Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 1 vulnerabilities #7

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Fix for 1 vulnerabilities #7

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: eslint The new version differs by 250 commits.
  • b7d79b1 7.3.0
  • bf98627 Build: changelog update for 7.3.0
  • 638a6d6 Update: add missing `additionalProperties: false` to some rules' schema (#13198)
  • 949a5cd Update: fix operator-linebreak overrides schema (#13199)
  • 9e1414e New: Add no-promise-executor-return rule (fixes #12640) (#12648)
  • 09cc0a2 Update: max-lines reporting loc improvement (refs #12334) (#13318)
  • ee2fc2e Update: object-property-newline end location (refs #12334) (#13399)
  • d98152a Update: added empty error array check for false negative (#13200)
  • 7fb45cf Fix: clone config before validating (fixes #12592) (#13034)
  • aed46f6 Sponsors: Sync README with website
  • 7686d7f Update: semi-spacing should check do-while statements (#13358)
  • cbd0d00 Update: disallow multiple options in comma-dangle schema (fixes #13165) (#13166)
  • b550330 New: Add no-unreachable-loop rule (fixes #12381) (#12660)
  • 13999d2 Update: curly should check consequent `if` statements (#12947)
  • c42e548 Chore: enable exceptRange option in the yoda rule (#12857)
  • 6cfbd03 Update: Drop @ typescript-eslint/eslint-recommended from `eslint --init` (#13340)
  • 796f269 Chore: update eslint-config-eslint's required node version (#13379)
  • 9d0186e Docs: Fix changelog versions (#13410)
  • 1ee3c42 Docs: On maxEOF with eol-last (fixes #12742) (#13374)
  • 2a21049 Update: key-spacing loc changes for extra space (refs #12334) (#13362)
  • 7ce7988 Chore: Replace the inquirer dependency with enquirer (#13254)
  • 0f1f5ed Docs: Add security policy link to README (#13403)
  • 9e9ba89 Sponsors: Sync README with website
  • ca59fb9 Sponsors: Sync README with website

See the full diff

Package name: husky The new version differs by 20 commits.

See the full diff

Package name: lint-staged The new version differs by 250 commits.
  • 885a644 Merge pull request #852 from okonet/listr2
  • aba3421 fix: all lint-staged output respects the `quiet` option
  • b8df31a fix: do not show incorrect error when verbose and no output
  • eed6198 style: simplify eslint and prettier config
  • b746290 ci: replace Node.js 13 with 14, since 14 will be next LTS
  • 2c6f3ad docs: improve `verbose` description
  • e749a0b test: remove redundant, misbehaving test
  • 16848d8 fix: use test renderer during tests and when TERM=dumb
  • efffa22 test: cover `--verbose` option usage
  • 1b18550 test: restore variable in test output
  • 6aede38 test: add test for error during merge state restoration
  • b565481 test: integration test targets the full Node.js API instead of just `runAll`
  • a3bd9d7 feat: allow specifying `cwd` using the Node.js API
  • 85de3a3 feat: add `--verbose` to show output even when tasks succeed
  • d69c65b fix: log task output after running listr to keep everything
  • e95d1b0 refactor: move skip and enable cheks of listr tasks to separate file
  • 6da7667 refactor: move messages to separate file
  • 6392480 refactor: use symbols for errors
  • 8f32a3e feat: replace listr with listr2 and print errors inline
  • c9adca5 fix: use stash create/store to prevent files from disappearing from disk
  • e093b1d fix(deps): update dependencies
  • 6066b07 fix: pass correct path to unstaged patch during cleanup
  • 0bf1fb0 fix: allow lint-staged to run on empty git repo by disabling backup
  • 1ac6863 Merge pull request #837 from okonet/serial-git-add

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
馃 View latest project report

馃洜 Adjust project settings

馃摎 Read more about Snyk's upgrade and patch logic

@snyk-bot
fix: package.json to reduce vulnerabilities
ccc1f16 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
1 participant
@snyk-bot