vue-oop
vue-oop copied to clipboard
Published
20 hours ago •
matrunchyk
matrunchyk
[Snyk] Security upgrade commitlint from 9.1.0 to 18.0.0
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795 |
Yes | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: commitlint
The new version differs by 250 commits.- 3cb6647 v18.0.0
- d766ef9 chore: add info for locally failing travis test
- 5b4aeaf chore!: minimum node version v18 (#3644)
- 75b2a12 v17.8.1
- bcf402c chore: deps (#3700)
- dfa46de build(deps): bump @ babel/traverse from 7.23.0 to 7.23.2 (#3699)
- 786ecb4 v17.8.0
- b058c7c feat: lazy load cosmiconfig-typescript-loader (#3694)
- 0281f55 docs: better description of ignores (#3692)
- 692739f chore: update actions/checkout action to v4 (#3689)
- 4bcb0c6 fix: update dependency cosmiconfig-typescript-loader to v4.4.0 (#3688)
- 58361fa chore: update typescript-eslint monorepo to v6.7.4 (#3686)
- b906c6c chore: update dependency eslint-plugin-jest to v27.4.2 (#3685)
- a841cdf chore: update dependency @ types/yargs to v17.0.28 (#3684)
- 021b5cf chore: update dependency eslint to v8.51.0 (#3683)
- f9d7029 fix: update dependency @ types/tmp to v0.2.4 (#3682)
- 5c6f087 fix: update dependency @ types/fs-extra to v11.0.2 (#3681)
- 99a69e5 chore: update jest monorepo (#3680)
- 1ca56a0 chore: update dependency @ types/yargs to v17.0.26 (#3679)
- 7abb8b8 chore: update dependency @ types/semver to v7.5.3 (#3677)
- 8e30bec fix: chore(container): add pullrequest event to container build workflow trigger
- c31b311 chore: update dependency @ swc/core to v1.3.92 (#3676)
- 876ec06 chore: update dependency @ types/minimist to v1.2.3 (#3675)
- b9464c4 chore: update dependency @ types/git-raw-commits to v2.0.2 (#3673)
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS)
