clite
clite copied to clipboard
[Snyk] Fix for 1 vulnerabilities
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
Vulnerabilities that will be fixed
With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
---|---|---|---|---|
![]() |
696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908 |
Yes | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: update-notifier
The new version differs by 66 commits.- adf7803 4.0.0
- fb5161c Remove the `callback` option (#158)
- 39682de Rename `boxenOpts` option to `boxenOptions`
- bc1721a Avoid showing notification if current version is the latest (#174)
- ccaf686 Update dependencies
- b1525e6 Disable when `NODE_ENV` is `test` (#173)
- bf73119 Fix install command for npm global (#165)
- 592b025 3.0.1
- f8b4e60 Update Travis matrix
- a6d6b49 Update URL to TTY (#163)
- f9d168a Remove object spread to support node >=8.0.0 <8.6.0 (#164)
- 1712928 Tidelift tasks
- 72f83d1 Create funding.yml
- a7bb3ee 3.0.0
- ad8ed1b Suggest yarn when installed with yarn (#132)
- 5f06620 Exit the update check process if it does not respond after 30s (#156)
- 79e89ad Fix failing test (#155)
- c8faa84 Add `distTag` option (#151)
- 14632e4 Add failing test for #153 (#154)
- aafd8a0 Require Node.js 8
- 0d49f51 Add Tidelift mention in the readme
- 8df01b3 Fix docs position of `shouldNotifyInNpmScript` (#143)
- d371834 Docs: isGlobal option does not default to true (#142)
- 5cd6577 2.5.0
Package name: yargs
The new version differs by 250 commits.- a6e67f1 chore(release): 13.2.4
- fc13476 chore: update standard-verison dependency
- bf46813 fix(i18n): rename unclear 'implication failed' to 'missing dependent arguments' (#1317)
- a3a5d05 docs: fix a broken link to MS Terminology Search (#1341)
- b4f8018 build: add .versionrc that hides test/build
- 0c39183 chore(release): 13.2.3
- 08e0746 chore: update deps (#1340)
- 843e939 docs: make `--no-` boolean prefix easier to find in the docs (#1338)
- 84cac07 docs: restore removed changelog of v13.2.0 (#1337)
- b20db65 fix(deps): upgrade cliui for compatibility with latest chalk. (#1330)
- c294d1b test: accept differently formatted output (#1327)
- ac3f10c chore: move .hbs templates into .js to facilitate webpacking (#1320)
- 0295132 fix: address issues with dutch translation (#1316)
- 9f2468e doc: clarify parserConfiguration object structure (#1309)
- e7f2937 chore(release): 13.2.2
- edd0bb5 test: correct test description
- 03a9523 chore: forgoing dropping Node 6 until yargs@14 (#1308)
- 14920d1 docs: remove --save option as it isn't required anymore (#1301)
- 545c7f1 test: slightly reworded one test
- 4375680 chore(release): 13.2.1
- dfcaa68 test: slight edit to test wording
- 3180224 fix: add zsh script to files array
- 0a96394 fix: support options/sub-commands in zsh completion
- 48249a2 chore(release): 13.2.0
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.