node-bash-obfuscate
node-bash-obfuscate copied to clipboard
[Snyk] Security upgrade yargs from 6.6.0 to 10.0.0
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
---|---|---|---|---|
![]() |
658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795 |
Yes | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: yargs
The new version differs by 98 commits.- 8515e4f docs: nit in CHANGELOG
- 4b8cfa9 docs: slight tweaks to CHANGELOG
- c809cbe chore(release): 10.0.0
- fc13dcd chore: new translations for command API overhaul (#976)
- 7269531 feat: .usage() can now be used to configure a default command (#975)
- 3757194 chore: add id translation to #976 (#986)
- 47b3078 chore: update Dutch Translation (#981)
- 20bb99b feat: replace /bin/bash with file basename (#983)
- 5a9c986 feat(translation): Update pl-PL translations (#985)
- 02cc11d docs: whoops, forgot to call out a breaking change introduced into parse()
- 7e58453 fix: the positional argument parse was clobbering global flag arguments (#984)
- a06b67d chore: update tr.json (#982)
- b2d11b3 chore: add ja translations (#979)
- 1598a7f docs: switch to using .positional() in example (#973)
- 280d0d6 feat: hidden options are now explicitly indicated using "hidden" flag (#962)
- 8c1d7bf fix: less eager help command execution (#972)
- db77c53 chore: switch to find-up from read-pkg-up (#970)
- cb16460 feat: introduce .positional() for configuring positional arguments (#967)
- 3bb8771 fix: config and normalise can be disabled with false (#952)
- c649415 chore(release): 9.1.0
- 7b22203 fix(command): Run default cmd even if the only cmd (#950)
- 74a38b2 feat: multiple usage calls are now collected, not replaced (#958)
- d1b23f3 chore(release): 9.0.1
- ac8088b fix: implications fails only displayed once (#954)
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons: