Open snyk-bot opened 2 years ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.1
SNYK-JS-SHELLJS-2332187
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: jshint
The new version differs by 59 commits.- 61c868c v2.13.4
- eb4609a [[FIX]] Remove shelljs
- b23e125 [[CHORE]] Remove shelljs from internal tooling
- 56d4a47 [[CHORE]] Use consistent interface for fs ops
- 33cfc87 [[CHORE]] Migrate from TravisCI to CircleCI
- a53cc95 [[CHORE]] Update version of package manifest (#3602)
- 2a842ac v2.13.3
- 06accfa [[CHORE]] Correct annotation for globals
- b1426f1 [[FIX]] Recognize ES2020 globals
- be94b1d [[DOCS]] Remove david-dm badges (#3596)
- 5608b03 v2.13.2
- 043f98a [[CHORE]] Add package-lock.json
- cc1adf6 [[FIX]] Add missing well-known globals (#3582)
- 057b1c6 [[FIX]] Tolerate keyword in object shorthand
- ecae54a [[FIX]] Tolerate unterminated nullish coalescing
- ca06e6a [[FIX]] add URL for node in src/vars.js (#3570)
- 75e48b7 [[FIX]] change escape-sequence handler for double quotes (\") (#3566)
- 4a681b9 [[FIX]] Limit "Too many Errors" (E043) to errors only (#3562)
- fddcd02 v2.13.1
- 11dc0a6 [[FIX]] Allow optional chaining call as satement
- 7c890aa [[FIX]] Tolerate dangling NewExpression
- 71ec395 [[FIX]] Allow invoking result of optional chaining
- 7bae44b v2.13.0
- 7c36c81 Merge pull request #3486 from jshint/v2.12.0
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic