Snyk has created this PR to upgrade yargs from 13.2.4 to 15.3.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Warning: This is a major version upgrade, and may be a breaking change.
The recommended version is 21 versions ahead of your current version.
The recommended version was released 2 months ago, on 2020-03-16.
__proto__ will now be replaced with ___proto___ in parse (#258), patching a potential
prototype pollution vulnerability. This was reported by the Snyk Security Research Team. (63810ca)
Snyk has created this PR to upgrade yargs from 13.2.4 to 15.3.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Warning: This is a major version upgrade, and may be a breaking change.
Release notes
Package name: yargs
-
15.3.1 - 2020-03-16
- __proto__ will now be replaced with ___proto___ in parse (#258), patching a potential
-
15.3.1-beta.0 - 2020-03-12
-
15.3.0 - 2020-03-08
- yargs-parser: introduce single-digit boolean aliases (#1576) (3af7f04)
- add usage for single-digit boolean aliases (#1580) (6014e39)
- address ambiguity between nargs of 1 and requiresArg (#1572) (a5edc32)
-
15.3.0-beta.1 - 2020-03-08
-
15.3.0-beta.0 - 2020-03-02
-
15.2.0 - 2020-03-01
⚠ BREAKING CHANGES
- deps: yargs-parser@17.0.0 no longer implicitly creates arrays out of boolean
- completion: takes negated flags into account when boolean-negation is set (#1509) (7293ad5)
- deps: pull in yargs-parser@17.0.0 (#1553) (b9409da)
- deprecateOption (#1559) (8aae333)
- display appropriate $0 for electron apps (#1536) (d0e4379)
- introduces strictCommands() subset of strict mode (#1540) (1d4cca3)
- deps: yargs-parser with 'greedy-array' configuration (#1569) (a03a320)
- help always displayed for the first command parsed having an async handler (#1535) (d585b30)
- deps: fix enumeration for normalized path arguments (#1567) (0b5b1b0)
- locales: only translate default option group name (acc16de)
- locales: remove extra space in French for 'default' (#1564) (ecfc2c4)
- translations: add French translation for unknown command (#1563) (18b0b75)
- translations: fix pluralization in error messages. (#1557) (94fa38c)
- yargs: correct support of bundled electron apps (#1554) (a0b61ac)
-
15.2.0-beta.2 - 2020-03-01
-
15.2.0-beta.1 - 2020-02-29
-
15.2.0-beta.0 - 2020-02-24
-
15.1.0 - 2020-01-02
- lang: add Finnish localization (language code fi) (222c8fe)
- complete short options with a single dash (#1507) (99011ab)
- onFinishCommand handler (#1473) (fe380cd)
- getCompletion() was not working for options (#1495) (463feb2)
- misspelling of package.json
- populate positionals when unknown-options-as-args is set (#1508) (bb0f2eb), closes #1444
- show 2 dashes on help for single digit option key or alias (#1493) (63b3dd3)
- docs: use recommended cjs import syntax for ts examples (#1513) (f9a18bf)
-
15.0.2 - 2019-11-19
- temporary fix for libraries that call Object.freeze() (#1483) (99c2dc8)
-
15.0.1 - 2019-11-16
- deps: cliui, find-up, and string-width, all drop Node 6 support (#1479) (6a9ebe2)
-
15.0.0 - 2019-11-10
⚠ BREAKING CHANGES
- deps: yargs-parser now throws on invalid combinations of config (#1470)
- yargs-parser@16.0.0 drops support for Node 6
- drop Node 6 support (#1461)
- remove package.json-based parserConfiguration (#1460)
- deps: yargs-parser now throws on invalid combinations of config (#1470) (c10c38c)
- expose
- docs: TypeScript import to prevent a future major release warning (#1441) (b1b156a)
- stop-parse was not being respected by commands (#1459) (12c82e6)
- update to yargs-parser with fix for array default values (#1463) (ebee59d)
- docs: update boolean description and examples in docs (#1474) (afd5b48)
- drop Node 6 support (#1461) (2ba8ce0)
- remove package.json-based parserConfiguration (#1460) (0d3642b)
-
14.2.3 - 2020-03-13
-
14.2.2 - 2019-11-19
-
14.2.1 - 2019-10-30
-
14.2.0 - 2019-10-07
-
14.1.0 - 2019-09-06
-
14.0.0 - 2019-07-30
-
13.3.2 - 2020-03-13
-
13.3.0 - 2019-06-10
-
13.2.4 - 2019-05-13
from yargs GitHub release notesBug Fixes
prototype pollution vulnerability. This was reported by the Snyk Security Research Team. (63810ca)
Features
Bug Fixes
arguments when duplicates are provided
Features
Bug Fixes
Features
Bug Fixes
enginesfield (0891d0e)Bug Fixes
Bug Fixes
Features
Parserfromrequire('yargs/yargs')(#1477) (1840ba2)Bug Fixes
Miscellaneous Chores
Code Refactoring
chore(release): 14.2.0
chore(release): 14.1.0
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs