xrahul / notifyavailability Goto Github PK

Vulnerabilities

DepShield reports that this application's usage of lodash.throttle:4.1.1 results in the following vulnerability(s):

• (CVSS 7.4) CWE-471: Modification of Assumed-Immutable Data (MAID)
• (CVSS 6.5) [CVE-2018-3721] lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutabl...

---

Occurrences

lodash.throttle:4.1.1 is a transitive dependency introduced by the following direct dependency(s):

• react-native:0.55.4
        └─ metro:0.30.2
              └─ lodash.throttle:4.1.1
        └─ metro-core:0.30.2
              └─ lodash.throttle:4.1.1

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

Vulnerabilities

DepShield reports that this application's usage of lodash.padstart:4.6.1 results in the following vulnerability(s):

• (CVSS 7.4) CWE-471: Modification of Assumed-Immutable Data (MAID)
• (CVSS 6.5) [CVE-2018-3721] lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutabl...

---

Occurrences

lodash.padstart:4.6.1 is a transitive dependency introduced by the following direct dependency(s):

• react-native:0.55.4
        └─ npmlog:2.0.4
              └─ gauge:1.2.7
                    └─ lodash.padstart:4.6.1

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Rate-Limited

These updates are currently rate-limited. Click on a checkbox below to force their creation now.

• chore(deps): update dependency eslint to v6.8.0
• fix(deps): update dependency @react-native-community/async-storage to v1.12.1
• fix(deps): update dependency com.android.tools.build:gradle to v3.6.4
• fix(deps): update dependency react-native-background-timer to v2.4.1
• fix(deps): update dependency react-native-push-notification to v3.5.2
• chore(deps): update dependency @react-native-community/eslint-config to v3
• chore(deps): update dependency eslint to v8
• chore(deps): update dependency gradle to v8
• fix(deps): update dependency com.android.tools.build:gradle to v8
• fix(deps): update dependency org.sonarsource.scanner.gradle:sonarqube-gradle-plugin to v3
• fix(deps): update dependency react-native-push-notification to v8
• 🔐 Create all rate-limited PRs at once 🔐

Edited/Blocked

These updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox.

• fix(deps): update dependency react-native to v0.62.3 [security]
• fix(deps): update dependency org.sonarsource.scanner.gradle:sonarqube-gradle-plugin to v2.8.0.1969
• chore(deps): update dependency gradle to v5.6.4

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• fix(deps): update dependency moment to v2.29.4 [security]
• fix(deps): update dependency react-native-webview to v11 [security]
• chore(deps): update dependency @react-native-community/eslint-config to ^0.0.7
• chore(deps): update babel monorepo to v7.24.0 (@babel/core, @babel/runtime)
• chore(deps): update dependency metro-react-native-babel-preset to ^0.77.0
• fix(deps): update react monorepo to v16.14.0 (react, react-test-renderer)
• chore(deps): update jest monorepo to v29 (major) (babel-jest, jest)
• fix(deps): update react monorepo to v18 (major) (react, react-test-renderer)
• Click on this checkbox to rebase all open PRs at once

Detected dependencies

cocoapods

ios/Podfile

gradle

android/gradle.properties

android/settings.gradle

android/build.gradle

• com.android.tools.build:gradle 3.4.2
• org.sonarsource.scanner.gradle:sonarqube-gradle-plugin 2.8

android/app/build.gradle

gradle-wrapper

android/gradle/wrapper/gradle-wrapper.properties

• gradle 5.5

npm

package.json

• @react-native-community/async-storage ^1.6.2
• moment ^2.24.0
• react 16.9.0
• react-native 0.61.2
• react-native-background-timer ^2.1.1
• react-native-push-notification ^3.1.9
• react-native-webview ^7.4.2
• @babel/core ^7.6.4
• @babel/runtime ^7.6.3
• @react-native-community/eslint-config ^0.0.5
• babel-jest ^24.9.0
• eslint ^6.5.1
• jest ^24.9.0
• metro-react-native-babel-preset ^0.56.0
• react-test-renderer 16.9.0

---

• Check this box to trigger a request for Renovate to run again on this repository

Vulnerabilities

DepShield reports that this application's usage of ws:2.3.1 results in the following vulnerability(s):

• (CVSS 7.5) CWE-20: Improper Input Validation

---

Occurrences

ws:2.3.1 is a transitive dependency introduced by the following direct dependency(s):

• react-native:0.55.4
        └─ react-devtools-core:3.1.0
              └─ ws:2.3.1

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

Hello,
Good Day, i make a logo icon for your project.If you want to use this icon in your project, then comment below, I will give you the source file. And if you want a change, then tell me I will change. which icon you like please tell me.