Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade yeoman-generator from 0.18.10 to 0.23.0 #8

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade yeoman-generator from 0.18.10 to 0.23.0 #8

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 758/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.3		 Prototype Pollution
SNYK-JS-LODASH-608086		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: yeoman-generator The new version differs by 110 commits.
  • 7d0aa14 0.23.0
  • 4bdf621 Base#prompt now return a promise
  • 2d90140 Move inquirer to devDeps
  • ca55109 Bump devDeps and eslint 2.0 settings adjustment
  • 3272f44 Bump some dependencies
  • 3a41fa0 0.22.6
  • 634a9c7 Fix the error thrown from generator is swallowed (#923)
  • edfa8a0 Fix storage documentation
  • 8e767d4 Add sponsors to Readme
  • f9575c7 Merge pull request #905 from alefteris/jsdoc-config-fix
  • b9f7939 Remove non-existent file from JSDoc config
  • de9d239 Update build file to not account for a root index.js file
  • da94fe1 0.22.5
  • 3e7d5de Fix index.js location
  • a0dc44a Remove dotfiles we're not using anymore
  • 961dcdb 0.22.4
  • 995b955 Fix destinationPath not being updated if a .yo-rc.json file is in a parent directory
  • b913d98 add gitter badge
  • 716d6ca 0.22.3
  • 1b43344 Stop generator process when a task fails
  • 662af8a 0.22.2
  • 5c85ec4 Fix linting error
  • 2b09563 Fix option aliases
  • 8ef880d Normalize option/argument default option name with generator#prompt()

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

@snyk-bot
fix: package.json to reduce vulnerabilities
f90c7dc 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASH-608086
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot