generator-lazy [Snyk] Security upgrade yeoman-generator from 0.20.3 to 0.23.0

[Snyk] Security upgrade yeoman-generator from 0.20.3 to 0.23.0

Open snyk-bot opened this issue 3 years ago • 0 comments

merge advice

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	776/1000 Why? Recently disclosed, Has a fix available, CVSS 9.8	Prototype Pollution SNYK-JS-LODASH-590103	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: yeoman-generator

The new version differs by 54 commits.

7d0aa14 0.23.0
4bdf621 Base#prompt now return a promise
2d90140 Move inquirer to devDeps
ca55109 Bump devDeps and eslint 2.0 settings adjustment
3272f44 Bump some dependencies
3a41fa0 0.22.6
634a9c7 Fix the error thrown from generator is swallowed (#923)
edfa8a0 Fix storage documentation
8e767d4 Add sponsors to Readme
f9575c7 Merge pull request #905 from alefteris/jsdoc-config-fix
b9f7939 Remove non-existent file from JSDoc config
de9d239 Update build file to not account for a root index.js file
da94fe1 0.22.5
3e7d5de Fix index.js location
a0dc44a Remove dotfiles we're not using anymore
961dcdb 0.22.4
995b955 Fix destinationPath not being updated if a .yo-rc.json file is in a parent directory
b913d98 add gitter badge
716d6ca 0.22.3
1b43344 Stop generator process when a task fails
662af8a 0.22.2
5c85ec4 Fix linting error
2b09563 Fix option aliases
8ef880d Normalize option/argument default option name with generator#prompt()

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

Aug 17 '20 05:08 snyk-bot