Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
β¨What is Merge Advice?
We check thousands of dependency upgrade pull requests and CI tests every day to see which upgrades were successfully merged. After crunching this data, we give a recommendation on how safe we think the change is for you to merge without causing issues. Learn more, and share your feedback to help improve this feature. π
Changes included in this PR
Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
coveralls
commented
4 years ago
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
β¨What is Merge Advice?
We check thousands of dependency upgrade pull requests and CI tests every day to see which upgrades were successfully merged. After crunching this data, we give a recommendation on how safe we think the change is for you to merge without causing issues. Learn more, and share your feedback to help improve this feature. πChanges included in this PR
Vulnerabilities that will be fixed
With an upgrade:
SNYK-JS-HANDLEBARS-480388
SNYK-JS-HANDLEBARS-534478
SNYK-JS-HANDLEBARS-534988
Commit messages
Package name: handlebars
The new version differs by 64 commits.- c819c8b v4.5.3
- 827c9d0 Update release notes
- f7f05d7 fix: add "no-prototype-builtins" eslint-rule and fix all occurences
- 1988878 fix: add more properties required to be enumerable
- 886ba86 test/chore: add chai/expect and sinon to "runtime"-environment
- 0817dad test: add sinon as global variable to eslint in the specs
- 93516a0 test: add sinon.js for spies, deprecate current assertions
- 93e284e chore: add chai and dirty-chai for better test assertions
- c02b05f fix: use !== 0 instead of != 0
- 8de121d v4.5.2
- 6914090 Update release notes
- d541378 fix: use String(field) in lookup when checking for "constructor"
- c2ac79c test: add fluent API for testing Handlebars
- 7ef8617 v4.5.1
- b75e3e1 Update release notes
- 5e9d17f fix: move "eslint-plugin-compat" to devDependencies
- b24797d v4.5.0
- a243067 Update release notes
- 088e618 chore: add eslint-plugin-compat and eslint-plugin-es5
- 7052e88 Resolve deprecation warning message from eslint while running eslint (#1586)
- b8913fc Add missing types for the Exception class properties (#1583)
- 62ed3c2 Add Handlebars.parseWithoutProcessing (#1584)
- 7fcf9d2 Use objects for hash value tracking
- c76ded8 fix: add guard to if & unless helpers (#1549)
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
π§ View latest project report
π Adjust project settings
π Read more about Snyk's upgrade and patch logic