[Snyk] Fix for 2 vulnerabilities#167
Conversation
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-VITE-15922213 - https://snyk.io/vuln/SNYK-JS-NUXTOGIMAGE-15912491
|
This upgrade has a high risk of breaking changes, primarily due to the major version jump in [email protected] → [email protected] (High Risk)This is a major upgrade across multiple versions (v3 → v6) with several breaking changes. Most importantly, Key breaking changes include:
Recommendation: Do not proceed with this upgrade as specified. The [email protected] → [email protected] (Medium Risk)This minor version upgrade introduces two notable changes that require verification:
Recommendation: Verify your development server setup and any dependencies that rely on a specific version of Vite before merging.
|
Snyk has created this PR to fix 2 vulnerabilities in the pnpm dependencies of this project.
Snyk changed the following file(s):
package.jsonVulnerabilities that will be fixed with an upgrade:
SNYK-JS-VITE-15922213
SNYK-JS-NUXTOGIMAGE-15912491
Breaking Change Risk
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Server-side Request Forgery (SSRF)
🦉 Directory Traversal