Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

[Snyk] Upgrade npm from 6.2.0 to 6.13.3 #84

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade npm from 6.2.0 to 6.13.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
  • The recommended version is 43 versions ahead of your current version.
  • The recommended version was released 8 days ago, on 2019-12-10.

The recommended version fixes:

Severity Issue
Arbitrary File Overwrite
SNYK-JS-TAR-174125
Arbitrary File Overwrite
SNYK-JS-FSTREAM-174725
Man-in-the-Middle (MitM)
SNYK-JS-HTTPSPROXYAGENT-469131
Arbitrary File Write
SNYK-JS-NPM-537606
Unauthorized File Access
SNYK-JS-NPM-537604
Arbitrary File Write
SNYK-JS-BINLINKS-537610
Unauthorized File Access
SNYK-JS-BINLINKS-537609
Release notes
Package name: npm from npm GitHub release notes
Commit messages
Package name: npm
  • 45482c2 6.13.3
  • 118bc96 docs: changelog for 6.13.3
  • 1743cb3 read-package-json@2.1.1
  • fb4ecd7 pacote@9.5.11
  • 59c836a npm-packlist@1.4.7
  • 19ce061 bin-links@1.1.5
  • 0a0fdff 6.13.2
  • dc0178c update AUTHORS
  • c6ff3ba docs: update changelog for 6.13.2
  • 4429645 makefile: fix docs target typo
  • 4c1b16f chore: Warn the user that it is uninstalling npm-install
  • ae7afe5 fix: Don't log error message if git tagging is disabled
  • 1c65d26 fix(fund): open url for string shorthand
  • e4b9796 shrinkwrap: no need to read package.json when read shrinkwrap
  • 8676429 fix(packageRelativePath): fix 'where' for file deps
  • d480f2c Revert "windows: Add preliminary WSL support for npm and npx"
  • b829d62 6.13.1
  • 464036b update AUTHORS
  • 1d61a3c docs: update changelog for 6.13.1
  • b89423e docs: ignore netlify file
  • 7555a74 docs: add netlify docs website config
  • 3ef295f fix: print quick audit report for human output
  • b150eae docs: package aliases
  • 661d86c make-fetch-happen@5.0.2

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant