[Snyk] Upgrade lcov-result-merger from 3.3.0 to 4.0.0

Open hakatashi opened this issue 3 years ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade lcov-result-merger from 3.3.0 to 4.0.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

The recommended version is 1 version ahead of your current version.
The recommended version was released 2 days ago, on 2022-11-24.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: lcov-result-merger

4.0.0 - 2022-11-24
What's Changed
- Replace vinyl fs by fast glob by @ hugobessa in #50
New Contributors
- @ hugobessa made their first contribution in #50
Full Changelog: v3.3.0...v4.0.0

What's Changed
- Replace vinyl fs by fast glob by @ hugobessa in #50
- Bugfix/lcov input file ordering by @ mdeanjones in #52
New Contributors
- @ hugobessa made their first contribution in #50
Full Changelog: v3.3.0...v4.0.0
3.3.0 - 2022-06-21
What's Changed
- Support node/lts by @ 9renpoto in #46
- feat: add prepend-source-files config flag by @ mdeanjones in #47
New Contributors
- @ 9renpoto made their first contribution in #46
- @ mdeanjones made their first contribution in #47
Full Changelog: v3.1.0...v3.3.0