Quark-electron [Snyk] Security upgrade chokidar from 2.1.8 to 3.0.0

[Snyk] Security upgrade chokidar from 2.1.8 to 3.0.0

Open Nishkalkashyap opened this issue 3 years ago • 0 comments

merge advice

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: chokidar

The new version differs by 113 commits.

7b8e02a Release 3.0.0.
e7bfe2f Move stuff.
df7f22e Remove changelog from npm, move to hidden dir.
3df7692 Improve naming.
6e94ca2 Clean-up.
2de2f9c test: Add testing of Node.js v12 in Travis pipeline. (#833)
9e0965a Fix Windows tests in Travis CI (#832)
c95a98f Update stuff.
187ff2b test: Trying to fix blinked tests for Travis CI. (#825)
db99076 fix(Windows): Add converting from windows to unix path for all ignored paths. (#824)
41f8782 fix(FsEvents): Remove situation with NaN depth. (#823)
7cf3f7e Update readdirp to stable.
0927a62 Bump packages.
11cd857 Update nyc.
99c14d7 Uncomment fsevents.
cf330a5 Update fsevents.
0e4fca5 Fix deps.
9c575d4 Fix Windows version (#821)
3323d59 fix(Linux): Make event loop hack for keep testing valid. (#820)
06214c5 Update to latest readdirp.
793639f Rename osxfswatch.
078bc2d Refactor and fix freaking tests.
2b9bb41 Try node 11.
3fe3d4e Test travis.

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

Mar 08 '21 02:03 Nishkalkashyap