typescript-api icon indicating copy to clipboard operation
typescript-api copied to clipboard

Published 20 hours ago verified publisher icon raphaellima8

[Snyk] Security upgrade ts-node from 1.7.3 to 3.2.0

Open snyk-bot opened this issue 4 years ago • 0 comments
trafficstars

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: ts-node The new version differs by 50 commits.
  • d90ffba 3.2.0
  • 2e03f54 fix(package): update chalk to version 2.0.0 (#372)
  • c60d3a7 Export `printError` utility (#376)
  • 3f0d975 Enable debug flag for method call tracking (#377)
  • 394ddb8 Boolean flags inherit from env (#375)
  • 82effb2 Handle possibly undefined diagnostic "start"
  • 9bc3dd8 Remove `preferGlobal` from `package.json`
  • 3ea7458 3.1.0
  • 1cac86b Combine source map with source file output (#368)
  • 61f1c16 Add missing implementations to service host (#366)
  • 28697b1 chore(package): update tslint-config-standard to version 6.0.0 (#354)
  • 125544f 3.0.6
  • ae4b423 Set `cache.contents` (no version) on read request (#347)
  • c18331a 3.0.5
  • 5cf97b1 Add `--inspect-brk` to known flags (#343)
  • 7dfb3e3 Pin node tests at `6.x` (#340)
  • 633d537 chore(package): update chai to version 4.0.1 (#337)
  • b751a56 Define `exports` and improve `getTypeInfo` help (#332)
  • d018300 Update `yn` default option
  • cc3bf22 Expose `_` bin file for consumers to use
  • 01a6be2 3.0.4
  • d5849b4 Enable caching by default for programmatic usage (#323)
  • 1856f71 3.0.3
  • 491ce93 Delete config options after TypeScript parse (#321)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

snyk-bot avatar Sep 18 '21 06:09 snyk-bot