retorquere / generator-zotero-plugin

Generate zotero plugin build scaffolding
MIT License
30 stars 7 forks source link

[Snyk] Security upgrade mocha from 9.1.0 to 9.1.2 #18

Closed snyk-bot closed 2 years ago

snyk-bot commented 3 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908
No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: mocha The new version differs by 14 commits.
  • 18a1055 build(v9.1.2): release
  • 011a5a4 fix: regex in 'update-authors.js'
  • 06f3f63 build(v9.1.2): update CHANGELOG [ci skip]
  • a87461c chore(deps): remove 'wide-align' (#4754)
  • c7f56d1 docs: how to use 'rootHooks' in the browser (#4755) [ci skip]
  • 8421974 fix(browser): stop using all global vars in 'browser-entry' (#4746)
  • 27bfc74 docs: add complete '--delay' example (#4744) [ci skip]
  • 4860738 chore(devDeps): update 'eslint' and its plugins (#4737)
  • abfddf8 docs: fix broken table width under 450 screen width (#4734)
  • 97b8470 chore(esm): remove code for Node versions <10 (#4736)
  • 654b5df build(v9.1.1): release
  • a26cca9 build(v9.1.1): update CHANGELOG [ci skip]
  • e975675 chore: update some devDependencies (#4733)
  • 9e0369b fix(parallel): 'XUNIT' and 'JSON' reporter crash (#4623)
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic