Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade: , jquery-validation, chart.js, ckeditor4, cypress, fullcalendar, i18next #35

Closed

Conversation

respencer
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

@fortawesome/fontawesome-free
from 6.5.2 to 6.6.0 | 1 version ahead of your current version | 2 months ago
on 2024-07-16
jquery-validation
from 1.20.1 to 1.21.0 | 1 version ahead of your current version | 2 months ago
on 2024-07-17
chart.js
from 4.4.3 to 4.4.4 | 1 version ahead of your current version | a month ago
on 2024-08-20
ckeditor4
from 4.24.0 to 4.25.0 | 1 version ahead of your current version | a month ago
on 2024-08-21
cypress
from 13.13.0 to 13.14.0 | 4 versions ahead of your current version | 22 days ago
on 2024-08-27
fullcalendar
from 6.1.14 to 6.1.15 | 1 version ahead of your current version | 2 months ago
on 2024-07-12
i18next
from 23.11.5 to 23.14.0 | 10 versions ahead of your current version | a month ago
on 2024-08-19

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
medium severity Cross-site Scripting (XSS)
SNYK-JS-CKEDITOR4-7786373
304 No Known Exploit
low severity Cross-site Scripting (XSS)
SNYK-JS-CKEDITOR4-7786368
304 No Known Exploit
Release notes
Package name: @fortawesome/fontawesome-free from @fortawesome/fontawesome-free GitHub release notes
Package name: jquery-validation from jquery-validation GitHub release notes
Package name: chart.js from chart.js GitHub release notes
Package name: ckeditor4
  • 4.25.0 - 2024-08-21

    Added CKEditor 4.25.0 standard-all.

  • 4.24.0 - 2024-02-07

    Added CKEditor 4.24.0 standard-all.

from ckeditor4 GitHub release notes
Package name: cypress from cypress GitHub release notes
Package name: fullcalendar
  • 6.1.15 - 2024-07-12

    General

    • fix: dragScroll does not work on multiMonth view (#7324)
    • fix: clicking on nowIndicator line ignores the event behind (#6801)
    • fix: dates not selectable in Shadow DOM since v6.1.12 (#7685)

    React

    • fix: adaptive print version shows events with custom eventContent with zero height (#7419)
  • 6.1.14 - 2024-06-05

    React

    • React 19 support

    Angular

    • Angular 18 support (#7682)
from fullcalendar GitHub release notes
Package name: i18next
  • 23.14.0 - 2024-08-19
    • If backend errors with retry flag, set internal state to 0, so reloadingResources should work 147
  • 23.13.0 - 2024-08-16
    • Cache output of getRule to optimize performance 2226
  • 23.12.7 - 2024-08-15
    • revert last optimization to address 2227
  • 23.12.6 - 2024-08-15
    • remove console.log statement 2227
  • 23.12.5 - 2024-08-15
    • try to optimize last fix for 2227
  • 23.12.4 - 2024-08-15
    • try to address 2227 without the removal of cached formatter for in-built formatters
  • 23.12.3 - 2024-08-12
    • fix: Using a comma in a formatter parameter 2225
  • 23.12.2 - 2024-07-19
    • fix: Nested translation resolution between languages uses the fallback language for nested translations 2216 by preserving issue fix "lng is undefined when formatter used in $t( )" 1938
  • 23.12.1 - 2024-07-14
    • Use explicit imports for utils 2212
  • 23.12.0 - 2024-07-14
    • feat: Add posibility to override keyPrefix for certain translation. 2211
  • 23.11.5 - 2024-05-20
from i18next GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Snyk has created this PR to upgrade:
  - @fortawesome/fontawesome-free from 6.5.2 to 6.6.0.
    See this package in npm: https://www.npmjs.com/package/@fortawesome/fontawesome-free
  - jquery-validation from 1.20.1 to 1.21.0.
    See this package in npm: https://www.npmjs.com/package/jquery-validation
  - chart.js from 4.4.3 to 4.4.4.
    See this package in npm: https://www.npmjs.com/package/chart.js
  - ckeditor4 from 4.24.0 to 4.25.0.
    See this package in npm: https://www.npmjs.com/package/ckeditor4
  - cypress from 13.13.0 to 13.14.0.
    See this package in npm: https://www.npmjs.com/package/cypress
  - fullcalendar from 6.1.14 to 6.1.15.
    See this package in npm: https://www.npmjs.com/package/fullcalendar
  - i18next from 23.11.5 to 23.14.0.
    See this package in npm: https://www.npmjs.com/package/i18next

See this project in Snyk:
https://app.snyk.io/org/respencer/project/bcafe9f2-0544-4595-877e-01a68c123c9e?utm_source=github&utm_medium=referral&page=upgrade-pr
Copy link

github-actions bot commented Nov 3, 2024

This PR is stale because it has been open 45 days with no activity. Remove stale label or comment or this will be closed in 10 days.

@github-actions github-actions bot added the Stale label Nov 3, 2024
Copy link

This PR was closed because it has been stalled for 15 days with no activity.

@github-actions github-actions bot closed this Nov 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants