search

lkytal / quickTask

Task runner and manager extension for VSCode
https://lkytal.github.io/quickTask/
GNU Affero General Public License v3.0
11 stars 7 forks source link

[Snyk] Upgrade json5 from 2.1.1 to 2.2.0 #50

Closed snyk-bot closed 1 year ago

snyk-bot commented 3 years ago

Snyk has created this PR to upgrade json5 from 2.1.1 to 2.2.0.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-MINIMIST-559764		 387/1000
Why? Proof of Concept exploit, CVSS 5.6		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: json5
  • 2.2.0 - 2021-02-01
    • New: Accurate and documented TypeScript declarations are now included. There is no need to install @ types/json5. ([#236], [#244])
  • 2.1.3 - 2020-04-04

    v2.1.3 [code, diff]

    • Fix: An out of memory bug when parsing numbers has been fixed. ([#228], [#229])
  • 2.1.2 - 2020-03-16
    • Fix: Bump minimist to v1.2.5. ([#222])
  • 2.1.1 - 2019-10-02
    • New: package.json and package.json5 include a module property so
      bundlers like webpack, rollup and parcel can take advantage of the ES Module
      build. ([#208])
    • Fix: stringify outputs \0 as \\x00 when followed by a digit. ([#210])
    • Fix: Spelling mistakes have been fixed. ([#196])
from json5 GitHub release notes
Commit messages
Package name: json5
  • 4cf57da 2.2.0
  • a14feb0 docs: update CHANGELOG for v2.2.0
  • 39ad97c docs: update Travis CI badge
  • 4d0560c docs: add missing links to CHANGELOG
  • 3dd26ac feat: add TypeScript delcarations for module files
  • eef0999 feat: add types declaration file with entry in package.json
  • 32bb2cd 2.1.3
  • fde38af Update CHANGELOG for v2.1.3
  • 7399345 Add missing CHANGELOG for v2.1.2
  • 7027fab Merge branch 'master' of github.com:json5/json5
  • f1d3c8a Fix OOM when parsing bare hex number.
  • 661c418 Add test cases for bare number literals, including hex.
  • 4695d69 2.1.2
  • 1e97d03 Merge branch 'master' of github.com:json5/json5
  • 741c77d minimist library updated to the latest version
  • 5c50ef5 Merge branch 'master' of github.com:json5/json5
  • 3511610 README: fixed dead link to json_parse.js
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs