[Snyk] Fix for 1 vulnerabilities
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.
Changes included in this Merge Request
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5 |
Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116 |
Yes | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: yeoman-environment
The new version differs by 250 commits.- af27719 3.0.0
- 554971a Bump yeoman-generator to 5.0.0
- 07f6bed Let the generator calculate it's own id.
- 7278483 3.0.0-rc.1
- 8e089ec Adjusts for backwards compatibility
- d420ab0 Catch error at runGenerator
- 887d32c Drop support for kebab case options.
- f29a2ea Drop arguments from Environment constructor.
- 48e942d Implement experimental cli
- 694583d Change conflicter constructor api.
- 5b88e8a Add progress bar to applyTransform.
- 13ef6d4 Adjusts to package-manager logs.
- bff0e87 Add cwd option to Conflicter
- 2e7195d Empty conflicter queue before continuing.
- 6dccc95 Increase Environment max listeners
- 71b70b1 Fix override every file answer.
- 3cb26e1 Change package-manager logs.
- 3e00c4b Implement support for singleton generator using identifiers.
- fbea0e8 Refactor namespace and import by default.
- 1db8db1 Bump peter-evans/create-pull-request from v3.8.1 to v3.8.2 (#269)
- 8a7ca93 3.0.0-rc.0
- 5a3a4ea Improve createYoResolveTransform
- 9805a00 Fixes to applyTransforms.
- 6923fca Add test for getConflicterStatusForFile
Package name: yeoman-generator
The new version differs by 250 commits.- 5e59844 6.0.0
- 4296f50 6.0.0-rc.6
- b224faa fix typo
- 7f1f8e1 allow to customize queueTransformStream priority
- 0eb085f 6.0.0-rc.5
- 232587e Run own or immediately extended beforeQueue (#1475)
- 1938e71 Bump actions/checkout from 3 to 4 (#1473)
- 2d8b8b1 Bump execa from 7.1.1 to 8.0.1 (#1469)
- 5b729fe Bump read-pkg-up from 9.1.0 to 10.1.0 (#1470)
- 465aea2 6.0.0-rc.4
- df635f1 Fix composeLocallyWithOptions with a factory
- 7e6b0c0 6.0.0-rc.3
- 5291e9c allow to ignore 'This Generator is empty' error
- 454b3ec Bump c8 from 7.13.0 to 8.0.0 (#1457)
- 077c6e9 6.0.0-rc.2
- 02e6785 don't emit error at environment, environment's queueTask to handle failures.
- a75dbf8 6.0.0-rc.1
- 7fa5597 replace lodash with lodash-es
- fbae307 use TestAdapter from @ yeoman/adapter
- 580ba5c add spawn/spawnSync
- 66fd6be bump got package
- 9428e88 Revert "disable spawn-command test due to got package bug."
- 1d2889d make test compatible with environment 4
- 1a11e03 6.0.0-rc.0
Check the changes in this Merge Request to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 
🧐 View latest project report
Learn how to fix vulnerabilities with free interactive lessons: