-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Snyk] Upgrade: , , , ajv, glob, eslint, minimist, handlebars, jsdom, katex, moment, prettier, winston, yargs, workbox-cli #523
base: master
Are you sure you want to change the base?
Conversation
Snyk has created this PR to upgrade: - @babel/cli from 7.20.7 to 7.24.8. See this package in npm: https://www.npmjs.com/package/@babel/cli - @babel/core from 7.20.12 to 7.25.2. See this package in npm: https://www.npmjs.com/package/@babel/core - @types/shelljs from 0.8.11 to 0.8.15. See this package in npm: https://www.npmjs.com/package/@types/shelljs - ajv from 8.12.0 to 8.17.1. See this package in npm: https://www.npmjs.com/package/ajv - glob from 7.1.6 to 7.2.3. See this package in npm: https://www.npmjs.com/package/glob - eslint from 8.31.0 to 8.57.0. See this package in npm: https://www.npmjs.com/package/eslint - minimist from 1.2.7 to 1.2.8. See this package in npm: https://www.npmjs.com/package/minimist - handlebars from 4.7.7 to 4.7.8. See this package in npm: https://www.npmjs.com/package/handlebars - jsdom from 16.4.0 to 16.7.0. See this package in npm: https://www.npmjs.com/package/jsdom - katex from 0.16.4 to 0.16.11. See this package in npm: https://www.npmjs.com/package/katex - moment from 2.29.4 to 2.30.1. See this package in npm: https://www.npmjs.com/package/moment - prettier from 2.8.2 to 2.8.8. See this package in npm: https://www.npmjs.com/package/prettier - winston from 3.8.2 to 3.14.2. See this package in npm: https://www.npmjs.com/package/winston - yargs from 17.6.2 to 17.7.2. See this package in npm: https://www.npmjs.com/package/yargs - workbox-cli from 7.0.0 to 7.1.0. See this package in npm: https://www.npmjs.com/package/workbox-cli See this project in Snyk: https://app.snyk.io/org/anushasalian/project/e53fa273-8fc4-48d3-8bdf-56886cf7f09b?utm_source=github&utm_medium=referral&page=upgrade-pr
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
package-lock.json
@@ -5,38 +5,38 @@ | |||
"buildexp": "npm-wrapper.js" | |||
}, | |||
"dependencies": { | |||
"@babel/cli": "^7.12.16", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
12.16
@@ -5,38 +5,38 @@ | |||
"buildexp": "npm-wrapper.js" | |||
}, | |||
"dependencies": { | |||
"@babel/cli": "^7.12.16", | |||
"@babel/core": "^7.12.16", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
12.16
@@ -5,38 +5,38 @@ | |||
"buildexp": "npm-wrapper.js" | |||
}, | |||
"dependencies": { | |||
"@babel/cli": "^7.12.16", | |||
"@babel/core": "^7.12.16", | |||
"@babel/cli": "^7.24.8", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
24.8
"@babel/cli": "^7.12.16", | ||
"@babel/core": "^7.12.16", | ||
"@babel/cli": "^7.24.8", | ||
"@babel/core": "^7.25.2", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
25.2
"@babel/plugin-proposal-class-properties": "^7.12.13", | ||
"@types/shelljs": "^0.8.8", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
8
"rsync": "^0.6.1", | ||
"shelljs": "^0.8.5", | ||
"simple-git": "^2.31.0", | ||
"vlabs-buildexp": "^3.1.6", | ||
"winston": "^3.8.2", | ||
"workbox-cli": "^7.0.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
0
"rsync": "^0.6.1", | ||
"shelljs": "^0.8.5", | ||
"simple-git": "^2.31.0", | ||
"vlabs-buildexp": "^3.1.6", | ||
"winston": "^3.8.2", | ||
"workbox-cli": "^7.0.0", | ||
"yargs": "^17.0.1" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
0.1
"winston": "^3.8.2", | ||
"workbox-cli": "^7.0.0", | ||
"yargs": "^17.0.1" | ||
"winston": "^3.14.2", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
14
"workbox-cli": "^7.0.0", | ||
"yargs": "^17.0.1" | ||
"winston": "^3.14.2", | ||
"workbox-cli": "^7.1.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
1
"yargs": "^17.0.1" | ||
"winston": "^3.14.2", | ||
"workbox-cli": "^7.1.0", | ||
"yargs": "^17.7.2" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
7.2
Snyk has created this PR to upgrade multiple dependencies.
👯♂ The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
@babel/cli
from 7.20.7 to 7.24.8 | 20 versions ahead of your current version | 2 months ago
on 2024-07-11
@babel/core
from 7.20.12 to 7.25.2 | 41 versions ahead of your current version | a month ago
on 2024-07-30
@types/shelljs
from 0.8.11 to 0.8.15 | 4 versions ahead of your current version | 10 months ago
on 2023-11-07
ajv
from 8.12.0 to 8.17.1 | 5 versions ahead of your current version | 2 months ago
on 2024-07-12
glob
from 7.1.6 to 7.2.3 | 4 versions ahead of your current version | 2 years ago
on 2022-05-15
eslint
from 8.31.0 to 8.57.0 | 26 versions ahead of your current version | 7 months ago
on 2024-02-23
minimist
from 1.2.7 to 1.2.8 | 1 version ahead of your current version | 2 years ago
on 2023-02-09
handlebars
from 4.7.7 to 4.7.8 | 1 version ahead of your current version | a year ago
on 2023-08-01
jsdom
from 16.4.0 to 16.7.0 | 6 versions ahead of your current version | 3 years ago
on 2021-08-01
katex
from 0.16.4 to 0.16.11 | 7 versions ahead of your current version | 2 months ago
on 2024-07-02
moment
from 2.29.4 to 2.30.1 | 2 versions ahead of your current version | 8 months ago
on 2023-12-27
prettier
from 2.8.2 to 2.8.8 | 6 versions ahead of your current version | a year ago
on 2023-04-23
winston
from 3.8.2 to 3.14.2 | 10 versions ahead of your current version | a month ago
on 2024-08-14
yargs
from 17.6.2 to 17.7.2 | 3 versions ahead of your current version | a year ago
on 2023-04-27
workbox-cli
from 7.0.0 to 7.1.0 | 1 version ahead of your current version | 5 months ago
on 2024-04-23
Issues fixed by the recommended upgrade:
SNYK-JS-TOUGHCOOKIE-5672873
SNYK-JS-TOUGHCOOKIE-5672873
SNYK-JS-KATEX-6483836
SNYK-JS-REQUEST-3361831
SNYK-JS-SERIALIZEJAVASCRIPT-6147607
SNYK-JS-EJS-6689533
SNYK-JS-KATEX-6483831
SNYK-JS-KATEX-6483834
SNYK-JS-KATEX-6483835
SNYK-JS-WORDWRAP-3149973
SNYK-JS-BABELTRAVERSE-5962462
Release notes
Package name: @babel/cli
v7.24.8 (2024-07-11)
Thanks @ H0onnn, @ jkup and @ SreeXD for your first pull requests!
👓 Spec Compliance
babel-parser
declare
(@ liuxingbaoyu)🐛 Bug Fix
babel-generator
in
infor
heads (@ nicolo-ribaudo)await using
(@ nicolo-ribaudo)babel-parser
using
declarations (@ H0onnn).value: undefined
to regexp literals (@ liuxingbaoyu)babel-types
ObjectTypeInternalSlot
visitor keys (@ nicolo-ribaudo)babel-plugin-transform-typescript
export import x =
(@ liuxingbaoyu)💅 Polish
babel-generator
async
infor await
(@ nicolo-ribaudo)babel-traverse
Scope.globals
multiple times (@ liuxingbaoyu)Committers: 9
v7.24.7 (2024-06-05)
🐛 Bug Fix
babel-node
babel-traverse
constantViolations
with destructuring (@ liuxingbaoyu)babel-helper-transform-fixture-test-runner
,babel-plugin-proposal-explicit-resource-management
using
inswitch
correctly (@ liuxingbaoyu)🏠 Internal
babel-helpers
,babel-runtime-corejs2
,babel-runtime-corejs3
,babel-runtime
Committers: 7
v7.24.6 (2024-05-24)
Thanks @ amjed-98, @ blakewilson, @ coelhucas, and @ SukkaW for your first PRs!
🐛 Bug Fix
babel-helper-create-class-features-plugin
,babel-plugin-transform-class-properties
babel-core
,babel-generator
,babel-plugin-transform-modules-commonjs
babel-helper-create-class-features-plugin
,babel-plugin-proposal-decorators
babel-helpers
,babel-plugin-proposal-decorators
,babel-runtime-corejs3
babel-parser
,babel-plugin-transform-typescript
cls.fn<C> = x
(@ liuxingbaoyu)🏠 Internal
babel-core
,babel-helpers
,babel-plugin-transform-runtime
,babel-preset-env
,babel-runtime-corejs2
,babel-runtime-corejs3
,babel-runtime
babel-helpers
tsconfig.json
for@ babel/helpers/src/helpers
(@ nicolo-ribaudo)babel-cli
,babel-helpers
,babel-plugin-external-helpers
,babel-plugin-proposal-decorators
,babel-plugin-transform-class-properties
,babel-plugin-transform-modules-commonjs
,babel-plugin-transform-modules-systemjs
,babel-plugin-transform-runtime
,babel-preset-env
,babel-runtime-corejs2
,babel-runtime-corejs3
,babel-runtime
babel-parser
,babel-traverse
Committers: 9
v7.24.5 (2024-04-29)
Thanks @ romgrk and @ sossost for your first PRs!
🐛 Bug Fix
babel-plugin-transform-classes
,babel-traverse
babel-helpers
,babel-plugin-proposal-explicit-resource-management
,babel-runtime-corejs3
💅 Polish
babel-parser
using
declaration (@ JLHwung)🏠 Internal
babel-parser
@ babel/parser
AST types (@ nicolo-ribaudo).startNode
(@ nicolo-ribaudo)babel-helper-create-class-features-plugin
,babel-helper-member-expression-to-functions
,babel-helper-module-transforms
,babel-helper-split-export-declaration
,babel-helper-wrap-function
,babel-helpers
,babel-plugin-bugfix-firefox-class-in-computed-class-key
,babel-plugin-proposal-explicit-resource-management
,babel-plugin-transform-block-scoping
,babel-plugin-transform-destructuring
,babel-plugin-transform-object-rest-spread
,babel-plugin-transform-optional-chaining
,babel-plugin-transform-parameters
,babel-plugin-transform-private-property-in-object
,babel-plugin-transform-react-jsx-self
,babel-plugin-transform-typeof-symbol
,babel-plugin-transform-typescript
,babel-traverse
NodePath<T | U>
distributive (@ nicolo-ribaudo)babel-plugin-proposal-partial-application
,babel-types
JSXNamespacedName
from validCallExpression
args (@ nicolo-ribaudo)babel-plugin-transform-class-properties
,babel-preset-env
🏃♀️ Performance
babel-helpers
,babel-preset-env
,babel-runtime-corejs3
objectWithoutPropertiesLoose
on V8 (@ romgrk)Committers: 6
Package name: @babel/core
v7.25.2 (2024-07-30)
🐛 Bug Fix
babel-core
,babel-traverse
requeueComputedKeyAndDecorators
is available (@ nicolo-ribaudo)Committers: 2
v7.24.9 (2024-07-15)
🐛 Bug Fix
babel-core
,babel-standalone
require()
call in@ babel/standalone
bundle (@ nicolo-ribaudo)babel-types
💅 Polish
babel-generator
,babel-plugin-transform-optional-chaining
as
/satisfies
(@ nicolo-ribaudo)🏠 Internal
babel-helper-module-transforms
Committers: 5
Package name: @types/shelljs
Package name: ajv
What's Changed
Full Changelog: v8.17.0...v8.17.1
Plus everything in 8.17.0 which failed to release
The only functional change is to switch from uri-js (which is no longer supported), to fast-uri. This is the second attempt and the team on fast-uri have been really helpful addressing the issues we found last time.
Revert "Revert fast-uri change (#2444)" by @ gurgunday in #2448
fix: ignore new eslint error for @ typescript-eslint/no-extraneous-class by @ jasoniangreen in #2455
docs: clarify behaviour of addVocabulary by @ jasoniangreen in #2454
docs: refactor to improve legibility by @ blottn in #2432
Fix grammatical typo in managing-schemas.md by @ wetneb in #2305
docs: Fix broken strict-mode link by @ alexanderjsx in #2459
feat: add test for encoded refs and bump fast-uri by @ jasoniangreen in #2449
fix: changes for @ typescript-eslint/array-type rule by @ jasoniangreen in #2467
fixes #2217 - clarify custom keyword naming by @ jasoniangreen in #2457
What's Changed
Full Changelog: v8.15.0...v8.16.0
What's Changed
uri-js
withfast-uri
by @ vixalien in #2415New Contributors
Full Changelog: v8.14.0...v8.15.0
What's Changed
New Contributors
Full Changelog: v8.13.0...v8.14.0
Package name: glob
7.2.3
7.2.2
7.2.0
7.1.7
7.1.6
Package name: eslint
Features
1120b9b
feat: Add loadESLint() API method for v8 (#18098) (Nicholas C. Zakas)dca7d0f
feat: Enableeslint.config.mjs
andeslint.config.cjs
(#18066) (Nitin Kumar)Bug Fixes
2196d97
fix: handle absolute file paths inFlatRuleTester
(#18064) (Nitin Kumar)69dd1d1
fix: Ensure config keys are printed for config errors (#18067) (Nitin Kumar)9852a31
fix: deep merge behavior in flat config (#18065) (Nitin Kumar)4c7e9b0
fix: allow circular references in config (#18056) (Milos Djermanovic)Documentation
84922d0
docs: Show prerelease version in dropdown (#18139) (Nicholas C. Zakas)5b8c363
docs: Switch to Ethical Ads (#18117) (Milos Djermanovic)77dbfd9
docs: show NEXT in version selectors (#18052) (Milos Djermanovic)Chores
1813aec
chore: upgrade @ eslint/[email protected] (#18143) (Milos Djermanovic)5c356bb
chore: package.json update for @ eslint/js release (Jenkins)f4a1fe2
test: add more tests for ignoring files and directories (#18068) (Nitin Kumar)42c0aef
ci: Enable CI forv8.x
branch (#18047) (Milos Djermanovic)Features
0dd9704
feat: Support custom severity when reporting unused disable directives (#17212) (Bryan Mishkin)31a7e3f
feat: fix no-restricted-properties false negatives with unknown objects (#17818) (Arka Pratim Chaudhuri)Bug Fixes
7d5e5f6
fix:TypeError: fs.exists is not a function
on read-only file system (#17846) (Francesco Trotta)74739c8
fix: suggestion with invalid syntax in no-promise-executor-return rule (#17812) (Bryan Mishkin)Documentation
9007719
docs: update link in ways-to-extend.md (#17839) (Amel SELMANE)3a22236
docs: Update README (GitHub Actions Bot)54c3ca6
docs: fix migration-guide example (#17829) (Tanuj Kanti)4391b71
docs: check config comments in rule examples (#17815) (Francesco Trotta)fd28363
docs: remove mention about ESLint stylistic rules in readme (#17810) (Zwyx)48ed5a6
docs: Update README (GitHub Actions Bot)Chores
ba6af85
chore: upgrade @ eslint/[email protected] (#17864) (Milos Djermanovic)