─ micromatch:3.1.10
                    └─ snapdragon:0.8.2
                          └─ base:0.11.2
                                └─ cache-base:1.0.1
                                      └─ set-value:2.0.0

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

Version 3.0.20 of uglify-js just got published.

This version is covered by your current version range and after updating it in your project the build failed.

As uglify-js is “only” a devDependency of this project it might not break production or downstream projects, but “only” your build or test tools – preventing new deploys or publishes.

I recommend you give this issue a high priority. I’m sure you can resolve this 💪

Your Greenkeeper Bot 🌴

Version 2.8.0 of uglify-js just got published.

This version is covered by your current version range and after updating it in your project the build failed.

As uglify-js is “only” a devDependency of this project it might not break production or downstream projects, but “only” your build or test tools – preventing new deploys or publishes.

I recommend you give this issue a high priority. I’m sure you can resolve this 💪

Your Greenkeeper Bot 🌴

Version 2.1.1 of qunitjs just got published.

This version is covered by your current version range and after updating it in your project the build failed.

As qunitjs is “only” a devDependency of this project it might not break production or downstream projects, but “only” your build or test tools – preventing new deploys or publishes.

I recommend you give this issue a high priority. I’m sure you can resolve this 💪

Your Greenkeeper Bot 🌴

Version 3.2.0 of jquery just got published.

This version is covered by your current version range and after updating it in your project the build failed.

As jquery is a direct dependency of this project this is very likely breaking your project right now. If other packages depend on you it’s very likely also breaking them.
I recommend you give this issue a very high priority. I’m sure you can resolve this 💪

Your Greenkeeper Bot 🌴

Version 1.6.1 of node-qunit-phantomjs was just published.

This version is covered by your current version range and after updating it in your project the build failed.

node-qunit-phantomjs is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Your Greenkeeper Bot 🌴

Vulnerabilities

DepShield reports that this application's usage of clean-css:3.4.28 results in the following vulnerability(s):

• (CVSS 7.5) CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')

Occurrences

clean-css:3.4.28 is a transitive dependency introduced by the following direct dependency(s):

• copy-cli:1.2.1
        └─ clean-css:3.4.28

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

Vulnerabilities

DepShield reports that this application's usage of set-value:0.4.3 results in the following vulnerability(s):

• (CVSS 7.5) CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')

Occurrences

set-value:0.4.3 is a transitive dependency introduced by the following direct dependency(s):

• qunit:2.8.0
        └─ findup-sync:2.0.0
              └─ micromatch:3.1.10
                    └─ snapdragon:0.8.2
                          └─ base:0.11.2
                                └─ cache-base:1.0.1
                                      └─ union-value:1.0.0
                                            └─ set-value:0.4.3

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

Version 2.4.0 of qunitjs just got published.

This version is covered by your current version range and after updating it in your project the build failed.

As qunitjs is “only” a devDependency of this project it might not break production or downstream projects, but “only” your build or test tools – preventing new deploys or publishes.

I recommend you give this issue a high priority. I’m sure you can resolve this 💪

Your Greenkeeper Bot 🌴

Hello.

I'd like to fit te images vertically within the container.

I am loading the slider within an <iframe> and I need the height of <iframe> to be a fixed 600px. I could fit the container by using height: 100%; in the CSS of class .images-compare-container, however, the images just don't fit vertically. I've tried setting their height: 100%; in the class .images-compare-before img, .images-compare-after img and also tried object-fit: cover;, nothing works. The height of the image gets clipped no matter what. I don't mind the extra space along the width of the images (except, they should not get spaced from the center as then the slider would behave in a weird way).

Is this possible and can someone help me with it?

Depshield will be deprecated on Monday December 12th

Please install our new product, Sonatype Lift with advanced features

Version 3.3.1 of jquery was just published.

This version is covered by your current version range and after updating it in your project the build failed.

jquery is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Your Greenkeeper Bot 🌴