Skip to content

Snyk fix: Update dependencies and Snyk policy#66

Merged
reeshika-h merged 3 commits into
mainfrom
fix-snyk
May 21, 2026
Merged

Snyk fix: Update dependencies and Snyk policy#66
reeshika-h merged 3 commits into
mainfrom
fix-snyk

Conversation

@reeshika-h
Copy link
Copy Markdown
Contributor

@reeshika-h reeshika-h commented May 20, 2026

Upgrade several dependencies in package.json, including uuid, ws, brace-expansion, devalue, and qs. Update Nuxt to the latest version and adjust the Snyk policy file to ignore a known vulnerability. Bump the version to 1.0.12.

reeshika-h added 2 commits May 20, 2026 14:59
@reeshika-h
chore: update package.json dependencies and overrides
3f1f5e4 
- Updated uuid to version 11.1.1
- Added ws (8.20.1), brace-expansion (5.0.6), devalue (5.8.1), and qs (6.15.2) to overrides
- Upgraded nuxt from 4.4.2 to 4.4.6
@reeshika-h
chore: bump version to 1.0.12 and update commander dependency
7baf05e
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 20, 2026

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type Count (with fixes) Without fixes Threshold Result
🔴 Critical Severity 0 0 10 ✅ Passed
🟠 High Severity 0 0 25 ✅ Passed
🟡 Medium Severity 0 20 500 ✅ Passed
🔵 Low Severity 0 0 1000 ✅ Passed

⏱️ SLA Breach Summary

✅ No SLA breaches detected. All vulnerabilities are within acceptable time thresholds.

Severity Breaches (with fixes) Breaches (no fixes) SLA Threshold (with/no fixes) Status
🔴 Critical 0 0 15 / 30 days ✅ Passed
🟠 High 0 0 30 / 120 days ✅ Passed
🟡 Medium 0 0 90 / 365 days ✅ Passed
🔵 Low 0 0 180 / 365 days ✅ Passed

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

  • Critical without fixes: 0
  • High without fixes: 0
  • Medium without fixes: 20
  • Low without fixes: 0

✅ BUILD PASSED - All security checks passed

naman-contentstack
naman-contentstack reviewed May 20, 2026
View reviewed changes
Comment thread .snyk Outdated
harshitha-cstk
harshitha-cstk previously approved these changes May 20, 2026
View reviewed changes
@reeshika-h reeshika-h marked this pull request as ready for review May 20, 2026 09:47
@reeshika-h reeshika-h requested review from a team as code owners May 20, 2026 09:47
shafeeqd959
shafeeqd959 previously approved these changes May 20, 2026
View reviewed changes
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 20, 2026

🔒 Security Scan Results

ℹ️ Note: Only vulnerabilities with available fixes (upgrades or patches) are counted toward thresholds.

Check Type Count (with fixes) Without fixes Threshold Result
🔴 Critical Severity 0 0 10 ✅ Passed
🟠 High Severity 0 0 25 ✅ Passed
🟡 Medium Severity 0 21 500 ✅ Passed
🔵 Low Severity 0 0 1000 ✅ Passed

⏱️ SLA Breach Summary

⚠️ Warning: The following vulnerabilities have exceeded their SLA thresholds (days since publication).

Severity Breaches (with fixes) Breaches (no fixes) SLA Threshold (with/no fixes) Status
🔴 Critical 0 0 15 / 30 days ✅ Passed
🟠 High 0 0 30 / 120 days ✅ Passed
🟡 Medium 0 1 90 / 365 days ⚠️ Warning
🔵 Low 0 0 180 / 365 days ✅ Passed

ℹ️ Vulnerabilities Without Available Fixes (Informational Only)

The following vulnerabilities were detected but do not have fixes available (no upgrade or patch). These are excluded from failure thresholds:

  • Critical without fixes: 0
  • High without fixes: 0
  • Medium without fixes: 21
  • Low without fixes: 0

⚠️ BUILD PASSED WITH WARNINGS - SLA breaches detected for issues without available fixes

Consider reviewing these vulnerabilities when fixes become available.

@reeshika-h reeshika-h merged commit 095313c into main May 21, 2026
6 checks passed
@reeshika-h reeshika-h deleted the fix-snyk branch May 21, 2026 06:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@shafeeqd959 shafeeqd959 shafeeqd959 approved these changes

@sunil-lakshman sunil-lakshman sunil-lakshman approved these changes

@cs-raj cs-raj cs-raj approved these changes

@naman-contentstack naman-contentstack naman-contentstack left review comments

@harshitha-cstk harshitha-cstk harshitha-cstk left review comments

@aniket-shikhare-cstk aniket-shikhare-cstk aniket-shikhare-cstk left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

8 participants

@reeshika-h @shafeeqd959 @sunil-lakshman @cs-raj @naman-contentstack @harshitha-cstk @aniket-shikhare-cstk @Aravind-Kumar-cstk