[Snyk] Security upgrade nuxt-i18n from 6.20.1 to 6.28.1
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this Merge Request
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
---|---|---|---|---|
786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3 |
Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462 |
No | Proof of Concept | |
641/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.4 |
Prototype Pollution SNYK-JS-JSON5-3182856 |
No | Proof of Concept | |
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905 |
No | Proof of Concept | |
681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2 |
Command Injection SNYK-JS-LODASH-1040724 |
No | Proof of Concept | |
506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7 |
Prototype Pollution SNYK-JS-MINIMIST-2429795 |
No | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: nuxt-i18n
The new version differs by 103 commits.- 4419581 chore: release 6.28.1
- cf67381 chore(deps): update dependency js-cookie to v3 (#1246)
- 6d173cb chore(deps): update all non-major dependencies (#1245)
- cb67e05 fix: error on loading when using nuxt-vite (#1251)
- dde070f chore: release 6.28.0
- 8a6a056 feat: allow disabling route sorting (#1241)
- 203f3db fix: custom routes with optional params adjusted incorrectly (#1243)
- 6c9b48f fix: don't skip the cookie if no locale is detected in the route (#1235)
- 9fcebda chore(deps): update all non-major dependencies (#1236)
- 3c5fc13 chore(docs): fix grammar
- 98bde02 chore: release 6.27.3
- 27fb366 chore(deps): update all non-major dependencies (#1166)
- 0527d63 fix: redirect without appending extra chars (#1214)
- 16105c6 docs: specify that `routeId` in example is not hard-coded (#1216)
- 5de6ca2 chore: release 6.27.2
- 22acb6e chore(deps): update all non-major dependencies (#1209)
- d2dd400 fix: ensure localeProperties is reactive (on locale change) (#1208)
- acc1145 fix(types): fix compatibility issue with typescript 4.3.x+ (#1205)
- 3559988 chore: release 6.27.1
- 385709e chore(deps): update all non-major dependencies
- 1ecb43f chore(deps): update devdependency jest to v27 (#1179)
- bf5c1ef chore(deps): update devdependency @ release-it/conventional-changelog to v3 (#1188)
- c34ac75 chore(license): unify joint copyright notice in LICENSE file (#1194)
- 482317b fix(types): fix "lazy" type in deprecated types (#1190)
Check the changes in this Merge Request to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
Learn how to fix vulnerabilities with free interactive lessons: