postmanlabs / swagger2-to-postman

Converter for swagger 2.0 JSON to Postman Collection
Apache License 2.0
120 stars 56 forks source link

[Snyk] Security upgrade jshint from 2.9.5 to 2.13.4 #59

Open snyk-bot opened 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 748/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.1
Improper Privilege Management
SNYK-JS-SHELLJS-2332187
No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: jshint The new version differs by 250 commits.
  • 61c868c v2.13.4
  • eb4609a [[FIX]] Remove shelljs
  • b23e125 [[CHORE]] Remove shelljs from internal tooling
  • 56d4a47 [[CHORE]] Use consistent interface for fs ops
  • 33cfc87 [[CHORE]] Migrate from TravisCI to CircleCI
  • a53cc95 [[CHORE]] Update version of package manifest (#3602)
  • 2a842ac v2.13.3
  • 06accfa [[CHORE]] Correct annotation for globals
  • b1426f1 [[FIX]] Recognize ES2020 globals
  • be94b1d [[DOCS]] Remove david-dm badges (#3596)
  • 5608b03 v2.13.2
  • 043f98a [[CHORE]] Add package-lock.json
  • cc1adf6 [[FIX]] Add missing well-known globals (#3582)
  • 057b1c6 [[FIX]] Tolerate keyword in object shorthand
  • ecae54a [[FIX]] Tolerate unterminated nullish coalescing
  • ca06e6a [[FIX]] add URL for node in src/vars.js (#3570)
  • 75e48b7 [[FIX]] change escape-sequence handler for double quotes (\") (#3566)
  • 4a681b9 [[FIX]] Limit "Too many Errors" (E043) to errors only (#3562)
  • fddcd02 v2.13.1
  • 11dc0a6 [[FIX]] Allow optional chaining call as satement
  • 7c890aa [[FIX]] Tolerate dangling NewExpression
  • 71ec395 [[FIX]] Allow invoking result of optional chaining
  • 7bae44b v2.13.0
  • 7c36c81 Merge pull request #3486 from jshint/v2.12.0
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic