aries-framework-go icon indicating copy to clipboard operation
aries-framework-go copied to clipboard

Published 20 hours ago verified publisher icon hyperledger-archives

[Snyk] Upgrade minimist from 1.2.5 to 1.2.8

Open dhh1128 opened this issue 2 years ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade minimist from 1.2.5 to 1.2.8.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 3 versions ahead of your current version.
  • The recommended version was released 6 months ago, on 2023-02-09.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-MINIMIST-2429795		 506/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 3.7		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: minimist from minimist GitHub release notes
Commit messages
Package name: minimist
  • 6901ee2 v1.2.8
  • a026794 Merge tag 'v0.2.3'
  • c0b2661 v0.2.3
  • 63b8fee [Fix] Fix long option followed by single dash (#17)
  • 72239e6 [Tests] Remove duplicate test (#12)
  • 34b0f1c [eslint] fix indentation
  • 3226afa [Dev Deps] add missing `npmignore` dev dep
  • 098873c [Dev Deps] update `@ ljharb/eslint-config`, `aud`
  • 9ec4d27 [Fix] Fix long option followed by single dash
  • ba92fe6 [actions] Avoid 0.6 tests due to build failures
  • 950eaa7 [Dev Deps] update `tape`
  • 4f9bc3e [Fix] opt.string works with multiple aliases (#10)
  • 9c7dc85 [Fix] Fix handling of short option with non-trivial equals
  • 3124ed3 [Dev Deps] update `@ ljharb/eslint-config`, `aud`
  • 5784b17 [Tests] Remove duplicate test
  • 2edc957 [Fix] opt.string works with multiple aliases
  • 62fde7d [eslint] more cleanup
  • 5368ca4 [eslint] fix indentation and whitespace
  • 980d7ac Merge tag 'v0.2.2'
  • 42635cd v0.2.2
  • c590d75 v1.2.7
  • 73923d2 [meta] add `auto-changelog`
  • 0ebf4eb [meta] add `auto-changelog`
  • d80727d [actions] add reusable workflows

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

dhh1128 avatar Aug 17 '23 04:08 dhh1128