[Snyk] Security upgrade npm-check-updates from 10.2.5 to 12.0.1 (!5) · Merge requests · Chet Manley / create-node-project

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: npm-check-updates

The new version differs by 250 commits.

3ba8472 12.0.1
950d6df fix: getPeerDependencies uses correct relative path
7d1f93c Don't include deprecated versions when using yarn package manager (#987)
c164b44 buildReadme.js: remove unused variables (#985)
a1de371 Update dependencies (#983)
a765195 package.json: remove the deprecated `preferGlobal`
dc5f3c8 Exclude test files from the npm package
5218266 Update CI config (#980)
e153ab2 12.0.0
017269d Add v12 to CHANGELOG.
6ac57c8 Upgrade node engine in package-lock.
f1d6a2d Build README
7b2b38a 12.0.0-1
e9aa452 Fix upgradeGithubUrl.
be11baa Bump node engine to v12
0a941a5 Remove explicit types field in package.json.
b03d3bb Fix typescript errors.
4a4fdad lint
e466ea9 README
e6d1a9a 12.0.0-0
6b0bd3f Rename VersionDeclaration to VersionSpec.
d8763f1 .ncurc comment
54b797e Use PATH in tests to use local yarn rather than NCU_TESTS. Add missing license fields.
0aea47c Bump dependencies

Check the changes in this Merge Request to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

Learn how to fix vulnerabilities with free interactive lessons:

[Snyk] Security upgrade npm-check-updates from 10.2.5 to 12.0.1