Skip to content

[Snyk] Security upgrade @commitlint/cli from 8.3.5 to 9.1.2

StraightOuttaCrompton requested to merge snyk-fix-c135dc809bebb32c27aafaae3fc12b30 into master

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this Merge Request

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
Warning 
Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
medium severity Prototype Pollution
SNYK-JS-YARGSPARSER-560381 		Yes Proof of Concept
Commit messages
Package name: @commitlint/cli The new version differs by 169 commits.
  • 41d4f58 v9.1.2
  • 935e3cf test(load): increase test timeout to avoid flakiness
  • 0eaee18 docs: correct info regarding modifying npm tags
  • dabdfc9 Refactor/armano cli (#1998)
  • d4f064c chore: update dependency @types/node to v12.12.50 (#1997)
  • 4e830b3 chore: update dependency @types/node to v12.12.48 (#1991)
  • 46a27bf chore: update node.js to >=v8.17.0 (#1990)
  • 94e7211 chore: update dependency @types/jest to v26.0.4 (#1992)
  • 5161307 chore: update typescript-eslint monorepo to v3.6.0 (#1989)
  • be3c3a4 chore: update dependency eslint-plugin-jest to v23.18.0 (#1988)
  • ac54d5c chore: update dependency eslint to v7.4.0 (#1987)
  • a406053 chore: v9.1.1 - further gitHead entries
  • cb565df v9.1.1
  • c8367bf chore: update typescript-eslint monorepo to v3.5.0 (#1983)
  • 90d5804 chore: update dependency @types/lodash to v4.14.157 (#1592)
  • d0f0eb9 fix(load): resolve plugins from extended configs (#1976)
  • 50ae7c1 chore: update dependency eslint-plugin-import to v2.22.0 (#1981)
  • a43c5a3 chore: update dependency @types/semver to v7.3.1 (#1979)
  • 014b82b chore: update dependency @types/jest to v26.0.3 (#1978)
  • cff1979 chore: update dependency eslint-plugin-jest to v23.17.1 (#1975)
  • 0fbbb47 chore: update dependency eslint-plugin-jest to v23.17.0 (#1974)
  • 546ac1b chore: update dependency eslint to v7.3.1 (#1973)
  • f8e1b71 chore: update typescript-eslint monorepo to v3.4.0 (#1972)
  • a58c0fa chore: update dependency ts-jest to v26.1.1 (#1971)

See the full diff

Check the changes in this Merge Request to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Merge request reports