Skip to content

[Snyk] Security upgrade eslint from 0.24.1 to 1.9.0#10

Open
snyk-bot wants to merge 1 commit intomasterfrom
snyk-fix-ee0066826ca473f1de0df75ee02484e2
Open

[Snyk] Security upgrade eslint from 0.24.1 to 1.9.0#10
snyk-bot wants to merge 1 commit intomasterfrom
snyk-fix-ee0066826ca473f1de0df75ee02484e2

Conversation

@snyk-bot
Copy link

@snyk-bot snyk-bot commented Oct 19, 2022

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 551/1000
Why? Recently disclosed, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-MINIMATCH-3050818		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: eslint The new version differs by 250 commits.
  • 4a115f5 1.9.0
  • 337046c Merge pull request #4351 from eslint/pr4084
  • 28ac028 Update: Make radix accept a "as-needed" option (fixes #4048)
  • e7ea88e Merge pull request #4323 from eslint/issue4302
  • 7af5f56 Merge pull request #4343 from briandela/issue4342
  • 8b7c3a6 Fix: Update the message to include number of lines (fixes #4342)
  • 9bffbfd Merge pull request #4338 from dtinth/docs-semi
  • 163d5a3 Docs: ASI causes problem whether semicolons are used or not
  • 8d8ad2d Merge pull request #4307 from mysticatea/core/npm3
  • 37efece Merge pull request #4330 from eslint/issue4297
  • dd1ca05 Merge pull request #4329 from eslint/issue4321
  • 6a76198 Fix: Fixer to not overlap ranges among fix objects (fixes #4321)
  • 99ad1ca Update: Add default to `max-nested-callbacks` (fixes #4297)
  • 2c9d58b Fix: Check comments in space-in-parens (fixes #4302)
  • f8c1780 Merge pull request #4289 from arv/no-case-declarations
  • e4fed60 Merge pull request #4325 from eslint/issue4324
  • 9e402da Merge pull request #4326 from eslint/issue4313
  • f844640 Update: Add quotes to error messages to improve clarity (fixes #4313)
  • 8e6a5f3 Fix: tests failing due to differences in temporary paths (fixes #4324)
  • 8bfb581 Merge pull request #4312 from eslint/issue4256
  • c079aa8 Merge pull request #4316 from eslint/issue4315
  • 770761f Fix: Make tests compatible with Windows (fixes #4315)
  • d6a9e52 Merge pull request #4306 from eslint/issue4305
  • 1a7ae98 Update: Extract glob and filesystem logic from cli-engine (fixes #4305)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

@snyk-bot
fix: package.json to reduce vulnerabilities
7bc4a8d 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@snyk-bot