Snyk has created this PR to upgrade commander from 12.0.0 to 12.1.0.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **1 version** ahead of your current version.
- The recommended version was released on **23 days ago**.
Release notes Package name: commander
.addHelpOption() as another way of configuring built-in help option (#2006)
.helpCommand() for configuring built-in help command (#2087)
Fixed
Breaking: use non-zero exit code when spawned executable subcommand terminates due to a signal (#2023)
Breaking: check passThroughOptions constraints when using .addCommand and throw if parent command does not have .enablePositionalOptions() enabled (#1937)
Changed
Breaking: Commander 12 requires Node.js v18 or higher (#2027)
Breaking: throw an error if add an option with a flag which is already in use (#2055)
Breaking: throw an error if add a command with name or alias which is already in use (#2059)
Breaking: throw error when calling .storeOptionsAsProperties() after setting an option value (#1928)
replace non-standard JSDoc of @ api private with documented @ private (#1949)
.addHelpCommand() now takes a Command (passing string or boolean still works as before but deprecated) (#2087)
refactor internal implementation of built-in help option (#2006)
refactor internal implementation of built-in help command (#2087)
Deprecated
.addHelpCommand() passing string or boolean (use .helpCommand() or pass a Command) (#2087)
Removed
Breaking: removed default export of a global Command instance from CommonJS (use the named program export instead) (#2017)
Migration Tips
global program
If you are using the deprecated default import of the global Command object, you need to switch to using a named import (or create a new Command).
// const program = require('commander');const{ program }=require('commander');
option and command clashes
A couple of configuration problems now throw an error, which will pick up issues in existing programs:
adding an option which uses the same flag as a previous option
adding a command which uses the same name or alias as a previous command
from commander GitHub release notes
---
> [!IMPORTANT]
>
> - Check the changes in this PR to ensure they won't cause issues with your project.
> - This PR was automatically created by Snyk using the credentials of a real user.
---
**Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs._
**For more information:**
> - š§ [View latest project report](https://app.snyk.io/org/project-portal-agk/project/0c785100-3004-4c6b-91b7-82a3ac1b518b?utm_source=github&utm_medium=referral&page=upgrade-pr)
> - š [Customise PR templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates)
> - š [Adjust upgrade PR settings](https://app.snyk.io/org/project-portal-agk/project/0c785100-3004-4c6b-91b7-82a3ac1b518b/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)
> - š [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/project-portal-agk/project/0c785100-3004-4c6b-91b7-82a3ac1b518b/settings/integration?pkg=commander&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
This PR was automatically created by Snyk using the credentials of a real user.
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)
Snyk has created this PR to upgrade commander from 12.0.0 to 12.1.0.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **1 version** ahead of your current version. - The recommended version was released on **23 days ago**.
Release notes
Package name: commander
Added
node --eval
andnode --print
when call.parse()
with no arguments (#2164)Changed
node:
(#2170)Removed
Added
.addHelpOption()
as another way of configuring built-in help option (#2006).helpCommand()
for configuring built-in help command (#2087)Fixed
passThroughOptions
constraints when using.addCommand
and throw if parent command does not have.enablePositionalOptions()
enabled (#1937)Changed
.storeOptionsAsProperties()
after setting an option value (#1928)@ api private
with documented@ private
(#1949).addHelpCommand()
now takes a Command (passing string or boolean still works as before but deprecated) (#2087)Deprecated
.addHelpCommand()
passing string or boolean (use.helpCommand()
or pass a Command) (#2087)Removed
program
export instead) (#2017)Migration Tips
global program
If you are using the deprecated default import of the global Command object, you need to switch to using a named import (or create a new
Command
).option and command clashes
A couple of configuration problems now throw an error, which will pick up issues in existing programs: