search

ROhta / bingo_next

GNU General Public License v3.0
0 stars 0 forks source link

[Snyk] Upgrade lint-staged from 13.1.0 to 13.3.0 #478

Closed ROhta closed 3 months ago

ROhta commented 5 months ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade lint-staged from 13.1.0 to 13.3.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **9 versions** ahead of your current version. - The recommended version was released **9 months ago**, on 2023-08-13. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Uncaught Exception
[SNYK-JS-YAML-5458867](https://snyk.io/vuln/SNYK-JS-YAML-5458867) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-WORDWRAP-3149973](https://snyk.io/vuln/SNYK-JS-WORDWRAP-3149973) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: lint-staged
  • 13.3.0 - 2023-08-13

    13.3.0 (2023-08-13)

    Maintainer's note: Version v13.3.0 was incorrectly released including code of version v14.0.0. This means the breaking changes of v14 are also included in v13.3.0, the last v13 version released

    Bug Fixes

    • dependencies: update most dependencies (7443870)
    • detect duplicate redundant braces in pattern (d895aa8)

    Features

    • dependencies: update listr2@6.6.0 (09844ca)
  • 13.2.3 - 2023-06-28

    13.2.3 (2023-06-28)

    Bug Fixes

    • the --diff option implies --no-stash (66a716d)
  • 13.2.2 - 2023-04-26

    13.2.2 (2023-04-26)

    Bug Fixes

  • 13.2.1 - 2023-04-07

    13.2.1 (2023-04-07)

    Bug Fixes

    • ignore "package.json" as config file when it's invalid JSON (#1281) (e7ed6f7)
  • 13.2.0 - 2023-03-10

    13.2.0 (2023-03-10)

    Bug Fixes

    • dependencies: replace colorette with chalk for better color support detection (f598725)
    • use index-based stash references for improved MSYS2 compatibility (#1270) (60fcd99)

    Features

  • 13.1.4 - 2023-03-06
  • 13.1.3 - 2023-03-05
  • 13.1.2 - 2023-02-13

    13.1.2 (2023-02-13)

    Bug Fixes

    • disable stash by default when using diff option (#1259) (142c6f2)
  • 13.1.1 - 2023-02-07

    13.1.1 (2023-02-07)

    Bug Fixes

    • allow re-enabling --stash when using the --diff option (99390c3)
  • 13.1.0 - 2022-12-04

    13.1.0 (2022-12-04)

    Features

    • expose cli entrance from "lint-staged/bin" (#1237) (eabf1d2)
from lint-staged GitHub release notes
Commit messages
Package name: lint-staged
  • f895e97 Merge pull request #1289 from okonet/updates-2023-04-20
  • 217c404 test: move mock to avoid name collision warning from jest-haste-map
  • d895aa8 fix: detect duplicate redundant braces in pattern
  • a7f8f29 test: skip test failing on Windows Node.js ~20.4.0
  • aa65846 refactor: replace "object-inspect" with built-in util
  • 977c15d refactor: use built-in truncation of Listr2
  • 44a4f6c refactor: reimplement "normalize-path"
  • bc2d267 test: add debug
  • f5ea0a2 refactor: use top-level await in bin
  • 5a88548 test: use GitHub Actions' temp dir if available
  • df43922 test: replace `fs-extra` with native `node:fs/promises`
  • 2c903ed chore(dependencies): update all dependencies
  • c4f9838 chore: add script for listing required Node.js versions for dependencies
  • 2ff7220 chore(dependencies): update all dependencies
  • 09844ca feat(dependencies): update `listr2@6.6.0`
  • 26dea68 feat!: drop support for Node.js 14 as it's EOL after 2023-04-30
  • 21f95da ci: run with Node.js 20
  • 7443870 fix(dependencies): update most dependencies
  • 5cead2d docs: Fix configuration link (#1305)
  • 66a716d fix: the `--diff` option implies `--no-stash`
  • cf691aa fix(dependencies): update `yaml@2.2.2` (GHSA-f9xv-q969-pqx4) (#1290)
  • e7ed6f7 fix: ignore "package.json" as config file when it's invalid JSON (#1281)
  • 05fb382 feat: version bump only (#1275)
  • f4351e3 ci: disable workflow for `next` branch
Compare
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/rohta/project/b42e8254-e259-4668-b213-c68c26d4d5c0?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/rohta/project/b42e8254-e259-4668-b213-c68c26d4d5c0/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/rohta/project/b42e8254-e259-4668-b213-c68c26d4d5c0/settings/integration?pkg=lint-staged&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)