Snyk has created this PR to upgrade yargs from 13.2.4 to 15.3.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Warning: This is a major version upgrade, and may be a breaking change.
The recommended version is 21 versions ahead of your current version.
The recommended version was released 2 months ago, on 2020-03-16.
__proto__ will now be replaced with ___proto___ in parse (#258), patching a potential
prototype pollution vulnerability. This was reported by the Snyk Security Research Team. (63810ca)
Snyk has created this PR to upgrade yargs from 13.2.4 to 15.3.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Warning: This is a major version upgrade, and may be a breaking change.
Release notes
Package name: yargs
Bug Fixes
prototype pollution vulnerability. This was reported by the Snyk Security Research Team. (63810ca)
Features
Bug Fixes
arguments when duplicates are provided
Features
Bug Fixes
Features
Bug Fixes
engines
field (0891d0e)Bug Fixes
Bug Fixes
Features
Parser
fromrequire('yargs/yargs')
(#1477) (1840ba2)Bug Fixes
Miscellaneous Chores
Code Refactoring
chore(release): 14.2.0
chore(release): 14.1.0
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs