eslint-friendly-formatter
eslint-friendly-formatter copied to clipboard
Published
20 hours ago •
royriojas
royriojas
[Snyk] Security upgrade minimist from 1.2.0 to 1.2.6
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
471/1000 Why? Recently disclosed, Has a fix available, CVSS 3.7 |
Prototype Pollution SNYK-JS-MINIMIST-2429795 |
No | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: minimist
The new version differs by 21 commits.- 7efb22a 1.2.6
- ef88b93 security notice for additional prototype pollution issue
- c2b9819 isConstructorOrProto adapted from PR
- bc8ecee test from prototype pollution PR
- aeb3e27 1.2.5
- 278677b 1.2.4
- 4cf1354 security notice
- 1043d21 additional test for constructor prototype pollution
- 6457d74 1.2.3
- 38a4d1c even more aggressive checks for protocol pollution
- 13c01a5 more failing proto pollution tests
- f34df07 1.2.2
- 67d3722 cleanup
- 63e7ed0 don't assign onto __proto__
- 47acf72 console.dir -> console.log
- 0efed03 failing test for protocol pollution
- 29783cd 1.2.1
- 6be5dae add test
- ac3fc79 fix bad boolean regexp
- 4cf45a2 Merge pull request #63 from lydell/dash-dash-docs-fix
- 5fa440e move the `opts['--']` example back where it belongs
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
