build(deps): bump pug-code-gen and rollup-plugin-vue in /examples/module/rollup #159

dependabot · 2025-04-29T02:03:07Z

Removes pug-code-gen. It's no longer used after updating ancestor dependency rollup-plugin-vue. These dependencies need to be updated together.

Removes pug-code-gen

Updates rollup-plugin-vue from 2.4.2 to 6.0.0

Release notes

Sourced from rollup-plugin-vue's releases.

Version 5.0.0

Chores

Upgrade @vue/component-compiler & @vue/component-compiler-utils (e215fe7)

BREAKING CHANGES

@vue/[email protected] uses sass instead of node-sass

Version 4.7.2

Bug Fixes

Add needMap option to disable source maps (3f879f3)

Version 4.7.0

Bug Fixes

Use isProduction when defined and fallback to NODE_ENV/BUILD (5fb30ce)

Use template.isProduction option if set (#267) (911eabc)

Features

Add data option to allow prepending style block content (a5711f6), closes #93

Add exposeFilename to control __file property (5c1dffb)

Combine customBlocks inclusion/exclusion option (8ae8568)

Version 4.3.0

Bug Fixes

Transform require in render function compiled from \<template> (#212) (89839f2)

Features

Provide sourcemap for blocks in .vue file (#215) (a5928ad)

Version 4.2.0

Features

Use regex to filter .vue files (1c77e2a)

Version 4.1.5

Bug Fixes

Handle Vue.extend constructor export from .vue file (#206) (fa7661e)

Resolve src attr value with require.resolve (#205) (ecb2d87)

Version 4.1.4

... (truncated)

Changelog

Sourced from rollup-plugin-vue's changelog.

6.0.0 (2020-11-25)

Features

new script setup compatibility (d1a528f)

support for new sfc experimental features (d70f594), closes vuejs/rfcs#227 vuejs/rfcs#231

6.0.0-beta.11 (2020-11-02)

Bug Fixes

add language fallback for template code (#407) (e334e8c)

avoid adding render function when no template in an SFC (#387) (6960203)

avoid conflicting filename for sourcemaps (#375) (4ec1315)

default render function name for ssr (#402) (714afd7)

support options for template block preprocessor render (#377) (3222451)

Features

add watchers to imports within vue files (#385) (cd41410)

6.0.0-beta.9 (2020-07-16)

Features

distinguish options for different CSS preprocessing languages (#366) (860595e)

6.0.0-beta.8 (2020-07-15)

Bug Fixes

backwards compat with older versions of compiler-sfc (7cb9fa4)

6.0.0-beta.7 (2020-07-15)

Features

... (truncated)

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by yyx990803, a new releaser for rollup-plugin-vue since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Removes [pug-code-gen](https://github.com/pugjs/pug). It's no longer used after updating ancestor dependency [rollup-plugin-vue](https://github.com/vuejs/rollup-plugin-vue). These dependencies need to be updated together. Removes `pug-code-gen` Updates `rollup-plugin-vue` from 2.4.2 to 6.0.0 - [Release notes](https://github.com/vuejs/rollup-plugin-vue/releases) - [Changelog](https://github.com/vuejs/rollup-plugin-vue/blob/next/CHANGELOG.md) - [Commits](https://github.com/vuejs/rollup-plugin-vue/commits) --- updated-dependencies: - dependency-name: pug-code-gen dependency-version: dependency-type: indirect - dependency-name: rollup-plugin-vue dependency-version: 6.0.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]>

ibcheckmarx · 2025-04-29T02:17:07Z

Checkmarx One – Scan Summary & Details – a1026728-9b7a-40f5-a5b4-e77c99121a31

New Issues (111)

Checkmarx found the following issues in this Pull Request

Issue	Source File / Package	Checkmarx Insight
CVE-2018-3739	Npm-https-proxy-agent-1.0.0	details Recommended version: 2.2.0 Description: https-proxy-agent before 2.2.0 passes auth option to the Buffer constructor without proper sanitization, resulting in DoS and uninitialized memory ... Attack Vector: NETWORK Attack Complexity: LOW `ID: Bn4U555scjQK6UuNGfeYygtxRWdFhlZM%2BvJgAds0JZ4%3D` Vulnerable Package
CVE-2018-3739	Npm-https-proxy-agent-2.1.0	details Recommended version: 2.2.0 Description: https-proxy-agent before 2.2.0 passes auth option to the Buffer constructor without proper sanitization, resulting in DoS and uninitialized memory ... Attack Vector: NETWORK Attack Complexity: LOW `ID: O6aY3w56TrUF58%2BsbRtrxCC67KuZiBVBcWB52bKfaFs%3D` Vulnerable Package
CVE-2018-3750	Npm-deep-extend-0.4.1	details Recommended version: 0.5.1 Description: The utilities function in all versions <= 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attac... Attack Vector: NETWORK Attack Complexity: LOW `ID: 7E2H3Ej7Z5CrVy7ksg9LqIwL1MoGLWhIF3sh3UoGr%2B4%3D` Vulnerable Package
CVE-2018-3750	Npm-deep-extend-0.4.2	details Recommended version: 0.5.1 Description: The utilities function in all versions <= 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attac... Attack Vector: NETWORK Attack Complexity: LOW `ID: q%2FBa3rhYpl8iVvyEDk%2B9UzvfXPP9TVGzeaOhXodjB98%3D` Vulnerable Package
CVE-2021-23406	Npm-pac-resolver-2.0.0	details Recommended version: 5.0.0 Description: This affects the package pac-resolver before 5.0.0. This can occur when used with untrusted input, due to unsafe PAC file handling. NOTE: The f... Attack Vector: NETWORK Attack Complexity: LOW `ID: pwtIZQTapn9H0hXl5vNroCyOZW71RzP%2BiribRDUD3sc%3D` Vulnerable Package
CVE-2021-23406	Npm-degenerator-1.0.4	details Recommended version: 3.0.1 Description: This affects the package pac-resolver before 5.0.0. This can occur when used with untrusted input, due to unsafe PAC file handling. NOTE: The f... Attack Vector: NETWORK Attack Complexity: LOW `ID: Qstn7RbOODv7Itm83r5xTBDCJcE%2Bc7ouWjbqqvZ5eLo%3D` Vulnerable Package
CVE-2021-23440	Npm-set-value-2.0.0	details Recommended version: 2.0.1 Description: This affects the package "set-value" prior to 2.0.1, prior to 3.0.3, and prior to 4.0.1. A Type Confusion vulnerability can lead to a bypass of CVE... Attack Vector: NETWORK Attack Complexity: LOW `ID: FMlb%2BTEssYDV5KzQYzq7lg0QaqLfM7mn%2B%2F6eDFQQ85Q%3D` Vulnerable Package
CVE-2021-23440	Npm-set-value-0.4.3	details Recommended version: 2.0.1 Description: This affects the package "set-value" prior to 2.0.1, prior to 3.0.3, and prior to 4.0.1. A Type Confusion vulnerability can lead to a bypass of CVE... Attack Vector: NETWORK Attack Complexity: LOW `ID: p4DKi5bJGUFlPw5govfTkkySOSYb38oQtrQjl6%2Bie5Y%3D` Vulnerable Package
CVE-2021-28918	Npm-netmask-1.0.6	details Recommended version: 2.0.1 Description: Improper input validation of octal strings in netmask npm package up to 1.1.0 allows unauthenticated remote attackers to perform indeterminate SSRF... Attack Vector: NETWORK Attack Complexity: LOW `ID: FX44wd2FAAvPw%2B4tCZ%2BF%2Bn2hy6JGGELmmNQd3%2BD4dy0%3D` Vulnerable Package
CVE-2022-0691	Npm-url-parse-1.4.7	details Recommended version: 1.5.9 Description: Authorization Bypass through User-Controlled Key in NPM url-parse versions 1.4.5 through 1.5.8. Bypasses "https://hackerone\.com/reports/496293" via... Attack Vector: NETWORK Attack Complexity: LOW `ID: jmJAgZqS5IbRAxOpirdER8SmWJRZoyiEufrXmOuumig%3D` Vulnerable Package
CVE-2022-25893	Npm-vm2-3.6.0	details Recommended version: 3.9.10 Description: The package vm2 prior to 3.9.10 is vulnerable to Arbitrary Code Execution due to the usage of prototype lookup for the ''WeakMap.prototype.set'' me... Attack Vector: NETWORK Attack Complexity: LOW `ID: JJdS8%2FGx71kaU5v1seg0HDoq3nsFEU7Bm0pfo7rf4U8%3D` Vulnerable Package
CVE-2022-25893	Npm-vm2-3.5.0	details Recommended version: 3.9.10 Description: The package vm2 prior to 3.9.10 is vulnerable to Arbitrary Code Execution due to the usage of prototype lookup for the ''WeakMap.prototype.set'' me... Attack Vector: NETWORK Attack Complexity: LOW `ID: t5SsqqQrRDExuur57Hh5ewtZ%2FQ6dZIRmsP0kVIn5Hi4%3D` Vulnerable Package
CVE-2023-42282	Npm-ip-1.0.1	details Description: An issue in NPM ip package 0.0.2 through 2.0.1 allows an attacker to execute arbitrary code and obtain sensitive information via the "isPublic()" f... Attack Vector: NETWORK Attack Complexity: LOW `ID: e8efX60x6oYvIaG3DBHcmYdpZLIXveEl8PgIsSHVb2A%3D` Vulnerable Package
CVE-2023-42282	Npm-ip-1.1.9	details Description: An issue in NPM ip package 0.0.2 through 2.0.1 allows an attacker to execute arbitrary code and obtain sensitive information via the "isPublic()" f... Attack Vector: NETWORK Attack Complexity: LOW `ID: k4xnVhiKCfTilNTgDcR%2FtgvzTFkrP1vvFasZgfaH6LQ%3D` Vulnerable Package
CVE-2023-42282	Npm-ip-1.1.5	details Description: An issue in NPM ip package 0.0.2 through 2.0.1 allows an attacker to execute arbitrary code and obtain sensitive information via the "isPublic()" f... Attack Vector: NETWORK Attack Complexity: LOW `ID: shnXnJ7KwMKtnjLjoEoLm8ISNwp%2Bl7YOBAHfTNfJHqM%3D` Vulnerable Package
CVE-2024-42461	Npm-elliptic-6.4.0	details Recommended version: 6.6.1 Description: In the elliptic package, "ECDSA" signature malleability occurs because "BER-encoded" signatures are allowed which leads to Improper Verification of... Attack Vector: NETWORK Attack Complexity: LOW `ID: Dz9S4jzRQcHjzyl3uT3BdUH5TC6Y%2Fkb5xJziY4E9JMg%3D` Vulnerable Package
CVE-2024-42461	Npm-elliptic-6.4.1	details Recommended version: 6.6.1 Description: In the elliptic package, "ECDSA" signature malleability occurs because "BER-encoded" signatures are allowed which leads to Improper Verification of... Attack Vector: NETWORK Attack Complexity: LOW `ID: kv7NK6SH2vkxZEW6XOMvLsIjhQHriL0z0wY%2B1uDINmo%3D` Vulnerable Package
Cxcc09496a-59c8	Npm-js-yaml-3.10.0	details Recommended version: 3.13.1 Description: js-yaml is vulnerable to Code Injection before 3.13.1. The load() function may execute arbitrary code injected through a malicious YAML file. Objec... Attack Vector: NETWORK Attack Complexity: LOW `ID: ce7xi2PsHL0jvL7LogwwgnYEV8vFkhJOpabsOM8Sg4A%3D` Vulnerable Package
Cxcc09496a-59c8	Npm-js-yaml-3.12.1	details Recommended version: 3.13.1 Description: js-yaml is vulnerable to Code Injection before 3.13.1. The load() function may execute arbitrary code injected through a malicious YAML file. Objec... Attack Vector: NETWORK Attack Complexity: LOW `ID: gc7FiydWFuLkvSU549O9scqsQJ2d9HmWud%2BPiE%2FgAIM%3D` Vulnerable Package
Cxcc09496a-59c8	Npm-js-yaml-3.12.0	details Recommended version: 3.13.1 Description: js-yaml is vulnerable to Code Injection before 3.13.1. The load() function may execute arbitrary code injected through a malicious YAML file. Objec... Attack Vector: NETWORK Attack Complexity: LOW `ID: kjuHBXKX54VVF%2Fas%2BREB51104ihSdd5xPL2oYq%2BO2D4%3D` Vulnerable Package
Cxcc09496a-59c8	Npm-js-yaml-3.7.0	details Recommended version: 3.13.1 Description: js-yaml is vulnerable to Code Injection before 3.13.1. The load() function may execute arbitrary code injected through a malicious YAML file. Objec... Attack Vector: NETWORK Attack Complexity: LOW `ID: rYZytvOZWsdAMXDwaKKxcMhy35gz5bZoeQ3nnlkFhhM%3D` Vulnerable Package
Cxcc09496a-59c8	Npm-js-yaml-3.8.2	details Recommended version: 3.13.1 Description: js-yaml is vulnerable to Code Injection before 3.13.1. The load() function may execute arbitrary code injected through a malicious YAML file. Objec... Attack Vector: NETWORK Attack Complexity: LOW `ID: wExdWeLe%2FpRKRMe792a%2FV5%2B962FJ2EvFql5b%2Fe3ee%2Fg%3D` Vulnerable Package
CVE-2017-18077	Npm-brace-expansion-1.1.6	details Recommended version: 1.1.7 Description: index.js in brace-expansion before 1.1.7 is vulnerable to Regular Expression Denial of Service (ReDoS) attacks, as demonstrated by an expand argume... Attack Vector: NETWORK Attack Complexity: LOW `ID: bJHKM5%2FO%2BJVMuTN%2B65328BSHJEgISm0aZq753SQ7Vyg%3D` Vulnerable Package
CVE-2019-13173	Npm-fstream-1.0.11	details Recommended version: 1.0.12 Description: fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the sys... Attack Vector: NETWORK Attack Complexity: LOW `ID: fljZbJr9L%2BYxcPzAoID%2Bt2HL%2BCUKN7L%2FvELGptnb9PE%3D` Vulnerable Package
CVE-2019-13173	Npm-fstream-1.0.10	details Recommended version: 1.0.12 Description: fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the sys... Attack Vector: NETWORK Attack Complexity: LOW `ID: WZIOy2KS2Kq3bKXvFfrql558o2fBiJC0VE%2FL%2FJKLmsc%3D` Vulnerable Package
CVE-2019-20920	Npm-handlebars-4.0.10	details Recommended version: 4.7.7 Description: Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, all... Attack Vector: NETWORK Attack Complexity: HIGH `ID: 0OBH2od1AJ7aW3P6kMRfD65HD0oR2%2FuPnLZ2trMBvoo%3D` Vulnerable Package
CVE-2019-20920	Npm-handlebars-4.1.2	details Recommended version: 4.7.7 Description: Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, all... Attack Vector: NETWORK Attack Complexity: HIGH `ID: G3tEOTmdffhGiHnENZF35ZZzCm6oXTvBs0MzpFWNPmM%3D` Vulnerable Package
CVE-2021-23341	Npm-prismjs-1.16.0	details Recommended version: 1.30.0 Description: The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the prism-asciidoc, prism-rest, prism-tap and ... Attack Vector: NETWORK Attack Complexity: LOW `ID: M5mN7mSfBMMWAznAKO8qzq7saUDqlkbEbFDGa0cFPFg%3D` Vulnerable Package
CVE-2021-27290	Npm-ssri-5.3.0	details Recommended version: 6.0.2 Description: ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take a... Attack Vector: NETWORK Attack Complexity: LOW `ID: PP42QDe5%2Byol%2F87cb9hGv62blA31%2FB8B8cQV0F8v3YM%3D` Vulnerable Package
CVE-2021-27290	Npm-ssri-6.0.1	details Recommended version: 6.0.2 Description: ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take a... Attack Vector: NETWORK Attack Complexity: LOW `ID: w8809mF%2B1e4sgJqtg%2B5FeGEHVEEz5GrVxvBDRvc%2FP%2B4%3D` Vulnerable Package
CVE-2021-32804	Npm-tar-4.4.8	details Recommended version: 6.2.1 Description: The npm package "tar" (aka node-tar) versions prior to 3.2.2 and 4.x prior to 4.4.14, 5.x prior to 5.0.6 and 6.x prior to 6.1.1 has a arbitrary Fil... Attack Vector: NETWORK Attack Complexity: LOW `ID: CxRfuDmZl7cqUVENboPYeFKnPHhV6VS6AEAhw9yQkPE%3D` Vulnerable Package
CVE-2021-32804	Npm-tar-4.3.3	details Recommended version: 6.2.1 Description: The npm package "tar" (aka node-tar) versions prior to 3.2.2 and 4.x prior to 4.4.14, 5.x prior to 5.0.6 and 6.x prior to 6.1.1 has a arbitrary Fil... Attack Vector: NETWORK Attack Complexity: LOW `ID: h5dEnzOWLqXiHnwbZ%2FIjdxbJwLQDZWyWtgnK%2F0W3zkY%3D` Vulnerable Package
CVE-2021-32804	Npm-tar-2.2.1	details Recommended version: 6.2.1 Description: The npm package "tar" (aka node-tar) versions prior to 3.2.2 and 4.x prior to 4.4.14, 5.x prior to 5.0.6 and 6.x prior to 6.1.1 has a arbitrary Fil... Attack Vector: NETWORK Attack Complexity: LOW `ID: MzpIbhYp%2FnMOIXGbXhibBlwTmVyuhx%2FkcDszABG%2BQiI%3D` Vulnerable Package
CVE-2021-32804	Npm-tar-4.4.1	details Recommended version: 6.2.1 Description: The npm package "tar" (aka node-tar) versions prior to 3.2.2 and 4.x prior to 4.4.14, 5.x prior to 5.0.6 and 6.x prior to 6.1.1 has a arbitrary Fil... Attack Vector: NETWORK Attack Complexity: LOW `ID: tju4ZftYVVv28L22HTMt3H%2FNKH1jMRxWHCHnLwnjFpw%3D` Vulnerable Package
CVE-2021-3807	Npm-ansi-regex-4.0.0	details Recommended version: 4.1.1 Description: The package ansi-regex versions 3.x prior to 3.0.1, 4.x prior to 4.1.1, 5.x prior to 5.0.1 and 6.0.x prior to 6.0.1 is vulnerable to Inefficient Re... Attack Vector: NETWORK Attack Complexity: LOW `ID: gHpui2lxJAW0U7yFKloMNNVXwZgNhzpn58E56Tr8bcc%3D` Vulnerable Package
CVE-2021-3807	Npm-ansi-regex-4.1.0	details Recommended version: 4.1.1 Description: The package ansi-regex versions 3.x prior to 3.0.1, 4.x prior to 4.1.1, 5.x prior to 5.0.1 and 6.0.x prior to 6.0.1 is vulnerable to Inefficient Re... Attack Vector: NETWORK Attack Complexity: LOW `ID: HUqr3CsKlzbm0Y6t2X2Wa6ZcNZJntO6CBx0lMVxYP9w%3D` Vulnerable Package
CVE-2021-3807	Npm-ansi-regex-3.0.0	details Recommended version: 3.0.1 Description: The package ansi-regex versions 3.x prior to 3.0.1, 4.x prior to 4.1.1, 5.x prior to 5.0.1 and 6.0.x prior to 6.0.1 is vulnerable to Inefficient Re... Attack Vector: NETWORK Attack Complexity: LOW `ID: mpy90FBb0Mq16B8%2BsTvmPqajjkAwMY2iPw%2FL%2FfTIOz0%3D` Vulnerable Package
CVE-2021-3807	Npm-ansi-regex-2.1.1	details Recommended version: 3.0.1 Description: The package ansi-regex versions 3.x prior to 3.0.1, 4.x prior to 4.1.1, 5.x prior to 5.0.1 and 6.0.x prior to 6.0.1 is vulnerable to Inefficient Re... Attack Vector: NETWORK Attack Complexity: LOW `ID: OIP48gYGvfQuetRzXA6b5f9PXANEXZ06yVUdPmywr0Q%3D` Vulnerable Package
CVE-2022-21222	Npm-css-what-2.1.0	details Recommended version: 2.1.3 Description: The package css-what versions prior to 2.1.3 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of insecure regular ex... Attack Vector: NETWORK Attack Complexity: LOW `ID: aCOIiSooRv6dwGscLDPhx5skNlvs6z6gKxms%2BD8u6dw%3D` Vulnerable Package
CVE-2022-21222	Npm-css-what-2.1.2	details Recommended version: 2.1.3 Description: The package css-what versions prior to 2.1.3 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of insecure regular ex... Attack Vector: NETWORK Attack Complexity: LOW `ID: l51mb9t5VzHdZbP0pdc%2BI%2BrCPR1LsJlrc46ybbdcVSs%3D` Vulnerable Package

More results are available on the CxOne platform

Fixed Issues (200)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	~~CVE-2018-13797~~	Npm-macaddress-0.2.8
	~~CVE-2018-3745~~	Npm-atob-2.0.3
	~~CVE-2018-3752~~	Npm-merge-options-0.0.64
	~~CVE-2018-3774~~	Npm-url-parse-1.1.9
	~~CVE-2018-3774~~	Npm-url-parse-1.1.8
	~~CVE-2018-3774~~	Npm-url-parse-1.0.5
	~~CVE-2019-10196~~	Npm-http-proxy-agent-1.0.0
	~~CVE-2019-10744~~	Npm-lodash-4.17.5
	~~CVE-2019-10744~~	Npm-lodash-4.17.10
	~~CVE-2019-10744~~	Npm-lodash.defaultsdeep-4.3.2
	~~CVE-2019-10744~~	Npm-lodash.defaultsdeep-4.6.0
	~~CVE-2019-10744~~	Npm-lodash-4.17.11
	~~CVE-2019-10744~~	Npm-lodash-3.10.1
	~~CVE-2019-10744~~	Npm-lodash-4.17.4
	~~CVE-2020-7677~~	Npm-thenify-3.3.0
	~~CVE-2020-7774~~	Npm-y18n-3.2.1
	~~CVE-2020-7774~~	Npm-y18n-4.0.0
	~~CVE-2021-44906~~	Npm-minimist-0.0.8
	~~CVE-2021-44906~~	Npm-minimist-0.0.10
	~~CVE-2021-44906~~	Npm-minimist-1.2.0
	~~CVE-2022-1650~~	Npm-eventsource-0.1.6
	~~CVE-2022-1650~~	Npm-eventsource-1.0.7
	~~CVE-2022-2421~~	Npm-socket.io-parser-3.2.0
	~~CVE-2022-29078~~	Npm-ejs-2.6.1
	~~CVE-2022-29078~~	Npm-ejs-2.5.7
	~~CVE-2022-36067~~	Npm-vm2-3.5.0
	~~CVE-2022-36067~~	Npm-vm2-3.6.0
	~~CVE-2022-37601~~	Npm-loader-utils-1.1.0
	~~CVE-2022-37601~~	Npm-loader-utils-1.0.4
	~~CVE-2022-37601~~	Npm-loader-utils-0.2.17
	~~CVE-2022-37601~~	Npm-loader-utils-1.2.3
	~~CVE-2023-26136~~	Npm-tough-cookie-2.3.3
	~~CVE-2023-26136~~	Npm-tough-cookie-2.5.0
	~~CVE-2023-26136~~	Npm-tough-cookie-2.4.3
	~~CVE-2023-26136~~	Npm-tough-cookie-2.3.2
	~~CVE-2024-40643~~	Npm-htmlparser2-3.3.0
	~~CVE-2024-40643~~	Npm-htmlparser2-3.9.2
	~~CVE-2024-40643~~	Npm-htmlparser2-3.10.1
	~~Cx29ea9bf3-a8eb~~	Npm-macaddress-0.2.8
	~~Cx5ec2f1d8-1b0c~~	Npm-urijs-1.18.12
	~~Cx88b46a98-47a5~~	Npm-elliptic-6.4.1
	~~Cx88b46a98-47a5~~	Npm-elliptic-6.4.0
	~~CVE-2017-11342~~	Npm-node-sass-4.5.3
	~~CVE-2017-11555~~	Npm-node-sass-4.5.3
	~~CVE-2017-12963~~	Npm-node-sass-4.5.3
	~~CVE-2018-20834~~	Npm-tar-2.2.1
	~~CVE-2018-20834~~	Npm-tar-4.3.3
	~~CVE-2018-20834~~	Npm-tar-4.4.1
	~~CVE-2018-3737~~	Npm-sshpk-1.11.0
	~~CVE-2018-3737~~	Npm-sshpk-1.13.0
	~~CVE-2018-3737~~	Npm-sshpk-1.10.2
	~~CVE-2018-3737~~	Npm-sshpk-1.13.1
	~~CVE-2019-20149~~	Npm-kind-of-6.0.2
	~~CVE-2020-36048~~	Npm-engine.io-3.2.1
	~~CVE-2020-36049~~	Npm-socket.io-parser-3.2.0
	~~CVE-2020-8116~~	Npm-dot-prop-3.0.0
	~~CVE-2020-8116~~	Npm-dot-prop-4.2.0
	~~CVE-2020-8203~~	Npm-lodash-4.17.10
	~~CVE-2020-8203~~	Npm-lodash-4.17.11
	~~CVE-2020-8203~~	Npm-lodash-4.17.4
	~~CVE-2020-8203~~	Npm-lodash-4.17.5
	~~CVE-2020-8203~~	Npm-lodash-3.10.1
	~~CVE-2021-28092~~	Npm-is-svg-3.0.0
	~~CVE-2021-28092~~	Npm-is-svg-2.1.0
	~~CVE-2021-37713~~	Npm-tar-4.4.1
	~~CVE-2021-37713~~	Npm-tar-2.2.1
	~~CVE-2021-37713~~	Npm-tar-4.4.8
	~~CVE-2021-37713~~	Npm-tar-4.3.3
	~~CVE-2022-21681~~	Npm-marked-0.3.19
	~~CVE-2022-24772~~	Npm-node-forge-0.10.0
	~~CVE-2022-24772~~	Npm-node-forge-0.6.33
	~~CVE-2022-24772~~	Npm-node-forge-0.7.5
	~~CVE-2022-24785~~	Npm-moment-2.18.1
	~~CVE-2022-24785~~	Npm-moment-2.20.1
	~~CVE-2022-29167~~	Npm-hawk-6.0.2
	~~CVE-2022-29167~~	Npm-hawk-3.1.3
	~~CVE-2022-3517~~	Npm-minimatch-3.0.4
	~~CVE-2022-3517~~	Npm-minimatch-3.0.3
	~~CVE-2022-38900~~	Npm-decode-uri-component-0.2.0
	~~CVE-2024-29180~~	Npm-webpack-dev-middleware-1.12.2
	~~CVE-2024-29180~~	Npm-webpack-dev-middleware-1.10.1
	~~CVE-2024-29180~~	Npm-webpack-dev-middleware-1.12.0
	~~CVE-2024-29180~~	Npm-webpack-dev-middleware-2.0.5
	~~CVE-2024-29180~~	Npm-webpack-dev-middleware-3.4.0
	~~CVE-2024-29180~~	Npm-webpack-dev-middleware-2.0.6
	~~CVE-2024-29180~~	Npm-webpack-dev-middleware-3.6.0
	~~CVE-2024-29180~~	Npm-webpack-dev-middleware-3.6.2
	~~CVE-2024-4068~~	Npm-braces-0.1.5
	~~CVE-2024-4068~~	Npm-braces-2.3.2
	~~CVE-2024-4068~~	Npm-braces-2.3.0
	~~CVE-2024-4068~~	Npm-braces-1.8.5
	~~Cx0b414307-5d4b~~	Npm-lodash-3.10.1
	~~Cx0b414307-5d4b~~	Npm-lodash-4.17.5
	~~Cx0b414307-5d4b~~	Npm-lodash-4.17.4
	~~Cx0b414307-5d4b~~	Npm-lodash-4.17.11
	~~Cx0b414307-5d4b~~	Npm-lodash-4.17.10
	~~Cx18f58b49-4db5~~	Npm-http-proxy-1.17.0
	~~Cx18f58b49-4db5~~	Npm-http-proxy-1.16.2
	~~Cx2d55b83a-7aa0~~	Npm-braces-2.3.0
	~~Cx2d55b83a-7aa0~~	Npm-braces-1.8.5
	~~Cx2d55b83a-7aa0~~	Npm-braces-0.1.5
	~~Cxa8a11659-1098~~	Npm-tunnel-agent-0.4.3
	~~Cxac192d90-742c~~	Npm-mem-1.1.0
	~~Cxe578f4ea-ca81~~	Npm-constantinople-3.1.0
	~~CVE-2017-11608~~	Npm-node-sass-4.5.3
	~~CVE-2017-16137~~	Npm-debug-2.6.1
	~~CVE-2017-16137~~	Npm-debug-2.6.3
	~~CVE-2017-16137~~	Npm-debug-0.7.4
	~~CVE-2017-16137~~	Npm-debug-2.2.0
	~~CVE-2017-16137~~	Npm-debug-2.6.8
	~~CVE-2017-16137~~	Npm-debug-3.0.1
	~~CVE-2018-20821~~	Npm-node-sass-4.5.3
	~~CVE-2018-21270~~	Npm-stringstream-0.0.5
	~~CVE-2018-3712~~	Npm-serve-6.1.0
	~~CVE-2018-3718~~	Npm-serve-6.1.0
	~~CVE-2018-6341~~	Npm-vue-2.5.16
	~~CVE-2018-6341~~	Npm-vue-2.4.4
	~~CVE-2018-6341~~	Npm-vue-2.2.4
	~~CVE-2018-6341~~	Npm-vue-2.1.10
	~~CVE-2018-6341~~	Npm-vue-2.5.13
	~~CVE-2019-18797~~	Npm-node-sass-4.5.3
	~~CVE-2019-6286~~	Npm-node-sass-4.5.3
	~~CVE-2020-15366~~	Npm-ajv-6.5.1
	~~CVE-2020-15366~~	Npm-ajv-6.1.1
	~~CVE-2020-15366~~	Npm-ajv-5.5.2
	~~CVE-2020-15366~~	Npm-ajv-6.10.0
	~~CVE-2020-15366~~	Npm-ajv-4.11.8
	~~CVE-2020-15366~~	Npm-ajv-5.2.2
	~~CVE-2020-15366~~	Npm-ajv-6.9.1
	~~CVE-2020-15366~~	Npm-ajv-4.11.3
	~~CVE-2020-15366~~	Npm-ajv-4.11.5
	~~CVE-2020-28500~~	Npm-lodash-4.17.4
	~~CVE-2020-28500~~	Npm-lodash-4.17.10
	~~CVE-2020-28500~~	Npm-lodash-4.17.5
	~~CVE-2020-28500~~	Npm-lodash-3.10.1
	~~CVE-2020-28500~~	Npm-lodash-4.17.11
	~~CVE-2020-8124~~	Npm-url-parse-1.0.5
	~~CVE-2020-8124~~	Npm-url-parse-1.4.4
	~~CVE-2020-8124~~	Npm-url-parse-1.1.9
	~~CVE-2020-8124~~	Npm-url-parse-1.1.8
	~~CVE-2020-8244~~	Npm-bl-1.2.2
	~~CVE-2021-23362~~	Npm-hosted-git-info-2.6.0
	~~CVE-2021-23362~~	Npm-hosted-git-info-2.2.0
	~~CVE-2021-23362~~	Npm-hosted-git-info-2.7.1
	~~CVE-2021-23362~~	Npm-hosted-git-info-2.5.0
	~~CVE-2021-23364~~	Npm-browserslist-4.4.1
	~~CVE-2021-23364~~	Npm-browserslist-4.5.5
	~~CVE-2021-23386~~	Npm-dns-packet-1.3.1
	~~CVE-2021-23386~~	Npm-dns-packet-1.2.2
	~~CVE-2021-3801~~	Npm-prismjs-1.16.0
	~~CVE-2022-21670~~	Npm-markdown-it-8.4.2
	~~CVE-2022-21670~~	Npm-markdown-it-6.1.1
	~~CVE-2022-21704~~	Npm-log4js-3.0.6
	~~CVE-2022-23647~~	Npm-prismjs-1.16.0
	~~CVE-2022-33987~~	Npm-got-5.7.1
	~~CVE-2022-33987~~	Npm-got-6.7.1
	~~CVE-2023-28155~~	Npm-request-2.88.2
	~~CVE-2023-28155~~	Npm-request-2.79.0
	~~CVE-2023-28155~~	Npm-request-2.88.0
	~~CVE-2023-28155~~	Npm-request-2.82.0
	~~CVE-2023-28155~~	Npm-request-2.81.0
	~~CVE-2024-28863~~	Npm-tar-4.4.8
	~~CVE-2024-28863~~	Npm-tar-2.2.1
	~~CVE-2024-28863~~	Npm-tar-4.3.3
	~~CVE-2024-28863~~	Npm-tar-4.4.1
	~~CVE-2024-42459~~	Npm-elliptic-6.4.1
	~~CVE-2024-42459~~	Npm-elliptic-6.4.0
	~~CVE-2024-43799~~	Npm-send-0.15.1
	~~CVE-2024-43799~~	Npm-send-0.15.5
	~~CVE-2024-43799~~	Npm-send-0.14.2
	~~CVE-2024-43799~~	Npm-send-0.16.1
	~~CVE-2024-43799~~	Npm-send-0.15.4
	~~CVE-2024-43799~~	Npm-send-0.16.2
	~~CVE-2024-53382~~	Npm-prismjs-1.16.0
	~~CVE-2024-6783~~	Npm-vue-template-compiler-2.6.10
	~~CVE-2024-6783~~	Npm-vue-template-compiler-2.1.10
	~~CVE-2024-6783~~	Npm-vue-template-compiler-2.5.13
	~~CVE-2024-6783~~	Npm-vue-template-compiler-2.7.16
	~~CVE-2024-6783~~	Npm-vue-template-compiler-2.5.16
	~~CVE-2024-6783~~	Npm-vue-template-compiler-2.2.4
	~~CVE-2024-6783~~	Npm-vue-template-compiler-2.6.6
	~~CVE-2024-6783~~	Npm-vue-template-compiler-2.4.4
	~~Cxec49316b-56df~~	Npm-js-yaml-3.8.2

More results are available on the CxOne platform

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 29, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps): bump pug-code-gen and rollup-plugin-vue in /examples/module/rollup #159

build(deps): bump pug-code-gen and rollup-plugin-vue in /examples/module/rollup #159

Uh oh!

dependabot bot commented on behalf of github Apr 29, 2025

Uh oh!

ibcheckmarx commented Apr 29, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

build(deps): bump pug-code-gen and rollup-plugin-vue in /examples/module/rollup #159

Are you sure you want to change the base?

build(deps): bump pug-code-gen and rollup-plugin-vue in /examples/module/rollup #159

Uh oh!

Conversation

dependabot bot commented on behalf of github Apr 29, 2025

Version 5.0.0

Chores

BREAKING CHANGES

Version 4.7.2

Bug Fixes

Version 4.7.0

Bug Fixes

Features

Version 4.3.0

Bug Fixes

Features

Version 4.2.0

Features

Version 4.1.5

Bug Fixes

Version 4.1.4

6.0.0 (2020-11-25)

Features

6.0.0-beta.11 (2020-11-02)

Bug Fixes

Features

6.0.0-beta.9 (2020-07-16)

Features

6.0.0-beta.8 (2020-07-15)

Bug Fixes

6.0.0-beta.7 (2020-07-15)

Features

Uh oh!

ibcheckmarx commented Apr 29, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant