Open snyk-bot opened 2 years ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-ANSIREGEX-1583908
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: mocha
The new version differs by 250 commits.- 18a1055 build(v9.1.2): release
- 011a5a4 fix: regex in 'update-authors.js'
- 06f3f63 build(v9.1.2): update CHANGELOG [ci skip]
- a87461c chore(deps): remove 'wide-align' (#4754)
- c7f56d1 docs: how to use 'rootHooks' in the browser (#4755) [ci skip]
- 8421974 fix(browser): stop using all global vars in 'browser-entry' (#4746)
- 27bfc74 docs: add complete '--delay' example (#4744) [ci skip]
- 4860738 chore(devDeps): update 'eslint' and its plugins (#4737)
- abfddf8 docs: fix broken table width under 450 screen width (#4734)
- 97b8470 chore(esm): remove code for Node versions <10 (#4736)
- 654b5df build(v9.1.1): release
- a26cca9 build(v9.1.1): update CHANGELOG [ci skip]
- e975675 chore: update some devDependencies (#4733)
- 9e0369b fix(parallel): 'XUNIT' and 'JSON' reporter crash (#4623)
- 014e47a build(v9.1.0): release
- 3a14b28 build(v9.1.0): update CHANGELOG [ci skip]
- 171e211 feat(reporter): add output option to 'JSON' (#4607)
- bbf0c11 feat: add new option 'fail-zero' (#4716)
- 757b85d docs: improve 'grep()' and clarify docs (#4714)
- f19d3ca docs: remove unsupported 'no-timeout' option (#4719) [ci skip]
- 9f82ccb chore(gha): update 'stale.yml' (#4718) [ci skip]
- 09ffc30 Set CSP on karma to prevent 'evalError' regression (#4706)
- 02bf13d Update devDep '@ babel/preset-env' and pin 'regenerator-runtime' (#4707)
- 54a5788 Add new option "node-option" (#4691)
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.