tiny-care-terminal icon indicating copy to clipboard operation
tiny-care-terminal copied to clipboard

Published 20 hours ago verified publisher icon notwaldorf

[Snyk] Upgrade blessed-contrib from 4.8.19 to 4.11.0

Open snyk-bot opened this issue 1 year ago • 0 comments

Snyk has created this PR to upgrade blessed-contrib from 4.8.19 to 4.11.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 6 versions ahead of your current version.
  • The recommended version was released a year ago, on 2022-02-17.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MARKED-2342073		 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MARKED-2342082		 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MARKED-584281		 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: blessed-contrib
  • 4.11.0 - 2022-02-17
  • 4.10.1 - 2021-07-30
  • 4.10.0 - 2021-06-29
  • 4.9.0 - 2021-06-18
  • 4.8.21 - 2021-01-09
  • 4.8.20 - 2020-05-03
  • 4.8.19 - 2020-02-26
from blessed-contrib GitHub release notes
Commit messages
Package name: blessed-contrib
  • ecd48d9 fix: upgrade to marked@4 fixing security issues
  • 410c6d7 4.10.1
  • aeb95f9 fix(tree): add type declaration (#216)
  • d981f1f fix(tree): now passes selectFg and selectBg options in tree, to list. (#196)
  • 2ea98c6 feat: add support for displaying arbitrary numbers in donuts core text (#214)
  • 48ef9c9 4.9.0
  • e8eb98a fix: update deps
  • df3b782 4.8.21
  • 0414fd7 fix(sparkline): incorrect types for `setData` (#206)
  • 6fc04e2 Merge remote-tracking branch 'upstream/master'
  • 55d4ad6 4.8.20
  • 92dd7e1 fix(table): add mouse option in table widget (#191)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

snyk-bot avatar Jun 05 '23 16:06 snyk-bot