This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
#### Vulnerabilities that will be fixed
##### With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity
:-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------
 | **696/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS) [SNYK-JS-ANSIREGEX-1583908](https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908) | Yes | Proof of Concept
(*) Note that the real score may have changed since the PR was raised.
Commit messagesPackage name: lint-staged
The new version differs by 146 commits.
885a644 Merge pull request #852 from okonet/listr2
aba3421 fix: all lint-staged output respects the `quiet` option
b8df31a fix: do not show incorrect error when verbose and no output
eed6198 style: simplify eslint and prettier config
b746290 ci: replace Node.js 13 with 14, since 14 will be next LTS
6066b07 fix: pass correct path to unstaged patch during cleanup
0bf1fb0 fix: allow lint-staged to run on empty git repo by disabling backup
1ac6863 Merge pull request #837 from okonet/serial-git-add
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project.
------------
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.*
For more information:
🧐 [View latest project report](https://app.snyk.io/org/twilio-47w/project/c754fbf6-2d74-41b1-8577-0c6d1f2f76c7?utm_source=github-enterprise&utm_medium=referral&page=fix-pr)
🛠 [Adjust project settings](https://app.snyk.io/org/twilio-47w/project/c754fbf6-2d74-41b1-8577-0c6d1f2f76c7?utm_source=github-enterprise&utm_medium=referral&page=fix-pr/settings)
📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities)
[//]: # (snyk:metadata:{"prId":"9394a58d-00b2-4b82-930a-d8a48b94562d","prPublicId":"9394a58d-00b2-4b82-930a-d8a48b94562d","dependencies":[{"name":"lint-staged","from":"9.5.0","to":"10.2.0"}],"packageManager":"npm","projectPublicId":"c754fbf6-2d74-41b1-8577-0c6d1f2f76c7","projectUrl":"https://app.snyk.io/org/twilio-47w/project/c754fbf6-2d74-41b1-8577-0c6d1f2f76c7?utm_source=github-enterprise&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-ANSIREGEX-1583908"],"upgrade":["SNYK-JS-ANSIREGEX-1583908"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["updated-fix-title","priorityScore"],"priorityScoreList":[696],"remediationStrategy":"vuln"})
---
**Learn how to fix vulnerabilities with free interactive lessons:**
🦉 [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lesson/redos/?loc=fix-pr)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json - package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **696/1000****Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-ANSIREGEX-1583908](https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908) | Yes | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: lint-staged
The new version differs by 146 commits.- 885a644 Merge pull request #852 from okonet/listr2
- aba3421 fix: all lint-staged output respects the `quiet` option
- b8df31a fix: do not show incorrect error when verbose and no output
- eed6198 style: simplify eslint and prettier config
- b746290 ci: replace Node.js 13 with 14, since 14 will be next LTS
- 2c6f3ad docs: improve `verbose` description
- e749a0b test: remove redundant, misbehaving test
- 16848d8 fix: use test renderer during tests and when TERM=dumb
- efffa22 test: cover `--verbose` option usage
- 1b18550 test: restore variable in test output
- 6aede38 test: add test for error during merge state restoration
- b565481 test: integration test targets the full Node.js API instead of just `runAll`
- a3bd9d7 feat: allow specifying `cwd` using the Node.js API
- 85de3a3 feat: add `--verbose` to show output even when tasks succeed
- d69c65b fix: log task output after running listr to keep everything
- e95d1b0 refactor: move skip and enable cheks of listr tasks to separate file
- 6da7667 refactor: move messages to separate file
- 6392480 refactor: use symbols for errors
- 8f32a3e feat: replace listr with listr2 and print errors inline
- c9adca5 fix: use stash create/store to prevent files from disappearing from disk
- e093b1d fix(deps): update dependencies
- 6066b07 fix: pass correct path to unstaged patch during cleanup
- 0bf1fb0 fix: allow lint-staged to run on empty git repo by disabling backup
- 1ac6863 Merge pull request #837 from okonet/serial-git-add
See the full diff