search

strongloop / loopback4-example-microservices

Deprecated - please use https://github.com/strongloop/loopback4-example-shopping/tree/master/kubernetes
http://loopback.io
Other
88 stars 28 forks source link

[Snyk] Security upgrade ts-node from 3.3.0 to 8.0.0 #103

Closed snyk-bot closed 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
medium severity Prototype Pollution
SNYK-JS-MINIMIST-559764		 Yes Proof of Concept
Commit messages
Package name: ts-node The new version differs by 101 commits.
  • e6d50ef 8.0.0
  • ea9bad7 Skip loading files at configuration level
  • b39b38d Preserve `execArgv` with `ts-node` arguments (#760)
  • 157bb4c Fix compiler issue with node 6 + latest TypeScript (#761)
  • d9f310e Replace `minimist` with type-safe `arg` (#759)
  • f148008 Add `compiler` option back and use `require.resolve` (#758)
  • abcb13b Remove unused code (#751)
  • d58488b Create `tsconfig.json` for old TypeScript versions (#723)
  • 5ee273e Comments, trailing comma to tests `tsconfig.json`
  • 132e569 Use prettier screenshot (#710)
  • ebe239a Drop old node.js support without `Buffer.from` (#702)
  • b61c745 Remove support for `ts-node` cache output (#701)
  • df1ac1d Disable loading `files` from configuration (#700)
  • 9d15a72 Remove support for custom `compiler` option (#699)
  • 77eff53 Clarify global declarations in README (#698)
  • 3ff4a69 Add missing word to README (#680)
  • ad6183a 7.0.1
  • 6df09a9 Remove `composite` option from configuration (#657)
  • 2017b3a Ignore TypeScript error 2355 in REPL (#645)
  • 743e80f Add documentation for fixing missing types (#627)
  • 55741b6 Note defaults, ignoring `node_modules`, types tip
  • ff8ed42 Use `argv` defaults consistently
  • c692f94 Test custom `typeRoots` support in `tsconfig.json`
  • 6ce7c97 7.0.0
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic