timbeadle / cfpathcheck Goto Github PK
View Code? Open in Web Editor NEWStatic analysis for cfml template import and include paths
License: MIT License
Static analysis for cfml template import and include paths
License: MIT License
Vulnerabilities
DepShield reports that this application's usage of lodash.flatten:4.4.0 results in the following vulnerability(s):
Occurrences
lodash.flatten:4.4.0 is a transitive dependency introduced by the following direct dependency(s):
• snyk:1.119.0
└─ snyk-resolve-deps:4.0.2
└─ lodash.flatten:4.4.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
1.246.0
to 1.247.0
.This version is covered by your current version range and after updating it in your project the build failed.
snyk is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.
The new version differs by 4 commits.
e69ef82
Merge pull request #861 from snyk/feat/introduce-jar-files
e699598
feat: add *.war support
0189a39
chore: split up test and monitor tests
e845d19
feat: detect *.jar files as maven
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
15.9.5
to 15.9.6
.This version is covered by your current version range and after updating it in your project the build failed.
eslint-plugin-jsdoc is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
check-indentation
: excludeTags
option, add tests, default on (d7aa4e8), closes /github.com/gajus/eslint-plugin-jsdoc/pull/388#discussion_r329847553check-indentation
: fix code style issue (41af93c)check-indentation
: ignore example code blocks (6de2256), closes #334check-indentation
: update function and variable names (756520a)check-indentation
: update README, default to false, lint ok (933b74a)The new version differs by 5 commits.
756520a
fix(check-indentation
): update function and variable names
41af93c
fix(check-indentation
): fix code style issue
d7aa4e8
fix(check-indentation
): excludeTags
option, add tests, default on
933b74a
fix(check-indentation
): update README, default to false, lint ok
6de2256
fix(check-indentation
): ignore example code blocks
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
15.4.2
to 15.5.0
.This version is covered by your current version range and after updating it in your project the build failed.
eslint-plugin-jsdoc is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
The new version differs by 4 commits.
0eb7a0c
feat(require-description-complete-sentence): limit checking to certain default tags likely to have descriptions or by tags
array for additional choices; fixes #337
2e2af0d
docs(newline-after-description): indicate applies on doc block
b396832
docs(match-description): add alias desc
to separate column
4d5400f
docs(match-description): indicate application by default to description
/desc
and allowance for property
/prop
; clarify
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
Vulnerabilities
DepShield reports that this application's usage of debug:2.6.9 results in the following vulnerability(s):
Occurrences
debug:2.6.9 is a transitive dependency introduced by the following direct dependency(s):
• snyk:1.239.4
└─ proxy-agent:3.1.1
└─ pac-proxy-agent:3.0.1
└─ get-uri:2.0.4
└─ debug:2.6.9
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Vulnerabilities
DepShield reports that this application's usage of lodash.clone:4.5.0 results in the following vulnerability(s):
Occurrences
lodash.clone:4.5.0 is a transitive dependency introduced by the following direct dependency(s):
• snyk:1.119.0
└─ snyk-resolve-deps:4.0.2
└─ lodash.clone:4.5.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
1.111.1
to 1.112.0
.This version is covered by your current version range and after updating it in your project the build failed.
snyk is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
The new version differs by 2 commits.
ab6f5c8
Merge pull request #284 from snyk/feat/bump-lockfile-parser
762f056
feat: Bump required lockfile parser version
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
1.279.0
to 1.279.1
.This version is covered by your current version range and after updating it in your project the build failed.
snyk is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.
The new version differs by 4 commits.
240f623
Merge pull request #947 from snyk/fix/wizard-adding-snyk-dependency
49b0cd3
fix: snyk always being added as dependency when running wizard
ab83ab8
Merge pull request #961 from snyk/chore/convert-exec-version-to-ts
7d4a91c
chore: convert get version and exec to ts
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
1.258.0
to 1.258.1
.This version is covered by your current version range and after updating it in your project the build failed.
snyk is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.
The new version differs by 3 commits.
b0bd447
Merge pull request #895 from snyk/fix/remove-tree-kill
f8c6aa8
chore: disable npm cache to unblock tests
9c37bb4
fix: Remove tree-kill dependency
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
1.179.0
to 1.179.1
.This version is covered by your current version range and after updating it in your project the build failed.
snyk is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
The new version differs by 2 commits.
de94535
Merge pull request #583 from snyk/fix/gomodules-name-version
7cbc9e1
fix: name and version in gomodules
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
Vulnerabilities
DepShield reports that this application's usage of lodash.get:4.4.2 results in the following vulnerability(s):
Occurrences
lodash.get:4.4.2 is a transitive dependency introduced by the following direct dependency(s):
• snyk:1.119.0
└─ snyk-resolve-deps:4.0.2
└─ lodash.get:4.4.2
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
eslint
, eslint-config-xo
)These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.
node
, @types/node
)github-actions
.github/workflows/codeql-analysis.yml
actions/checkout v4
github/codeql-action v3
github/codeql-action v3
github/codeql-action v3
.github/workflows/nodejs.yml
actions/checkout v4
actions/setup-node v4
npm
package.json
@snyk/protect ^1.1292.4
chalk ^5.3.0
checkstyle-formatter ^1.1.0
crlf ^1.1.1
deep-equal ^2.2.3
glob ^10.4.5
log-symbols ^7.0.0
minimist ^1.2.8
@eslint/eslintrc ^3.1.0
@eslint/js ^9.9.0
@types/chai 4.3.17
@types/checkstyle-formatter 1.0.2
@types/deep-equal 1.0.4
@types/glob 8.1.0
@types/minimist 1.2.5
@types/mocha 10.0.7
@types/node ^22.4.2
chai 5.1.1
eslint 9.9.0
eslint-config-xo 0.45.0
globals ^15.9.0
ls-engines 0.9.3
mocha 10.7.3
npm-run-all2 6.2.2
nyc 17.0.0
prettier 3.3.3
rimraf ^5.0.10
typescript ^5.5.4
node >= 18.20.3
node 18.20.3
npm 10.8.2
github-actions
.github/workflows/codeql-analysis.yml
actions/checkout v4
github/codeql-action v3
github/codeql-action v3
github/codeql-action v3
.github/workflows/nodejs.yml
actions/checkout v4
actions/setup-node v4
npm
package.json
@snyk/protect ^1.1292.4
chalk ^5.3.0
checkstyle-formatter ^1.1.0
crlf ^1.1.1
deep-equal ^2.2.3
glob ^10.4.5
log-symbols ^5.1.0
minimist ^1.2.8
@types/chai 4.3.17
@types/checkstyle-formatter 1.0.2
@types/deep-equal 1.0.4
@types/glob 8.1.0
@types/minimist 1.2.5
@types/mocha 10.0.7
@types/node ^20.14.9
chai 5.1.1
eslint 8.57.0
eslint-config-xo 0.45.0
eslint-plugin-import 2.29.1
eslint-plugin-redos 4.4.5
ls-engines 0.9.3
mocha 10.7.3
npm-run-all2 6.2.2
nyc 15.1.0
prettier 3.3.3
typescript ^5.5.4
node >= 16.14
node 16.20.2
npm 9.9.3
1.239.5
to 1.240.0
.This version is covered by your current version range and after updating it in your project the build failed.
snyk is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.
The new version differs by 3 commits.
2248b5c
Merge pull request #807 from snyk/feat/replace-spinner
bf6c40e
feat: user external spinner in npm and monitor
05738b1
feat: introduce spinner lib to replace custom one
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
4.17.11
to 4.17.12
.This version is covered by your current version range and after updating it in your project the build failed.
lodash is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
1.158.0
to 1.159.0
.This version is covered by your current version range and after updating it in your project the build failed.
snyk is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
The new version differs by 3 commits.
e21d494
Merge pull request #471 from snyk/feat/release-mvn-plugin-with-more-tests
a688e5b
feat: release mvn plugin with better test matrix
74ef425
chore: change quote types for singles
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
4.6.0
to 4.7.0
.This version is covered by your current version range and after updating it in your project the build failed.
eslint-plugin-jsdoc is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
The new version differs by 2 commits.
7505604
feat: make check-returns ignore abstract methods
b1301d6
Makes "Check Returns" ignore abstract methods.
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
The project could not be analyzed because of build errors. Please review the error messages here. Another build will be scheduled within 24 hours. If the build is successful this issue will be closed, otherwise the error message will be updated.
This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.
Proposed change:
☝️ Important announcement: Greenkeeper will be saying goodbye 👋 and passing the torch to Snyk on June 3rd, 2020! Find out how to migrate to Snyk and more at greenkeeper.io
1.2.4
to 1.2.5
.This version is covered by your current version range and after updating it in your project the build failed.
minimist is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
1.112.0
to 1.113.0
.This version is covered by your current version range and after updating it in your project the build failed.
snyk is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
Vulnerabilities
DepShield reports that this application's usage of lodash.assign:4.2.0 results in the following vulnerability(s):
Occurrences
lodash.assign:4.2.0 is a transitive dependency introduced by the following direct dependency(s):
• snyk:1.119.0
└─ snyk-resolve-deps:4.0.2
└─ lodash.assign:4.2.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
1.16.2
to 1.16.3
.This version is covered by your current version range and after updating it in your project the build failed.
prettier is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
1.144.0
to 1.145.0
.This version is covered by your current version range and after updating it in your project the build failed.
snyk is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
The new version differs by 4 commits.
18c6037
Merge pull request #421 from snyk/fix/older-nuget-plugin
7729677
fix: downgrade nuget plugin
6f1412f
Merge pull request #418 from snyk/fix/bump-deps
26f40fb
feat: bump deps
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
4.8.3
to 4.8.4
.This version is covered by your current version range and after updating it in your project the build failed.
eslint-plugin-jsdoc is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
The new version differs by 30 commits.
9c586c5
docs: generate docs
0b04319
fix: update GitSpo badge URL
9922684
Merge branch 'master' of github.com:gajus/eslint-plugin-jsdoc
25cbc06
docs: generate docs
ae9bcc4
docs: add GitSpo mentions badge
a075dec
Merge pull request #212 from brettz9/issue-210-callback
ff57654
Merge pull request #213 from brettz9/expand-check-types
8754dcd
- Expand types checked
cf31761
- Allow callback-defined types in noUndefinedTypes
; fixes #210; also adds null
, undefined
, Array
, Object
, RegExp
, Date
, Function
4640a35
Merge pull request #207 from TuckerWhitehouse/check-tag-names-replacement
dc6857a
Merge pull request #205 from allthesignals/master
3742994
docs: use semantic tags to describe relationship between files
6eb8324
docs: remove superfluous comment
69b1b51
Re-enable sort-keys property style; re-order keys to comply
54d063d
Remove unnecessary comment
There are 30 commits in total.
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
1.143.5
to 1.143.6
.This version is covered by your current version range and after updating it in your project the build failed.
snyk is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
The new version differs by 2 commits.
d11f12a
Merge pull request #417 from snyk/fix/patched-files-in
7fc32ca
fix: create copies of original files prior to patching
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
1.17.1
to 1.18.0
.This version is covered by your current version range and after updating it in your project the build failed.
prettier is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
7.1.0
to 7.2.0
.This version is covered by your current version range and after updating it in your project the build failed.
eslint-plugin-jsdoc is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
The new version differs by 6 commits.
a05741a
feat(check-alignment): add fixer
188dbe8
Revert "enhancement(check-alignment): add fixer"
294026e
Merge pull request #264 from jasminexie/master
e39c729
enhancement(check-alignment): add fixer
7883e44
docs: generate docs
7083a84
test: add test case for #263
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
5.15.3
to 5.16.0
.This version is covered by your current version range and after updating it in your project the build failed.
eslint is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
dfef227
Build: gensite passes rulesMeta to formatter rendering (#11567) (Kevin Partington)c06d38c
Fix: Allow HTML formatter to handle no meta data (#11566) (Ilya Volodin)87a5c03
Docs: func-style
: clarify when allowArrowFunctions
is used (#11548) (Oliver Joseph Ash)bc3e427
Update: pass rule meta to formatters RFC 10 (#11551) (Chris Meyer)b452f27
Chore: Update README to pull in reviewer data (#11506) (Nicholas C. Zakas)afe3d25
Upgrade: Bump js-yaml dependency to fix Denial of Service vulnerability (#11550) (Vernon de Goede)4fe7eb7
Chore: use nyc instead of istanbul (#11532) (Toru Nagashima)f16af43
Chore: fix formatters/table test (#11534) (Toru Nagashima)78358a8
Docs: fix duplicate punctuation in CLI docs (#11528) (Teddy Katz)The new version differs by 11 commits.
ded2f94
5.16.0
ea36e13
Build: changelog update for 5.16.0
dfef227
Build: gensite passes rulesMeta to formatter rendering (#11567)
c06d38c
Fix: Allow HTML formatter to handle no meta data (#11566)
87a5c03
Docs: func-style
: clarify when allowArrowFunctions
is used (#11548)
bc3e427
Update: pass rule meta to formatters RFC 10 (#11551)
b452f27
Chore: Update README to pull in reviewer data (#11506)
afe3d25
Upgrade: Bump js-yaml dependency to fix Denial of Service vulnerability (#11550)
4fe7eb7
Chore: use nyc instead of istanbul (#11532)
f16af43
Chore: fix formatters/table test (#11534)
78358a8
Docs: fix duplicate punctuation in CLI docs (#11528)
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
Vulnerabilities
DepShield reports that this application's usage of lodash.clonedeep:4.5.0 results in the following vulnerability(s):
Occurrences
lodash.clonedeep:4.5.0 is a transitive dependency introduced by the following direct dependency(s):
• snyk:1.119.0
└─ snyk-policy:1.13.3
└─ lodash.clonedeep:4.5.0
└─ snyk-try-require:1.3.1
└─ lodash.clonedeep:4.5.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
4.8.0
to 4.8.1
.This version is covered by your current version range and after updating it in your project the build failed.
eslint-plugin-jsdoc is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
The new version differs by 12 commits.
7794dd6
fix: require returns
a053125
docs: generate docs
9033898
Suppress require-returns for @override, @constructor, and class constructor
0f4a878
Merge pull request #146 from sandersn/parse-typescript-types
a99dc37
Fix blank-line lint
a81160e
docs: generate docs
14f7480
Merge branch 'master' into parse-typescript-types
2d1e1fc
Fix trailing-comma lint
88347e7
docs: generate docs
fe2b3c2
Update jsdoctypeparser to 3.1.0 + test arrow types
3a449f1
Test typeof and import types from Typescript
25305d4
Add tests for typeof and import types from Typescript
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
Vulnerabilities
DepShield reports that this application's usage of lodash.assignin:4.2.0 results in the following vulnerability(s):
Occurrences
lodash.assignin:4.2.0 is a transitive dependency introduced by the following direct dependency(s):
• snyk:1.119.0
└─ snyk-resolve-deps:4.0.2
└─ lodash.assignin:4.2.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Vulnerabilities
DepShield reports that this application's usage of lodash.snakecase:4.1.1 results in the following vulnerability(s):
Occurrences
lodash.snakecase:4.1.1 is a transitive dependency introduced by the following direct dependency(s):
• xo:0.25.3
└─ eslint-plugin-unicorn:12.1.0
└─ lodash.snakecase:4.1.1
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
1.147.4
to 1.148.0
.This version is covered by your current version range and after updating it in your project the build failed.
snyk is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.
The new version differs by 3 commits.
2731ed2
Merge pull request #432 from snyk/feat/monitor-all-sub-projects
4b7b430
test: monitor --all-sub-projects with multiple targets
d12167d
feat: monitor all-sub-projecs
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
Vulnerabilities
DepShield reports that this application's usage of lodash.flattendeep:4.4.0 results in the following vulnerability(s):
Occurrences
lodash.flattendeep:4.4.0 is a transitive dependency introduced by the following direct dependency(s):
• nyc:14.1.1
└─ caching-transform:3.0.2
└─ package-hash:3.0.0
└─ lodash.flattendeep:4.4.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
<cfimport prefix='foobar' taglib='../ctags/foobar/' />
doesn't work because the regex is looking for a double quote around the path.Vulnerabilities
DepShield reports that this application's usage of lodash.set:4.3.2 results in the following vulnerability(s):
Occurrences
lodash.set:4.3.2 is a transitive dependency introduced by the following direct dependency(s):
• snyk:1.119.0
└─ snyk-resolve-deps:4.0.2
└─ lodash.set:4.3.2
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Vulnerabilities
DepShield reports that this application's usage of lodash.isequal:4.5.0 results in the following vulnerability(s):
Occurrences
lodash.isequal:4.5.0 is a transitive dependency introduced by the following direct dependency(s):
• xo:0.25.3
└─ lodash.isequal:4.5.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Vulnerabilities
DepShield reports that this application's usage of lodash.camelcase:4.3.0 results in the following vulnerability(s):
Occurrences
lodash.camelcase:4.3.0 is a transitive dependency introduced by the following direct dependency(s):
• xo:0.25.3
└─ eslint-plugin-unicorn:12.1.0
└─ lodash.camelcase:4.3.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
1.281.1
to 1.282.0
.This version is covered by your current version range and after updating it in your project the build failed.
snyk is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.
The new version differs by 4 commits.
7e30ef6
Merge pull request #965 from snyk/feat/cocopoads-all-projects
5851a7f
feat: enable cocoapods for --all-projects scanning
8f6034f
Merge pull request #968 from snyk/chore/update-file-options-help-file
2a44527
chore: Added info about --file for monitor
See the full diff
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper Bot 🌴
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.