New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump micromatch from 4.0.7 to 4.0.8 #10

Open

dependabot wants to merge 1 commit into master from dependabot/npm_and_yarn/micromatch-4.0.8

Open

Bump micromatch from 4.0.7 to 4.0.8 #10

Bump micromatch from 4.0.7 to 4.0.8

BuildStatus / audit completed Sep 12, 2024 in 9s

npm audit security report

Found 6 vulnerabilities (3 high, 3 total) in 0 scanned packages

Details

High: axios (1.3.2 - 1.7.3)

Server-Side Request Forgery in axios (1098583: GHSA-8hc4-vh64-cxmj)

High: nise (5.1.6 - 6.0.0)

via path-to-regexp

High: path-to-regexp (4.0.0 - 7.2.0)

path-to-regexp outputs backtracking regular expressions (1099538: GHSA-9wv6-86v2-598j)

View more details on BuildStatus