Ran
|
Files
1
|
Run time
0s
|
Badge
Embed ▾
README BADGES
|
push
travis-ci
Merge #27 #28 27: build(deps): [security] bump mixin-deep from 1.3.1 to 1.3.2 r=jniles a=dependabot-preview[bot] Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2. **This update includes a security fix.** <details> <summary>Vulnerabilities fixed</summary> <p><em>Sourced from The GitHub Security Advisory Database.</em></p> <blockquote> <p><strong>High severity vulnerability that affects mixin-deep</strong> mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.</p> <p>Affected versions: < 1.3.2</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/754f0c20e"><code>754f0c2</code></a> 1.3.2</li> <li><a href="https://github.com/jonschlinkert/mixin-deep/commit/90ee1fab3"><code>90ee1fa</code></a> ensure keys are valid when mixing in values</li> <li>See full diff in <a href="https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~doowb">doowb</a>, a new releaser for mixin-deep since your current version.</p> </details> <br /> [![Dependabot compatibility score](https://api.dependabot.com/badges/compatibility_score?dependency-name=mixin-deep&package-manager=npm_and_yarn&previous-version=1.3.1&new-version=1.3.2)](https://dependabot.com/compatibility-score/?dependency-name=mixin-deep&package-manager=npm_and_yarn&previous-version=1.3.1&new-version=1.3.2) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]... (continued)
17 of 27 branches covered (62.96%)
Branch coverage included in aggregate %.
39 of 64 relevant lines covered (60.94%)
38.81 hits per line
Coverage | ∆ | File | Lines | Relevant | Covered | Missed | Hits/Line | Branch Hits | Branch Misses |
---|