Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade @commitlint/cli from 8.1.0 to 8.3.6 #10

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade @commitlint/cli from 8.1.0 to 8.3.6.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 8 versions ahead of your current version.
  • The recommended version was released 7 months ago, on 2021-11-17.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Command Injection
SNYK-JS-LODASHTEMPLATE-1088054
467/1000
Why? Proof of Concept exploit, CVSS 7.2
Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-608086
467/1000
Why? Proof of Concept exploit, CVSS 7.2
Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-567746
467/1000
Why? Proof of Concept exploit, CVSS 7.2
Proof of Concept
Command Injection
SNYK-JS-LODASH-1040724
467/1000
Why? Proof of Concept exploit, CVSS 7.2
Proof of Concept
Prototype Pollution
SNYK-JS-INI-1048974
467/1000
Why? Proof of Concept exploit, CVSS 7.2
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-TRIMOFFNEWLINES-1296850
467/1000
Why? Proof of Concept exploit, CVSS 7.2
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHPARSE-1077067
467/1000
Why? Proof of Concept exploit, CVSS 7.2
Proof of Concept
Prototype Pollution
SNYK-JS-MINIMIST-559764
467/1000
Why? Proof of Concept exploit, CVSS 7.2
Proof of Concept
Prototype Pollution
SNYK-JS-MINIMIST-559764
467/1000
Why? Proof of Concept exploit, CVSS 7.2
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905
467/1000
Why? Proof of Concept exploit, CVSS 7.2
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-HOSTEDGITINFO-1088355
467/1000
Why? Proof of Concept exploit, CVSS 7.2
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-CONVENTIONALCOMMITSPARSER-1766960
467/1000
Why? Proof of Concept exploit, CVSS 7.2
No Known Exploit
Prototype Pollution
SNYK-JS-MINIMIST-2429795
467/1000
Why? Proof of Concept exploit, CVSS 7.2
Proof of Concept
Prototype Pollution
SNYK-JS-MINIMIST-2429795
467/1000
Why? Proof of Concept exploit, CVSS 7.2
Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: @commitlint/cli from @commitlint/cli GitHub release notes
Commit messages
Package name: @commitlint/cli
  • 9ef77c2 v8.3.6
  • 6a82f76 chore: update lock file
  • 1410887 chore: update lodash to 4.17.21 (#2688)
  • b39e1ad v8.3.5
  • 09e9cde chore: update lockfile with updated types dependencies
  • aabc549 fix(is-ignored): move types to dev dependencies (#897)
  • 02b5899 docs: use latest node in travis guide (#871)
  • 5d6bf9a docs: add options parameter for load function (#867)
  • b131a18 fix(resolve-extends): move node types to dev dependencies (#883)
  • 3fce339 v8.3.4
  • 6b3b9a9 fix(commitlint): use new read pkg syntax (#888)
  • 5fd8a69 chore: update dependency @ types/node to v12.11.5 (#838)
  • 8fc4872 chore: update dependency lerna to v3.18.3 (#837)
  • 9a1dd6f v8.3.3
  • 11b920b chore: update dependency conventional-changelog-conventionalcommits to v4.2.1 (#836)
  • 3ed8009 fix(load): add support for non-factory conventional parsers (#839)
  • 0382070 v8.3.2
  • dcc83db chore: pin dependency conventional-changelog-conventionalcommits to 4.1.0 (#829)
  • 489a5f3 chore: update dependency @ types/jest to v24.0.19 (#827)
  • aa4f7c3 chore: update dependency typescript to v3.6.4 (#824)
  • 24b6e55 chore: update lerna monorepo (#823)
  • 84500ff chore: update dependency which to v2 (#814)
  • 572a52c chore: update dependency @ types/node to v12.11.2 (#813)
  • 81c74e7 chore: update dependency cross-env to v6.0.3 (#811)

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant