Skip to content

[Snyk] Fix for 1 vulnerabilities #10

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Fix for 1 vulnerabilities #10

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
medium severity Prototype Pollution
SNYK-JS-MINIMIST-559764		 Yes Proof of Concept
Commit messages
Package name: configstore The new version differs by 9 commits.

See the full diff

Package name: update-notifier The new version differs by 22 commits.
  • d295cf3 2.0.0
  • fda96b6 ES2015ify
  • ac47d69 Improve readme
  • f1de1bf Update dependencies
  • 01fcd25 Bump minimum supported `node` version to `node@4`. (#102)
  • e36671d 1.0.3
  • d66245c Exit process on SIGINT (#98)
  • 384e846 get tests passing on Travis CI with latest xo, etc (#97)
  • b72bf7f 1.0.2
  • c2a9565 Lazy load dependencies (#82)
  • 38aa83a 1.0.1
  • 32b5197 fix opts.defer check (#90)
  • 58ed26e fix XO lint issues
  • bc3ba72 docs: h3 -> h4 for options.boxenOpts (#87)
  • aff41f7 docs: add align: 'center' to default boxenOpts (#86)
  • b7bc767 1.0.0
  • 98aa7bf Add options to customize the notification message (#83)
  • d61bd9b feat: center-align message via boxen@0.6.0 (#84)
  • ff17da4 0.7.0
  • 3cf4614 show message on sigint as well as exit (#75)
  • b1f7dde feat: handle configstore error gracefully (#79)
  • e9d4cab meta tweaks

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

@snyk-bot
fix: package.json to reduce vulnerabilities
2adb521 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot