Skip to content

[Snyk] Security upgrade next from 15.5.5 to 15.5.9#114

Closed
snyk-io[bot] wants to merge 0 commit intomasterfrom
snyk-fix-1a42f46a3694152c28f6d1d4dc5aea44
Closed

[Snyk] Security upgrade next from 15.5.5 to 15.5.9#114
snyk-io[bot] wants to merge 0 commit intomasterfrom
snyk-fix-1a42f46a3694152c28f6d1d4dc5aea44

Conversation

@snyk-io
Copy link

@snyk-io snyk-io bot commented Dec 14, 2025

snyk-top-banner

Snyk has created this PR to fix 3 vulnerabilities in the pnpm dependencies of this project.

Snyk changed the following file(s):

  • extras/web/package.json
⚠️ Warning 
Failed to update the pnpm-lock.yaml, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

Issue
critical severity Arbitrary Code Injection
SNYK-JS-NEXT-14173355
high severity Deserialization of Untrusted Data
SNYK-JS-NEXT-14400636
medium severity Exposure of Sensitive System Information to an Unauthorized Control Sphere
SNYK-JS-NEXT-14400644

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Arbitrary Code Injection

@codesandbox
Copy link

codesandbox bot commented Dec 14, 2025

Review or Edit in CodeSandbox

Open the branch in Web EditorVS CodeInsiders

Open Preview

@bolt-new-by-stackblitz
Copy link

bolt-new-by-stackblitz bot commented Dec 14, 2025

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

@vercel vercel bot temporarily deployed to Preview – sequence-js-docs December 14, 2025 06:45 Inactive
@vercel
Copy link

vercel bot commented Dec 14, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Review Updated (UTC)
sequence-js-web Error Error Dec 14, 2025 6:45am
sequence.js Ready Ready Preview, Comment Dec 14, 2025 6:45am
1 Skipped Deployment
Project Deployment Review Updated (UTC)
sequence-js-docs Skipped Skipped Dec 14, 2025 6:45am

@snyk-io
Copy link
Author

snyk-io bot commented Dec 14, 2025

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@Dargon789 Dargon789 closed this Dec 14, 2025
@Dargon789 Dargon789 force-pushed the snyk-fix-1a42f46a3694152c28f6d1d4dc5aea44 branch from c74d77d to 3d54615 Compare December 14, 2025 07:08
@Dargon789
Copy link
Owner

Dargon789 commented Dec 24, 2025

0xsequence@2aa79b5

1 similar comment
@Dargon789
Copy link
Owner

Dargon789 commented Dec 24, 2025

0xsequence@2aa79b5

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

web3-Defi-Gamefi
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Dargon789