Xesenix / xes-rx-tween

TweenObservable for rxjs.
MIT License
0 stars 0 forks source link

[Snyk] Security upgrade commitlint from 8.2.0 to 9.0.1 #103

Open snyk-bot opened 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 636/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 6.3
Prototype Pollution
SNYK-JS-LODASH-567746
Yes Proof of Concept
high severity 490/1000
Why? CVSS 9.8
Prototype Pollution
SNYK-JS-LODASH-590103
Yes No Known Exploit
high severity 472/1000
Why? Proof of Concept exploit, CVSS 7.3
Prototype Pollution
SNYK-JS-LODASH-608086
Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: commitlint The new version differs by 160 commits.
  • 7ff3f29 v9.0.1
  • 09afcd6 fix: add missing @babel/runtime dep #1738 (#1754)
  • 341247b v9.0.0 - further gitHead entries
  • 71f0194 v9.0.0
  • 5bb6907 docs(readme): add install husky example (#1699)
  • 0f0f95a chore: update dependency typescript to v3.8.2 (#1002)
  • 890df29 chore: update dependency @types/node to v12.12.28 (#1001)
  • 6c9ab78 chore: update dependency @types/jest to v25.1.3 (#1000)
  • 882e292 chore: update dependency ts-jest to v25.2.1 (#999)
  • c3eb1a7 fix: ignore empty commit messages #615 (#676)
  • 8b394c9 feat(config-conventional): footer/body-max-line (#436)
  • 4443062 feat: add async promise based rules methods into lint (#976)
  • 89168b8 chore: update typescript-eslint monorepo to v2.20.0 (#998)
  • 9d14792 chore: update dependency husky to v4.2.3 (#996)
  • 4ee307a fix: update dependency semver to v7.1.3 (#995)
  • c7cfe37 chore: remove unused configs (#991)
  • 0404c7d chore: update dependency @types/node to v12.12.27 (#994)
  • 34c11b8 fix: incorrect use of when in getForcedCaseFn (#993)
  • 6f80f70 chore: align required globby between packages (#992)
  • f379dcc refactor: replace lodash/omit with spread (#988)
  • d5c601f test: add missing test cases for ensure and is-ignored (#987)
  • ec4af58 docs: update node version support (#986)
  • f74e036 chore: upgrade execa to 3.4.0 (#984)
  • c49a57c feat: passdown argv to lint command (#891)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

coveralls commented 4 years ago

Coverage Status

Coverage remained the same at 100.0% when pulling c69af1315115bc97309e4c91649c51a223ed80b0 on snyk-fix-d20c6449eb9feff71d4644a61a47716c into 68ad57b991898fc88b45e7b901059a4bb7977a6a on master.