We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
No modaterate severity vulnerabilities after npm ci command
Update Semver
┌─────────────────────┬────────────────────────────────────────────────────────┐ │ moderate │ semver vulnerable to Regular Expression Denial of Service │ ├─────────────────────┼────────────────────────────────────────────────────────┤ │ Package │ semver │ ├─────────────────────┼────────────────────────────────────────────────────────┤ │ Vulnerable versions │ <7.5.2 │ ├─────────────────────┼────────────────────────────────────────────────────────┤ │ Patched versions │ >=7.5.2 │ ├─────────────────────┼────────────────────────────────────────────────────────┤├─┬ @commitlint/cli@17.7.1 │ ├─┬ @commitlint/lint@17.7.0 │ │ └─┬ @commitlint/is-ignored@17.7.0 │ │ └── semver@7.5.4 deduped │ └─┬ @commitlint/read@17.5.1 │ └─┬ git-raw-commits@2.0.11 │ └─┬ meow@8.1.2 │ ├─┬ normalize-package-data@3.0.3 │ │ └── semver@7.5.4 deduped │ └─┬ read-pkg-up@7.0.1 │ └─┬ read-pkg@5.2.0 │ └─┬ normalize-package-data@2.5.0 │ └── semver@5.7.1 ├─────────────────────┼────────────────────────────────────────────────────────┤ │ More info │ GHSA-c2qf-rxjj-qqgw │ └─────────────────────┴────────────────────────────────────────────────────────┘ 1 vulnerabilities found Severity: 1 moderate
Bug was reported once on Jun 24: #3619 But the newest release 17.7.1 (August) of cli didn't fix this problem.
N/A
No response
commitlint/cli@17.7.1
2.42.0.windows.1
v18.17.1
The text was updated successfully, but these errors were encountered:
Blocked by conventional-changelog/conventional-changelog#1019
Sorry, something went wrong.
Shouldn't it be unblocked by now ? conventional-changelog/conventional-changelog/pull/1071
Afaik we're waiting for this: conventional-changelog/conventional-changelog#1019 (comment)
No branches or pull requests
Expected Behavior
No modaterate severity vulnerabilities after npm ci command
Current Behavior
Update Semver
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ moderate │ semver vulnerable to Regular Expression Denial of Service │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package │ semver │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ <7.5.2 │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions │ >=7.5.2 │
├─────────────────────┼────────────────────────────────────────────────────────┤├─┬ @commitlint/cli@17.7.1
│ ├─┬ @commitlint/lint@17.7.0
│ │ └─┬ @commitlint/is-ignored@17.7.0
│ │ └── semver@7.5.4 deduped
│ └─┬ @commitlint/read@17.5.1
│ └─┬ git-raw-commits@2.0.11
│ └─┬ meow@8.1.2
│ ├─┬ normalize-package-data@3.0.3
│ │ └── semver@7.5.4 deduped
│ └─┬ read-pkg-up@7.0.1
│ └─┬ read-pkg@5.2.0
│ └─┬ normalize-package-data@2.5.0
│ └── semver@5.7.1
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info │ GHSA-c2qf-rxjj-qqgw │
└─────────────────────┴────────────────────────────────────────────────────────┘
1 vulnerabilities found
Severity: 1 moderate
Bug was reported once on Jun 24: #3619
But the newest release 17.7.1 (August) of cli didn't fix this problem.
Affected packages
Possible Solution
N/A
Steps to Reproduce
Context
No response
commitlint --version
commitlint/cli@17.7.1
git --version
2.42.0.windows.1
node --version
v18.17.1
The text was updated successfully, but these errors were encountered: