Skip to content

[Snyk] Security upgrade web3modal from 1.9.8 to 1.9.12#24

Open
fabianorodrigo wants to merge 1 commit into
masterfrom
snyk-fix-0759a7b762627bd13b045cdbbe069d5e
Open

[Snyk] Security upgrade web3modal from 1.9.8 to 1.9.12#24
fabianorodrigo wants to merge 1 commit into
masterfrom
snyk-fix-0759a7b762627bd13b045cdbbe069d5e

Conversation

@fabianorodrigo
Copy link
Copy Markdown
Owner

@fabianorodrigo fabianorodrigo commented Feb 3, 2024

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • my-app/package.json
    • my-app/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
critical severity 786/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 9.3		 Incomplete List of Disallowed Inputs
SNYK-JS-BABELTRAVERSE-5962462		 No Proof of Concept
medium severity 454/1000
Why? Has a fix available, CVSS 4.8		 Undesired Behavior
SNYK-JS-STYLEDCOMPONENTS-3149924		 No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: web3modal The new version differs by 53 commits.
  • 3128d2c feat: support for rainbow wallet injected provider (#813)
  • d24ed13 publish 1.9.11
  • 8590bc6 Fixes to Sequence connector integration (#726)
  • 7eb8b96 add Zerion wallet support for v1 (#789)
  • f3eb80a Adding support for Phantom wallet (#757)
  • 0f6e9a0 Publishj 1.9.10
  • 169ce8c Add Ledger (#692)
  • 78a278f Merge pull request #563 from WalletConnect/release/1.9.9
  • 3d1c9d3 Publish 1.9.9
  • 1772ab1 Merge pull request #523 from giedriusvickus/gamestop-injected
  • 55c389b Merge branch 'master' into gamestop-injected
  • 449ec67 Merge pull request #554 from WalletConnect/fix/build-action
  • d004241 update build action to run on pr's and use lts node
  • 3c7c6ac GameStop logo svg import fix
  • 6283b4c GameStop Wallet Injected provider configuration
  • e8a33e7 cleanup example
  • 03b3c93 Merge branch '3scava1i3r-master'
  • 68eb8d4 resolve conflicts
  • b78879d Merge pull request #489 from sheraz-haider/starzwallet
  • 4ff4dd4 Merge branch 'master' into starzwallet
  • 38b9c4f Merge pull request #500 from T-Damer/patch-1
  • 6f6d75f Merge branch 'master' into patch-1
  • 11a8a2f Merge pull request #499 from VitaliyShulik/patch-2
  • 9344f1c Merge branch 'master' into patch-2

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@fabianorodrigo @snyk-bot