Skip to content

chore(deps): bump minimist, mkdirp and @nestjs/cli #410

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore(deps): bump minimist, mkdirp and @nestjs/cli #410

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 3, 2023

Bumps minimist to 1.2.8 and updates ancestor dependencies minimist, minimist, mkdirp and @nestjs/cli. These dependencies need to be updated together.

Updates minimist from 1.2.5 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

Fixed

Commits

  • Merge tag 'v0.2.3' a026794
  • [eslint] fix indentation and whitespace 5368ca4
  • [eslint] fix indentation and whitespace e5f5067
  • [eslint] more cleanup 62fde7d
  • [eslint] more cleanup 36ac5d0
  • [meta] add auto-changelog 73923d2
  • [actions] add reusable workflows d80727d
  • [eslint] add eslint; rules to enable later are warnings 48bc06a
  • [eslint] fix indentation 34b0f1c
  • [readme] rename and add badges 5df0fe4
  • [Dev Deps] switch from covert to nyc a48b128
  • [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
  • [meta] create FUNDING.yml; add funding in package.json 3639e0c
  • [meta] use npmignore to autogenerate an npmignore file be2e038
  • Only apps should have lockfiles 282b570
  • isConstructorOrProto adapted from PR ef9153f
  • [Dev Deps] update @ljharb/eslint-config, aud 098873c
  • [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
  • [meta] add safe-publish-latest 4b927de
  • [Tests] add aud in posttest b32d9bd
  • [meta] update repo URLs f9fdfc0
  • [actions] Avoid 0.6 tests due to build failures ba92fe6
  • [Dev Deps] update tape 950eaa7
  • [Dev Deps] add missing npmignore dev dep 3226afa
  • Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits
  • 6901ee2 v1.2.8
  • a026794 Merge tag 'v0.2.3'
  • c0b2661 v0.2.3
  • 63b8fee [Fix] Fix long option followed by single dash (#17)
  • 72239e6 [Tests] Remove duplicate test (#12)
  • 34b0f1c [eslint] fix indentation
  • 3226afa [Dev Deps] add missing npmignore dev dep
  • 098873c [Dev Deps] update @ljharb/eslint-config, aud
  • 9ec4d27 [Fix] Fix long option followed by single dash
  • ba92fe6 [actions] Avoid 0.6 tests due to build failures
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.


Updates minimist from 1.2.0 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

Fixed

Commits

  • Merge tag 'v0.2.3' a026794
  • [eslint] fix indentation and whitespace 5368ca4
  • [eslint] fix indentation and whitespace e5f5067
  • [eslint] more cleanup 62fde7d
  • [eslint] more cleanup 36ac5d0
  • [meta] add auto-changelog 73923d2
  • [actions] add reusable workflows d80727d
  • [eslint] add eslint; rules to enable later are warnings 48bc06a
  • [eslint] fix indentation 34b0f1c
  • [readme] rename and add badges 5df0fe4
  • [Dev Deps] switch from covert to nyc a48b128
  • [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
  • [meta] create FUNDING.yml; add funding in package.json 3639e0c
  • [meta] use npmignore to autogenerate an npmignore file be2e038
  • Only apps should have lockfiles 282b570
  • isConstructorOrProto adapted from PR ef9153f
  • [Dev Deps] update @ljharb/eslint-config, aud 098873c
  • [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
  • [meta] add safe-publish-latest 4b927de
  • [Tests] add aud in posttest b32d9bd
  • [meta] update repo URLs f9fdfc0
  • [actions] Avoid 0.6 tests due to build failures ba92fe6
  • [Dev Deps] update tape 950eaa7
  • [Dev Deps] add missing npmignore dev dep 3226afa
  • Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits
  • 6901ee2 v1.2.8
  • a026794 Merge tag 'v0.2.3'
  • c0b2661 v0.2.3
  • 63b8fee [Fix] Fix long option followed by single dash (#17)
  • 72239e6 [Tests] Remove duplicate test (#12)
  • 34b0f1c [eslint] fix indentation
  • 3226afa [Dev Deps] add missing npmignore dev dep
  • 098873c [Dev Deps] update @ljharb/eslint-config, aud
  • 9ec4d27 [Fix] Fix long option followed by single dash
  • ba92fe6 [actions] Avoid 0.6 tests due to build failures
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.


Updates mkdirp from 0.5.1 to 0.5.5

Commits
Maintainer changes

This version was pushed to npm by isaacs, a new releaser for mkdirp since your current version.


Updates @nestjs/cli from 7.5.1 to 9.2.0

Release notes

Sourced from @​nestjs/cli's releases.

Release 9.2.0

  • Merge pull request #1871 from nestjs/renovate/tsconfig-paths-4.x (555e4604)
  • fix(deps): update dependency tsconfig-paths to v4.1.2 (385edea2)
  • Merge pull request #1913 from nestjs/renovate/npm-http-cache-semantics-vulnerability (371ab8a0)
  • Merge pull request #1912 from nestjs/dependabot/npm_and_yarn/http-cache-semantics-4.1.1 (14751428)
  • deps: upgrade rimraf (3568fbfc)
  • chore(deps): update dependency http-cache-semantics to 4.1.1 [security] (8520ad8d)
  • chore(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 (5b69eb55)
  • Merge pull request #1884 from nestjs/renovate/fork-ts-checker-webpack-plugin-7.x (7874c5bf)
  • Merge pull request #1880 from nestjs/renovate/angular-cli-monorepo (07aa155a)
  • Merge pull request #1867 from nestjs/renovate/npm-json5-vulnerability (ede4471d)
  • Merge pull request #1894 from nestjs/renovate/cimg-node-19.x (ddf3203a)
  • Merge pull request #1908 from nestjs/renovate/typescript-4.x (7e982993)
  • Merge pull request #1879 from zanminkian/zmj-fix (3821f6c2)
  • Merge pull request #1911 from daniel-samson/fix/custom-schematics-in-help (019fa8ad)
  • Merge pull request #1907 from recepkefelii/refactor-collection-factory (1c2319a0)
  • Update lib/schematics/custom.collection.ts (8484742c)
  • Update lib/schematics/custom.collection.ts (b71bfea1)
  • fix: add missing description field (6e164a69)
  • fix: display custom schematics in help (4887baff)
  • fix(deps): update angular-cli monorepo to v15.1.4 (b01ca7a7)
  • chore(deps): update typescript-eslint monorepo to v5.50.0 (166ab302)
  • fix(deps): update dependency typescript to v4.9.5 (053bc51f)
  • refactor: collection-factory create method (7d5cc588)
  • chore(deps): update dependency eslint to v8.33.0 (7e9d1e3a)
  • chore(deps): update dependency jest to v29.4.1 (b928e38b)
  • chore(deps): update node.js to v19.5 (6fd93795)
  • chore(deps): update dependency @​types/jest to v29.4.0 (dcd0a5ae)
  • Merge pull request #1903 from origranot/patch-1 (ea4b1814)
  • chore(license): Updated to 2023 (f166776c)
  • chore(deps): update dependency jest to v29.4.0 (bba28bf7)
  • fix(deps): update dependency fork-ts-checker-webpack-plugin to v7.3.0 (4bfcef0f)
  • fix(watch-compiler): merge compiler options with config file options (2bda3a37)
  • chore(deps): update dependency json5 [security] (b952c963)

Release 9.1.9

  • Merge branch 'axle-h-feat/support-webpack-multi-compiler' (72ef5baf)
  • Merge branch 'master' into feat/support-webpack-multi-compiler (ccccc5ef)
  • chore(deps): update typescript-eslint monorepo to v5.49.0 (00213cf9)
  • chore(deps): update dependency @​types/jest to v29.2.6 (6b7d38aa)
  • chore(deps): update dependency eslint-plugin-import to v2.27.5 (2218f36a)
  • chore(deps): update typescript-eslint monorepo to v5.48.2 (572f54d9)
  • chore(deps): update dependency eslint to v8.32.0 (2bb42a06)
  • chore(deps): update dependency prettier to v2.8.3 (a6335b87)
  • chore(deps): update dependency ts-jest to v29.0.5 (a35b9569)
  • chore(deps): update dependency eslint-plugin-import to v2.27.4 (d6e9e44d)
  • chore(deps): update commitlint monorepo to v17.4.2 (f71974cd)
  • chore(deps): update dependency ts-jest to v29.0.4 (b63796ec)
  • chore(deps): update typescript-eslint monorepo to v5.48.1 (70252ac9)
  • chore(deps): update dependency @​commitlint/cli to v17.4.1 (510e2889)

... (truncated)

Commits
  • 1bfb709 chore(): release v9.2.0
  • 555e460 Merge pull request #1871 from nestjs/renovate/tsconfig-paths-4.x
  • 385edea fix(deps): update dependency tsconfig-paths to v4.1.2
  • 371ab8a Merge pull request #1913 from nestjs/renovate/npm-http-cache-semantics-vulner...
  • 1475142 Merge pull request #1912 from nestjs/dependabot/npm_and_yarn/http-cache-seman...
  • 3568fbf deps: upgrade rimraf
  • 8520ad8 chore(deps): update dependency http-cache-semantics to 4.1.1 [security]
  • 5b69eb5 chore(deps): bump http-cache-semantics from 4.1.0 to 4.1.1
  • 7874c5b Merge pull request #1884 from nestjs/renovate/fork-ts-checker-webpack-plugin-7.x
  • 07aa155 Merge pull request #1880 from nestjs/renovate/angular-cli-monorepo
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump minimist, mkdirp and @nestjs/cli
9126474 
Bumps [minimist](https://github.com/minimistjs/minimist) to 1.2.8 and updates ancestor dependencies [minimist](https://github.com/minimistjs/minimist), [minimist](https://github.com/minimistjs/minimist), [mkdirp](https://github.com/isaacs/node-mkdirp) and [@nestjs/cli](https://github.com/nestjs/nest-cli). These dependencies need to be updated together.


Updates `minimist` from 1.2.5 to 1.2.8
- [Release notes](https://github.com/minimistjs/minimist/releases)
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](minimistjs/minimist@v1.2.5...v1.2.8)

Updates `minimist` from 1.2.0 to 1.2.8
- [Release notes](https://github.com/minimistjs/minimist/releases)
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](minimistjs/minimist@v1.2.5...v1.2.8)

Updates `mkdirp` from 0.5.1 to 0.5.5
- [Release notes](https://github.com/isaacs/node-mkdirp/releases)
- [Changelog](https://github.com/isaacs/node-mkdirp/blob/main/CHANGELOG.md)
- [Commits](isaacs/node-mkdirp@0.5.1...v0.5.5)

Updates `@nestjs/cli` from 7.5.1 to 9.2.0
- [Release notes](https://github.com/nestjs/nest-cli/releases)
- [Changelog](https://github.com/nestjs/nest-cli/blob/master/.release-it.json)
- [Commits](nestjs/nest-cli@7.5.1...9.2.0)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
- dependency-name: minimist
  dependency-type: indirect
- dependency-name: mkdirp
  dependency-type: indirect
- dependency-name: "@nestjs/cli"
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 3, 2023
@guardrails
Copy link

guardrails bot commented Mar 3, 2023

⚠️ We detected 174 security issues in this pull request:

Vulnerable Libraries (174)
Severity Details
High @evocateur/[email protected] (t) upgrade to: >=3.1.0
High @lerna/[email protected] (t) upgrade to: >3.21.0 || 5.5.3
High @lerna/[email protected] (t) upgrade to: >3.21.0 || 5.5.3
High @lerna/[email protected] (t) upgrade to: >3.21.0 || 5.5.3
High @lerna/[email protected] (t) upgrade to: >3.21.0 || 5.5.3
High @lerna/[email protected] (t) upgrade to: >3.21.0 || 5.5.3
High @lerna/[email protected] (t) upgrade to: >3.22.0 || 5.5.3
High @lerna/[email protected] (t) upgrade to: >3.21.0 || 5.5.3
High @lerna/[email protected] (t) upgrade to: >3.21.0 || 5.5.3
High @lerna/[email protected] (t) upgrade to: >3.21.0 || 5.5.3
High @lerna/[email protected] (t) upgrade to: >3.18.5
High @lerna/[email protected] (t) upgrade to: >3.22.1 || 5.5.3 || >6.3.1-beta.4
High @lerna/[email protected] (t) upgrade to: >3.21.0 || 5.5.3
High @lerna/[email protected] (t) upgrade to: >3.22.1 || 5.5.3
High @pm2/[email protected] (t) upgrade to: >2.0.0
High @pm2/[email protected] (t) upgrade to: >0.6.1
High [email protected] (t) upgrade to: >1.0.0-rc.3
High [email protected] (t) upgrade to: >=1.3.2
Medium [email protected] (t) upgrade to: >=6.5.4
Critical [email protected] (t) upgrade to: >=1.1.1
High [email protected] (t) upgrade to: >4.17.1 || >5.0.0-alpha.8
Medium [email protected] (t) upgrade to: >4.0.3
Critical [email protected] (t) upgrade to: >4.7.6
Medium [email protected] (t) upgrade to: >=2.8.9
High [email protected] (t) upgrade to: >=1.0.2 || >=2.2.2
Critical [email protected] (t) upgrade to: >1.4.1 || >2.0.1
Critical [email protected] (t) upgrade to: >3.7.1
Critical [email protected] (t) upgrade to: >=3.0.3
Medium [email protected] (t) upgrade to: >0.5.34
Medium [email protected] (t) upgrade to: >=8.0.1
Medium [email protected] (t) upgrade to: >=1.0.7
High [email protected] (t) upgrade to: >2.0.5
High [email protected] (t) upgrade to: >5.6.3
High [email protected] (t) upgrade to: >=4.8.1
Critical [email protected] (t) upgrade to: >=3.3.1
High [email protected] (t) upgrade to: >=1.0.5
Medium [email protected] (t) upgrade to: >=1.0.3
Critical [email protected] (t) upgrade to: >1.5.8
Medium pkg:npm/[email protected]@1.0.1 (t) upgrade to: 1.0.3
High pkg:npm/[email protected]@2.0.0 (t) upgrade to: 3.0.1,4.0.1
High pkg:npm/[email protected]@2.1.3 (t) - no patch available
High pkg:npm/[email protected]@5.0.0 (t) upgrade to: 6.0.1,5.0.1,4.1.1,3.0.1
High pkg:npm/[email protected]@1.3.5 (t) upgrade to: 1.3.6
High pkg:npm/[email protected]@5.0.1 (t) - no patch available
High pkg:npm/[email protected]@10.2.1 (t) - no patch available
High pkg:npm/[email protected]@2.0.1 (t) - no patch available
Critical pkg:npm/[email protected]@4.17.20 (t) - no patch available
Medium pkg:npm/[email protected]@1.1.0 (t) - no patch available
High pkg:npm/[email protected]@4.0.0-alpha.5 (t) - no patch available
High pkg:npm/[email protected]@2.3.0 (t) - no patch available
N/A pkg:npm/[email protected]@2.8.5 (t) - no patch available
Critical pkg:npm/[email protected]@3.3.0 (t) - no patch available
Low pkg:npm/[email protected]@3.6.6 (t) - no patch available
Medium pkg:npm/[email protected]@6.10.2 (t) upgrade to: 6.12.3
High pkg:npm/[email protected]@4.8.0 (t) - no patch available
Medium pkg:npm/[email protected]@7.2.5 (t) upgrade to: 7.4.6,6.2.2,5.2.3
Medium pkg:npm/[email protected]@2.88.0 (t) - no patch available
N/A pkg:npm/[email protected]@1.10.0 (t) upgrade to: 8.0.1
High pkg:npm/[email protected]@7.0.32 (t) - no patch available
High pkg:npm/[email protected]@4.5.0 (t) - no patch available
Medium pkg:npm/[email protected]@4.0.1 (t) - no patch available
Medium pkg:npm/[email protected]@7.3.1 (t) upgrade to: 7.4.6,6.2.2,5.2.3
High pkg:npm/[email protected]@3.0.0 (t) upgrade to: 6.0.1,5.0.1,4.1.1,3.0.1
High pkg:npm/[email protected]@1.0.4 (t) upgrade to: 1.0.5
Medium pkg:npm/[email protected]@4.14.2 (t) upgrade to: 4.16.5
High pkg:npm/[email protected]@4.7.6 (t) - no patch available
High pkg:npm/[email protected]@5.1.0 (t) upgrade to: 5.1.2
High pkg:npm/[email protected]@2.0.0 (t) upgrade to: 5.1.2
High pkg:npm/[email protected]@4.2.3 (t) - no patch available
Critical pkg:npm/[email protected]@1.2.3 (t) upgrade to: 2.0.3
High pkg:npm/[email protected]@4.0.3 (t) - no patch available
High pkg:npm/[email protected]@1.4.7 (t) - no patch available
Critical pkg:npm/[email protected]@6.5.2 (t) - no patch available
Critical pkg:npm/[email protected]@1.0.0 (t) - no patch available
N/A pkg:npm/[email protected]@4.5.0 (t) - no patch available
Critical pkg:npm/[email protected]@1.0.0 (t) - no patch available
Low pkg:npm/[email protected]@6.5.3 (t) - no patch available
Medium pkg:npm/[email protected]@1.3.1 (t) - no patch available
High pkg:npm/[email protected]@1.0.2 (t) - no patch available
N/A pkg:npm/[email protected]@3.24.3 (t) upgrade to: 4.1.3,4.1.3,4.1.3
Critical pkg:npm/[email protected]@1.4.3 (t) - no patch available
N/A pkg:npm/[email protected]@0.9.0 (t) upgrade to: 0.10.0
High pkg:npm/[email protected]@3.0.2 (t) - no patch available
N/A pkg:npm/[email protected]@8.0.0 (t) - no patch available
High pkg:npm/[email protected]@4.1.0 (t) upgrade to: 6.0.1,5.0.1,4.1.1,3.0.1
High pkg:npm/[email protected]@3.2.1 (t) upgrade to: 3.2.2,4.0.1,5.0.5
Medium pkg:npm/[email protected]@2.7.4 (t) - no patch available
Medium pkg:npm/[email protected]@16.4.0 (t) upgrade to: 16.5.0
N/A pkg:npm/[email protected]@1.21.0 (t) upgrade to: 1.23.0
High pkg:npm/[email protected]@3.9.7 (t) - no patch available
Medium pkg:npm/[email protected]@15.1.1 (t) upgrade to: 16.5.0
High pkg:npm/[email protected]@2.1.3 (t) upgrade to: 2.2.2
Medium pkg:npm/[email protected]@4.4.3 (t) - no patch available
Medium pkg:npm/[email protected]@3.1.5 (t) - no patch available
High pkg:npm/[email protected]@4.4.13 (t) upgrade to: 3.2.2,4.4.14,5.0.6,6.1.1
High pkg:npm/[email protected]@2.0.1 (t) - no patch available
N/A pkg:npm/[email protected]@1.17.1 (t) upgrade to: 1.23.0
N/A pkg:npm/[email protected]@0.0.7 (t) - no patch available
Critical pkg:npm/[email protected]@1.7.2 (t) upgrade to: 1.7.3
High pkg:npm/[email protected]@0.2.0 (t) - no patch available
High pkg:npm/[email protected]@1.5.10 (t) upgrade to: 1.14.7
High pkg:npm/[email protected]@6.0.5 (t) upgrade to: 3.2.3,4.4.15,5.0.7,6.1.2
Medium pkg:npm/[email protected]@6.0.23 (t) upgrade to: 8.2.13,7.0.36
N/A pkg:npm/[email protected]@0.8.4 (t) upgrade to: 0.8.5
Medium pkg:npm/[email protected]@7.2.1 (t) upgrade to: 7.4.6,6.2.2,5.2.3
Critical pkg:npm/[email protected]@0.2.13 (t) - no patch available
Critical pkg:npm/[email protected]@2.0.0 (t) upgrade to: 2.0.3
Medium pkg:npm/[email protected]@6.11.4 (t) - no patch available
N/A pkg:npm/[email protected]@2.6.9 (t) upgrade to: 3.1.0
Critical pkg:npm/[email protected]@1.4.0 (t) upgrade to: 2.0.3
High pkg:npm/[email protected]@3.6.0 (t) - no patch available
High pkg:npm/[email protected]@8.0.0 (t) upgrade to: 6.0.2,7.1.1,8.0.1
High pkg:npm/[email protected]@1.0.0 (t) upgrade to: 3.0.1,4.0.1
Medium pkg:npm/[email protected]@2.2.0 (t) - no patch available
High pkg:npm/[email protected]@4.0.0 (t) upgrade to: 3.2.2,4.0.1,5.0.5
Medium pkg:npm/[email protected]@2.6.11 (t) - no patch available
High pkg:npm/[email protected]@1.0.1 (t) upgrade to: 2.2.2
High pkg:npm/[email protected]@6.1.0 (t) upgrade to: 10.2.7
High pkg:npm/[email protected]@0.21.0 (t) - no patch available
High pkg:npm/[email protected]@1.0.4 (t) upgrade to: 5.0.0,3.0.1
Critical pkg:npm/[email protected]@6.7.0 (t) - no patch available
Critical pkg:npm/[email protected]@1.0.7 (t) upgrade to: 1.1.1,2.0.2
Critical pkg:npm/[email protected]@4.0.1 (t) - no patch available
High pkg:npm/[email protected]@7.0.1 (t) upgrade to: 10.2.7
High pkg:npm/[email protected]@5.0.2 (t) - no patch available
High pkg:npm/[email protected]@6.0.1 (t) upgrade to: 6.0.2,7.1.1,8.0.1
High pkg:npm/[email protected]@1.0.2 (t) upgrade to: 2.0.1
High pkg:npm/[email protected]@3.0.0 (t) upgrade to: 5.0.0,3.0.1
Critical pkg:npm/[email protected]@4.27.3 (t) - no patch available
High pkg:npm/[email protected]@5.1.1 (t) upgrade to: 5.1.2
Medium pkg:npm/[email protected]@11.6.0 (t) - no patch available
Medium pkg:npm/[email protected]@7.0.34 (t) upgrade to: 8.2.13,7.0.36
Medium pkg:npm/[email protected]@4.8.2 (t) upgrade to: 4.16.5
High pkg:npm/[email protected]@5.0.2 (t) - no patch available
High pkg:npm/[email protected]@3.0.4 (t) upgrade to: 3.0.5
Critical pkg:npm/[email protected]@1.0.6 (t) upgrade to: 1.1.0
Medium pkg:npm/[email protected]@4.10.0 (t) upgrade to: 4.16.5
N/A pkg:npm/[email protected]@4.14.3 (t) - no patch available
Medium pkg:npm/[email protected]@1.1.1 (t) upgrade to: 2.0.0
Low pkg:npm/[email protected]@2.6.1 (t) - no patch available
N/A pkg:npm/[email protected]@0.8.3 (t) upgrade to: 0.8.5
High pkg:npm/[email protected]@4.1.0 (t) upgrade to: 4.1.1,4.1.1
Medium pkg:npm/[email protected]@7.0.25 (t) upgrade to: 7.0.36,8.2.10
Critical pkg:npm/[email protected]@0.9.0 (t) - no patch available
Critical pkg:npm/[email protected]@0.2.3 (t) upgrade to: 0.4.0
High pkg:npm/[email protected]@3.3.0 (t) - no patch available
Critical pkg:npm/[email protected]@3.7.2 (t) - no patch available
Medium pkg:npm/[email protected]@16.9.0 (t) - no patch available
Medium pkg:npm/[email protected]@0.19.2 (t) - no patch available
Medium pkg:npm/[email protected]@6.2.1 (t) upgrade to: 7.4.6,6.2.2,5.2.3
High pkg:npm/[email protected]@2.4.1 (t) - no patch available
High pkg:npm/[email protected]@10.8.2 (t) - no patch available
High pkg:npm/[email protected]@2.6.3 (t) upgrade to: 3.2.2,2.6.4
High pkg:npm/[email protected]@2.1.1 (t) upgrade to: 2.2.2
Critical pkg:npm/[email protected]@4.17.1 (t) - no patch available
High pkg:npm/[email protected]@3.1.0 (t) upgrade to: 5.1.2
Critical pkg:npm/[email protected]@2.0.1 (t) - no patch available
Critical pkg:npm/[email protected]@6.9.4 (t) - no patch available
Critical pkg:npm/[email protected]@1.0.1 (t) - no patch available
Medium pkg:npm/[email protected]@10.2.0 (t) - no patch available
Medium pkg:npm/[email protected]@2.88.2 (t) - no patch available
Medium pkg:npm/[email protected]@9.15.10 (t) upgrade to: 9.18.2,10.1.2
High pkg:npm/[email protected]@3.2.0 (t) upgrade to: 3.2.2,2.6.4
Critical pkg:npm/[email protected]@2.0.4 (t) - no patch available
High pkg:npm/[email protected]@3.0.0 (t) upgrade to: 3.0.1,4.0.1
Medium pkg:npm/[email protected]@9.6.0 (t) - no patch available
High pkg:npm/[email protected]@0.5.31 (t) - no patch available
Medium pkg:npm/[email protected]@2.2.4 (t) - no patch available
Medium pkg:npm/[email protected]@3.0.2 (t) - no patch available
High pkg:npm/[email protected]@1.0.6 (t) - no patch available
High pkg:npm/[email protected]@3.8.1 (t) - no patch available
Medium pkg:npm/[email protected]@3.2.2 (t) upgrade to: 3.7.0
Medium pkg:npm/[email protected]@3.6.5 (t) - no patch available
High pkg:npm/[email protected]@0.8.5 (t) - no patch available

More info on how to fix Vulnerable Libraries in JavaScript.

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant