[Snyk] Fix for 1 vulnerabilities

[aliscco]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • node_modules/ora/node_modules/chalk/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: ava

The new version differs by 250 commits.

• 568fe40 5.3.0
• 784ca4c Dependency updates and so forth
• 5558367 Recognize typical assertion errors and use their formatting
• faa9654 Replace 'del' dependency by built-in recursive fs.rm (#3198)
• d7c6120 Support arrays in t.like() assertion
• 49e5582 Update TypeScript recipe to remove ts-node recommendation (#3192)
• 5bf01a3 Add Node.js 20 to test matrix
• 0574e5e Add t-node error handling section to TypeScript recipe
• 1c56764 Explicitly configure script name for CLI
• 38593a7 Properly end sentence
• 1353b08 5.2.0
• 7559613 Infer thrown error from expectations
• 8415261 State that documentation assumes ES modules
• c749348 5.1.1
• da3d2bc Update dependencies and such
• ffed948 De-register all shared workers
• 639b905 Unref shared worker when all test workers have deregistered
• 4ecfe7d 5.1.0
• 609b307 Update dependencies
• 647d3e1 Check for --config file extensions after they fail to load, allowing custom loaders (#3135)
• 9206928 Output logs for tests that remain pending when AVA exits
• 136dde3 Update reporter logs for latest Node.js 16
• 7007f13 5.0.1
• 48dcafa Update dependencies; more type tweaks

See the full diff

Package name: nyc

The new version differs by 55 commits.

• bebf4d6 chore(release): 15.0.0
• 2931730 chore: Update to final releases of dependencies ([Snyk] Security upgrade tap from 2.3.4 to 5.4.3 #1245)
• d44ff19 chore: Update node-preload and use process-on-spawn ([Snyk] Fix for 1 vulnerabilities #1243)
• 5258e9f feat: Filenames relative to project cwd in coverage reports ([Snyk] Security upgrade eslint from 3.19.0 to 6.0.0 #1212)
• 6039f29 chore: Unpin test-exclude, update to latest pre-releases ([Snyk] Security upgrade nyc from 14.1.1 to 15.0.0 #1240)
• f3c9e6c chore: Temporarily pin test-exclude ([Snyk] Fix for 1 vulnerabilities #1239)
• 28ed746 chore: Lazy load modules that are rarely/never needed in test processes. ([Snyk] Fix for 4 vulnerabilities #1232)
• 7307626 chore: Remove cp-file module ([Snyk] Security upgrade xo from 0.24.0 to 0.42.0 #1230)
• dfd629d fix: Better error handling for main execution, reporting ([Snyk] Security upgrade aud from 1.1.5 to 2.0.0 #1229)
• 549c953 chore: Update dependencies, pin find-cache-dir ([Snyk] Fix for 1 vulnerabilities #1228)
• a1dee03 chore: Update yargs ([Snyk] Fix for 1 vulnerabilities #1224)
• 8078a79 chore: Fix 404 in README.md. ([Snyk] Fix for 1 vulnerabilities #1220)
• 7a02cb7 chore: Add enterprise language ([Snyk] Fix for 2 vulnerabilities #1217)
• ea94c7f chore: Remove unused functions ([Snyk] Security upgrade tap from 12.7.0 to 18.0.0 #1218)
• 53c66b9 docs: `npm home nyc` goes to github master branch README ([Snyk] Fix for 1 vulnerabilities #1201)
• cf5e5d3 chore: Update dependencies
• 8411a26 fix: Correct handling of source-maps for pre-instrumented files ([Snyk] Fix for 1 vulnerabilities #1216)
• f890360 docs: Fix URL to default excludes in README.md ([Snyk] Security upgrade tsd from 0.7.4 to 0.12.0 #1214)
• 3726bbb chore: Update to async version of istanbul-lib-source-maps ([Snyk] Fix for 1 vulnerabilities #1199)
• 0efc6d1 chore: Tweak arguments for async coverage data readers ([Snyk] Fix for 1 vulnerabilities #1198)
• cc77e13 chore: Add `use strict` to all except fixtures ([Snyk] Fix for 1 vulnerabilities #1197)
• bcbe1df chore: Update dependencies ([Snyk] Security upgrade xo from 0.11.2 to 0.42.0 #1196)
• 2735ee2 chore: 100% coverage ([Snyk] Fix for 1 vulnerabilities #1195)
• fd40d49 feat: Use @ istanbuljs/schema for yargs setup ([Snyk] Fix for 1 vulnerabilities #1194)

See the full diff

Package name: tsd

The new version differs by 23 commits.

• a01388b 0.12.0
• 1b40723 Drop support for Node.js 6
• 56b90ab Add support for globbing patterns in files property - fixes [Snyk] Security upgrade xo from 0.24.0 to 0.42.0 #69 ([Snyk] Fix for 3 vulnerabilities #70)
• 9666433 Update all deps, some devDeps ([Snyk] Security upgrade mocha from 3.5.3 to 10.1.0 #72)
• 861db08 Add expectNotType assertion - fixes Bump http-cache-semantics from 4.1.0 to 4.1.1 #56
• 67ae75b 0.11.0
• 06594fa Move execa to devDependencies
• 97261b2 Add deprecation expectations - fixes Bump json5 and tsconfig-paths #51 ([Snyk] Security upgrade debug from 2.6.9 to 3.1.0 #53)
• 3a375fa Add assignability expectations - fixes [Snyk] Security upgrade update-notifier from 4.1.3 to 6.0.0 #39
• 206573b Upgrade to TypeScript 3.7 - fixes Bump json5 from 1.0.1 to 1.0.2 #52
• b802fee 0.10.0
• b68c37c Check if types are identical in strict assertions - fixes Bump @actions/core from 1.2.6 to 1.9.1 #43
• 30860fe Add makeDiagnostic util
• 3bb25ef Refactor to use assertion handlers for easier extension
• d6d32e7 Expose programming API - fixes [Snyk] Security upgrade got from 9.6.0 to 11.8.5 #37
• 874092b 0.9.0
• e4c78c7 Make expectType assertion strict
• b13533b Bundle TypeScript with tsd
• 3cc33f5 Test Node.js 12
• 4a84ae0 0.8.0
• c445879 Add support for JSX - fixes [Snyk] Security upgrade strip-ansi from 6.0.0 to 7.0.0 #15 ([Snyk] Security upgrade latest-version from 5.1.0 to 6.0.0 #36)
• 03c170b Ignore no overload matches error in expectError assertion ([Snyk] Security upgrade requests from 1.2.3 to 2.20 #33)
• 47c7796 Pin ava@1

See the full diff

Package name: xo

The new version differs by 145 commits.

• ab16df2 0.42.0
• de55a03 Upgrade dependencies
• 34800b7 Upgrade `globby` ([Snyk] Fix for 1 vulnerabilities #574)
• f81e933 Re-enable `import/newline-after-import` rule
• 47af93e 0.41.0
• af93e79 Upgrade dependencies
• 0733cc5 Fix code style ([Snyk] Security upgrade tap from 10.7.3 to 15.0.0 #570)
• ab17a3c Lint `.cjs` files in codebase ([Snyk] Fix for 1 vulnerabilities #569)
• 0a752c7 Update dependencies ([Snyk] Security upgrade eslint from 6.8.0 to 7.0.0 #568)
• 41c8f39 Convert project to module ([Snyk] Fix for 1 vulnerabilities #566)
• b3c5e15 Fix typo ([Snyk] Fix for 1 vulnerabilities #567)
• 2ef9f22 Prevent the `useEslintrc` option from being used ([Snyk] Fix for 1 vulnerabilities #565)
• 41f0484 0.40.3
• 374dd73 Support `xo.config.cjs` and `.xo-config.cjs` ([Snyk] Fix for 1 vulnerabilities #561)
• 3e7b77c Remove some needless imports ([Snyk] Fix for 1 vulnerabilities #560)
• 6adf459 Remove `update-notifier`
• b6389ef 0.40.2
• 7ace6e5 Fix handling of `parserOptions` for TypeScript ([Snyk] Fix for 1 vulnerabilities #557)
• 7629ce0 0.40.1
• d2c5750 Properly resolve base config ([Snyk] Fix for 1 vulnerabilities #545)
• e9c96a1 Properly handle `parserOptions` ([Snyk] Fix for 1 vulnerabilities #544)
• 8e1801c Avoid destructuring and just build the expected object once ([Snyk] Fix for 1 vulnerabilities #538)
• 4cfdc72 Fix CI
• 56be018 0.40.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.