Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[NEUTRAL] Update dependency @dependabot/yarn-lib to v1.22.19 #970

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[NEUTRAL] Update dependency @dependabot/yarn-lib to v1.22.19 #970

wants to merge 1 commit into from

Conversation

mend-for-github-com[bot]
Copy link

@mend-for-github-com mend-for-github-com bot commented Apr 23, 2023
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@dependabot/yarn-lib 1.21.1 -> 1.22.19 age adoption passing confidence

By merging this PR, the issue #800 will be automatically resolved and closed:

Severity CVSS Score CVE
Critical Critical 9.8 CVE-2022-37601
High High 8.8 CVE-2022-46175
High High 8.6 CVE-2021-23434
High High 7.5 CVE-2021-3805
High High 7.5 CVE-2021-3807
High High 7.5 CVE-2022-37603

Release Notes

yarnpkg/yarn (@​dependabot/yarn-lib)

v1.22.19

Compare Source

  • Adds compatibility with WebAuthn on the npm registry
  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by WhiteSource label Apr 23, 2023
@mend-for-github-com mend-for-github-com bot changed the title chore(deps): update dependency @dependabot/yarn-lib to v1.22.19 chore(deps): update dependency @dependabot/yarn-lib to v1.22.19 - autoclosed Jun 15, 2023
@mend-for-github-com mend-for-github-com bot deleted the whitesource-remediate/dependabot-yarn-lib-1.x-lockfile branch June 15, 2023 15:17
@mend-for-github-com mend-for-github-com bot changed the title chore(deps): update dependency @dependabot/yarn-lib to v1.22.19 - autoclosed chore(deps): update dependency @dependabot/yarn-lib to v1.22.19 Jun 18, 2023
@mend-for-github-com mend-for-github-com bot reopened this Jun 18, 2023
@mend-for-github-com mend-for-github-com bot restored the whitesource-remediate/dependabot-yarn-lib-1.x-lockfile branch June 18, 2023 21:43
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/dependabot-yarn-lib-1.x-lockfile branch from 4a71123 to 68c87da Compare June 18, 2023 21:46
@mend-for-github-com mend-for-github-com bot changed the title chore(deps): update dependency @dependabot/yarn-lib to v1.22.19 [NEUTRAL] Update dependency @dependabot/yarn-lib to v1.22.19 Mar 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
security fix Security fix generated by WhiteSource
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants