[Snyk] Upgrade sbd from 1.0.14 to 1.0.19

[snyk-bot]

Snyk has created this PR to upgrade sbd from 1.0.14 to 1.0.19.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 5 versions ahead of your current version.
• The recommended version was released 9 months ago, on 2021-05-11.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Arbitrary Code Execution SNYK-JS-SANITIZEHTML-585892	684/1000 Why? Has a fix available, CVSS 9.4	No Known Exploit
	Prototype Pollution SNYK-JS-LODASHMERGEWITH-174136	684/1000 Why? Has a fix available, CVSS 9.4	Proof of Concept
	Access Restriction Bypass SNYK-JS-SANITIZEHTML-1070786	684/1000 Why? Has a fix available, CVSS 9.4	No Known Exploit
	Validation Bypass SNYK-JS-SANITIZEHTML-1070780	684/1000 Why? Has a fix available, CVSS 9.4	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	684/1000 Why? Has a fix available, CVSS 9.4	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	684/1000 Why? Has a fix available, CVSS 9.4	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: sbd

• 1.0.19 - 2021-05-11
• 1.0.18 - 2020-04-14
• 1.0.17 - 2020-04-01
• 1.0.16 - 2019-07-16
• 1.0.15 - 2019-03-19
• 1.0.14 - 2018-08-13

from sbd GitHub release notes

Commit messages

Package name: sbd

• 13d4f1a Version bump
• b68184f Merge pull request Error  filipedeschamps/video-maker#31 from Tessmore/dependabot/npm_and_yarn/sanitize-html-2.3.2
• 6e10826 Merge pull request Adiciona as configurações como variáveis de ambiente filipedeschamps/video-maker#32 from Tessmore/dependabot/npm_and_yarn/lodash-4.17.21
• d27570b Bump lodash from 4.17.19 to 4.17.21
• 4399b77 Bump sanitize-html from 1.23.0 to 2.3.2
• 900818e Merge pull request [vídeo] INTELIGÊNCIA ARTIFICIAL aprende a FALAR com MINHA VOZ! filipedeschamps/video-maker#30 from Tessmore/dependabot/npm_and_yarn/y18n-4.0.1
• 28c4fd5 Bump y18n from 4.0.0 to 4.0.1
• 2bc61e5 Merge pull request Erro ao tentar executar o index.js filipedeschamps/video-maker#28 from Tessmore/dependabot/npm_and_yarn/lodash-4.17.19
• 1bf2ee9 Bump lodash from 4.17.15 to 4.17.19
• 8cecb13 Version bump
• c676641 Bump minimist resolution
• a4368e5 Merge branch 'master' of github.com:Tessmore/sbd
• a1678aa Bump version
• 86835b7 Merge pull request TESTE TAREFAS filipedeschamps/video-maker#26 from Tessmore/chore/update-dependencies
• e4ea0e8 Bump dependency
• 5f8c822 Version bump (dependencies only) v1.0.16
• 46643df Merge pull request Adicionar orientação a comunidade filipedeschamps/video-maker#25 from Tessmore/dependabot/npm_and_yarn/lodash.mergewith-4.6.2
• 37507c3 Bump lodash.mergewith from 4.6.1 to 4.6.2
• 3911a64 Merge
• f5ee925 Allow cyrillic and accented abbreviations
• 5313de1 Allow cyrillic abbreviations

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs