mooniker
commented
3 years ago Please merge this so this lib can be used in dev dependencies without tripping security audits. Looks like current version of prettierx is 0.19.0.
Open snyk-bot opened 3 years ago
mooniker
commented
3 years ago Please merge this so this lib can be used in dev dependencies without tripping security audits. Looks like current version of prettierx is 0.19.0.
brockoli
commented
2 years ago Please merge this so this lib can be used in dev dependencies without tripping security audits. Looks like current version of prettierx is 0.19.0.
Really need this security fix in. Are there any active devs left on this project?
Michionlion
commented
2 years ago This will also solve #124, so a merge would be very appreciated! @sheerun are you still maintaining this repository?
Jule-
commented
2 years ago Hello!? @sheerun are you still there?
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Has a fix available, CVSS 7.5
SNYK-JS-TRIM-1017038
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: prettierx
The new version differs by 250 commits.- b48bc5a prettierx: version 0.18.2
- b86fd8b prettierx fix: switch to @ brodybits/remark-parse fork (#598)
- eac7fe4 prettierx chore: update jest -> 27.0.4 --dev
- 9e69934 prettierx: Update rollup -> 2.51.2 - devDependency (#570)
- c141d74 prettierx: Update jest-snapshot-serializer-raw -> 1.2.0 - devDependency (#567)
- 825e21c prettierx: Update execa -> 5.1.1 - devDependency (#562)
- d2b9dae prettierx: Update eslint-plugin-import -> 2.23.4 - devDependency (#560)
- 2197cb4 prettierx: Update eslint-config-prettier -> 8.3.0 - devDependency (#559)
- c0f73fe prettierx test import & export with multiple Babel parsers
- fbbbf98 prettierx test "bracket spacing" with multiple Babel parsers
- 7ccfc64 prettierx test: add CI test on Ubuntu / Node.js 16
- d22e6d2 prettierx chore(yarn.lock): bump ws from 7.4.4 to 7.4.6 (#555)
- dca7708 prettierx: set version to 0.18.2-dev for a patch release
- a81e06d prettierx chore(dev-deps): bump browserslist from 4.16.0 to 4.16.6 (#551)
- a83307d prettierx chore(dev-deps): bump hosted-git-info from 2.8.8 to 2.8.9 (#547)
- bf653b3 prettierx chore(dev-deps): bump handlebars from 4.7.6 to 4.7.7 (#541)
- d381777 prettierx: Update eslint -> 7.28.0 - devDependency (#566)
- f8b0fef prettierx fix(test) re: TS types & balanced formatting
- dbab1e0 prettierx test: TS types & balanced tarnary formatting
- db45234 prettierx: Update ci-info -> 3.2.0 - dependency (#558)
- 9857c22 prettierx: Update find-parent-dir -> 0.3.1 - dependency (#557)
- d4f291e prettierx chore: update cspell - move prettierx entries (#556)
- 45a22db prettierx: Update @ glimmer/syntax -> 0.56.2 - dependency (#527)
- a2f0061 prettierx: start 0.19.0-dev
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic