[Snyk] Upgrade @coffeelint/cli from 5.0.1 to 5.2.11

[aliscco]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade @coffeelint/cli from 5.0.1 to 5.2.11.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 18 versions ahead of your current version.
• The recommended version was released a year ago, on 2022-11-07.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	No Known Exploit
	Prototype Pollution SNYK-JS-Y18N-1021887	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-1579269	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	No Known Exploit
	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	No Known Exploit
	Prototype Pollution SNYK-JS-URIJS-1319806	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	No Known Exploit
	Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Prototype Pollution SNYK-JS-PROTOBUFJS-2441248	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Arbitrary File Write SNYK-JS-TAR-1579147	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	No Known Exploit
	Prototype Pollution SNYK-JS-PROTOBUFJS-5756498	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Arbitrary Argument Injection SNYK-JS-BLAMER-5731318	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Misinterpretation of Input SNYK-JS-URIJS-2440699	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-URIJS-2441239	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Prototype Pollution SNYK-JS-XML2JS-5414874	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Open Redirect SNYK-JS-URIJS-1319803	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Open Redirect SNYK-JS-URIJS-2401466	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Open Redirect SNYK-JS-URIJS-2419067	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Improper Input Validation SNYK-JS-URIJS-2415026	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @coffeelint/cli

• 5.2.11 - 2022-11-07
  

  5.2.11 (2022-11-07)

  Bug Fixes

  • deps: bump yargs from 17.6.0 to 17.6.2 (#222) (f7c7e60)
• 5.2.10 - 2022-09-30
  

  5.2.10 (2022-09-30)

  Bug Fixes

  • resolve to correct coffeelint file (#220) (6e02503)
• 5.2.9 - 2022-05-16
  

  5.2.9 (2022-05-16)

  Bug Fixes

  • deps: bump glob from 8.0.1 to 8.0.3 (#209) (b51dafc)
  • deps: bump yargs from 17.4.1 to 17.5.1 (#208) (5fd34f4)
• 5.2.8 - 2022-04-25
  

  5.2.8 (2022-04-25)

  Bug Fixes

  • deps: bump coffeescript from 2.6.1 to 2.7.0 (#206) (9f0316c)
• 5.2.7 - 2022-04-19
  

  5.2.7 (2022-04-19)

  Bug Fixes

  • deps: bump glob from 7.2.0 to 8.0.1 (#205) (7476704)
• 5.2.6 - 2022-04-11
  

  5.2.6 (2022-04-11)

  Bug Fixes

  • deps: bump yargs from 17.4.0 to 17.4.1 (#204) (ed7815e)
• 5.2.5 - 2022-03-21
  

  5.2.5 (2022-03-21)

  Bug Fixes

  • deps: bump yargs from 17.3.1 to 17.4.0 (#200) (ab15421)
• 5.2.4 - 2022-01-27
  

  5.2.4 (2022-01-27)

  Bug Fixes

  • deps: bump resolve from 1.21.0 to 1.22.0 (#191) (91e4186)
• 5.2.3 - 2022-01-04
  

  5.2.3 (2022-01-04)

  Bug Fixes

  • deps: bump resolve from 1.20.0 to 1.21.0 (#189) (466ac4b)
  • deps: update all deps (c63d425)
• 5.2.2 - 2021-12-20
  

  5.2.2 (2021-12-20)

  Bug Fixes

  • deps: bump ignore from 5.1.9 to 5.2.0 (#187) (c2f8625)
• 5.2.1 - 2021-12-01
• 5.2.0 - 2021-11-07
• 5.1.1 - 2021-11-05
• 5.1.0 - 2021-11-01
• 5.0.5 - 2021-10-18
• 5.0.4 - 2021-09-23
• 5.0.3 - 2021-09-20
• 5.0.2 - 2021-08-16
• 5.0.1 - 2021-05-07

from @coffeelint/cli GitHub release notes

Commit messages

Package name: @coffeelint/cli

• 25d16e6 chore(release): 5.2.11 [skip ci]
• f7c7e60 fix(deps): bump yargs from 17.6.0 to 17.6.2 (Bump alpine/terragrunt from 1.0.0 to 1.0.11 #222)
• cb31e24 chore(deps): bump yargs from 17.5.1 to 17.6.0 ([Snyk] Security upgrade @stoplight/spectral from 5.9.1 to 6.0.0 #221)
• 7da8c5d chore(release): 5.2.10 [skip ci]
• 6e02503 fix: resolve to correct coffeelint file (Bump isort from 5.8.0 to 5.10.0 in /dependencies #220)
• 277abff Merge pull request Bump cfn-lint from 0.49.2 to 0.56.0 in /dependencies #219 from coffeelint/dependabot/npm_and_yarn/underscore-1.13.6
• ff18cac chore(deps-dev): bump underscore from 1.13.4 to 1.13.6
• 9f4481e Merge pull request Bump @coffeelint/cli from 5.0.1 to 5.2.0 in /dependencies #218 from coffeelint/dependabot/npm_and_yarn/semantic-release/github-8.0.6
• 1fc8c66 Merge pull request Bump markdownlint-cli from 0.27.1 to 0.29.0 in /dependencies #217 from coffeelint/dependabot/npm_and_yarn/semantic-release-19.0.5
• e2a4349 chore(deps-dev): bump @ semantic-release/github from 8.0.5 to 8.0.6
• 20589ab chore(deps-dev): bump semantic-release from 19.0.3 to 19.0.5
• 7721349 Merge pull request Bump yoheimuta/protolint from v0.32.0 to v0.35.2 #215 from coffeelint/dependabot/npm_and_yarn/semantic-release/github-8.0.5
• 9db7b9b chore(deps-dev): bump @ semantic-release/github from 8.0.4 to 8.0.5
• 3461e83 chore(deps): bump resolve from 1.22.0 to 1.22.1 (Bump actions/checkout from 2.3.4 to 2.4.0 #214)
• a664715 Merge pull request Bump eslint-plugin-jest from 24.3.6 to 25.2.4 in /dependencies #213 from coffeelint/dependabot/npm_and_yarn/semantic-release-19.0.3
• 7e2ed7b chore(deps-dev): bump semantic-release from 19.0.2 to 19.0.3
• 8ecbaac Merge pull request Bump golangci/golangci-lint from v1.40.1 to v1.43.0 #212 from coffeelint/dependabot/npm_and_yarn/underscore-1.13.4
• f821d88 chore(deps-dev): bump underscore from 1.13.3 to 1.13.4
• 034afa1 chore(deps): bump semver-regex from 3.1.3 to 3.1.4 (Bump koalaman/shellcheck from v0.7.2 to v0.8.0 #211)
• 75167e9 chore(deps): bump npm from 8.4.0 to 8.12.0 ([Snyk] Upgrade eslint-plugin-jest from 24.3.6 to 24.7.0 #210)
• 7502875 chore(release): 5.2.9 [skip ci]
• 5fd34f4 fix(deps): bump yargs from 17.4.1 to 17.5.1 (Bump cfn-lint from 0.49.2 to 0.54.4 in /dependencies #208)
• b51dafc fix(deps): bump glob from 8.0.1 to 8.0.3 ([Snyk] Upgrade typescript from 4.3.2 to 4.4.4 #209)
• dc89c41 chore(release): 5.2.8 [skip ci]

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.