account-verification-node icon indicating copy to clipboard operation
account-verification-node copied to clipboard

Published 20 hours ago verified publisher icon TwilioDevEd

[Snyk] Security upgrade eslint from 3.19.0 to 7.3.0

Open twilio-product-security opened this issue 4 years ago • 0 comments

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: eslint The new version differs by 250 commits.
  • b7d79b1 7.3.0
  • bf98627 Build: changelog update for 7.3.0
  • 638a6d6 Update: add missing `additionalProperties: false` to some rules' schema (#13198)
  • 949a5cd Update: fix operator-linebreak overrides schema (#13199)
  • 9e1414e New: Add no-promise-executor-return rule (fixes #12640) (#12648)
  • 09cc0a2 Update: max-lines reporting loc improvement (refs #12334) (#13318)
  • ee2fc2e Update: object-property-newline end location (refs #12334) (#13399)
  • d98152a Update: added empty error array check for false negative (#13200)
  • 7fb45cf Fix: clone config before validating (fixes #12592) (#13034)
  • aed46f6 Sponsors: Sync README with website
  • 7686d7f Update: semi-spacing should check do-while statements (#13358)
  • cbd0d00 Update: disallow multiple options in comma-dangle schema (fixes #13165) (#13166)
  • b550330 New: Add no-unreachable-loop rule (fixes #12381) (#12660)
  • 13999d2 Update: curly should check consequent `if` statements (#12947)
  • c42e548 Chore: enable exceptRange option in the yoda rule (#12857)
  • 6cfbd03 Update: Drop @ typescript-eslint/eslint-recommended from `eslint --init` (#13340)
  • 796f269 Chore: update eslint-config-eslint's required node version (#13379)
  • 9d0186e Docs: Fix changelog versions (#13410)
  • 1ee3c42 Docs: On maxEOF with eol-last (fixes #12742) (#13374)
  • 2a21049 Update: key-spacing loc changes for extra space (refs #12334) (#13362)
  • 7ce7988 Chore: Replace the inquirer dependency with enquirer (#13254)
  • 0f1f5ed Docs: Add security policy link to README (#13403)
  • 9e9ba89 Sponsors: Sync README with website
  • ca59fb9 Sponsors: Sync README with website

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

twilio-product-security avatar Sep 13 '21 06:09 twilio-product-security