Skip to content

[Snyk] Security upgrade swagger-ui from 3.23.11 to 3.24.0#18

Open
monogrammbot wants to merge 1 commit into
masterfrom
snyk-fix-d8bd8a0624498c0a888da8b48d21172d
Open

[Snyk] Security upgrade swagger-ui from 3.23.11 to 3.24.0#18
monogrammbot wants to merge 1 commit into
masterfrom
snyk-fix-d8bd8a0624498c0a888da8b48d21172d

Conversation

@monogrammbot

Copy link
Copy Markdown

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 611/1000
Why? Recently disclosed, Has a fix available, CVSS 6.5
Cross-site Scripting (XSS)
SNYK-JS-DOMPURIFY-2863266
No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: swagger-ui The new version differs by 21 commits.
  • 7e5974c release: v3.24.0
  • 25025cb fix: overweight dependencies in PKCE implementation (#5658)
  • 75a0e5d fix(validateParam): validate JSON parameter values + support `Parameter.content` (#5657)
  • 71a17f8 housekeeping: use HTTPS links in README.md (#5651)
  • 7317fff housekeeping: add homepage URL to package.json (#5652)
  • 9253c0b improvement: add `<title>` tag to oauth2-redirect.html (#5644)
  • 139592e feat: add PKCE support for OAuth2 Authorization Code flows (#5361)
  • 8cabcff housekeeping: document Docker `OAUTH2_REDIRECT_URL` option (#5641)
  • fa351aa housekeeping: `npm audit` concerns (#5640)
  • 93f7a82 housekeeping(deps): dompurify v2 (#5634)
  • 4d50583 housekeeping(dev-deps): webpack@4.41.0
  • 2976373 housekeeping(dev-deps): webpack-dev-server@3.8.1
  • 411515c housekeeping(dev-deps): webpack-cli@3.3.9
  • 60933f3 housekeeping(dev-deps): release-it@12.4.1
  • 18c849b housekeeping(dev-deps): nightwatch@1.2.4
  • bfc2bd5 housekeeping(dev-deps): json-server@0.15.1
  • 7d28e69 housekeeping(dev-deps): babel monorepo
  • 0df4714 housekeeping(deps): @ braintree/sanitize-url v3 (#5563)
  • 81cc06f housekeeping: change git clone URL (#5612)
  • dd6cdf1 fix: `parameterMacro` functionality for OAS3 (via #5617)
  • 89dbf0a Delete CONTRIBUTING.md (#5619)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants