[Snyk] Upgrade should from 9.0.2 to 13.2.3

[snyk-bot]

Snyk has created this PR to upgrade should from 9.0.2 to 13.2.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 18 versions ahead of your current version.
• The recommended version was released 4 years ago, on 2018-07-30.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Arbitrary Code Injection npm:growl:20160721	704/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-610226	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1023599	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Arbitrary File Write SNYK-JS-TAR-1579155	704/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	704/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	704/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	704/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	704/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
	Prototype Pollution SNYK-JS-SETVALUE-450213	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-1540541	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-450213	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-1540541	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Prototype Pollution SNYK-JS-MIXINDEEP-450212	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-608086	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-450202	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	704/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
	Prototype Pollution SNYK-JS-INI-1048974	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Cryptographic Issues SNYK-JS-ELLIPTIC-571484	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Prototype Pollution SNYK-JS-CACHEDPATHRELATIVE-2342653	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Prototype Pollution SNYK-JS-AJV-584908	704/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	704/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	704/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
	Arbitrary Code Injection SNYK-JS-UNDERSCORE-1080984	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1072471	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
	Timing Attack SNYK-JS-ELLIPTIC-511941	704/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
	Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	704/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	704/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	704/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
	Validation Bypass SNYK-JS-KINDOF-537849	704/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: should

• 13.2.3 - 2018-07-30
  

  Release 13.2.3

• 13.2.2 - 2018-07-26
  

  Release 13.2.2

• 13.2.1 - 2018-01-12
  

  Release 13.2.1

• 13.2.0 - 2017-12-27
  

  Release 13.2.0

• 13.1.3 - 2017-10-28
  

  Fix #157

• 13.1.2 - 2017-10-10
  

  Revert in ts definition default export back to that was in 13.0.0

• 13.1.1 - 2017-10-07
  

  .rejecteWith in ts definition was missing return type

• 13.1.0 - 2017-09-20
  

  New

  1. Now all zero argument assertions throw TypeError in case any argument passed to them.
  2. Aliased .fulfill/.fulfilledWith to .resolve/.resolvedWith

  Fixes

  1. TS definition fixed to allow such imports:

  import should from 'should';

• 13.0.1 - 2017-09-06
  

  Add back missing umd build in root of package

• 13.0.0 - 2017-09-05
  

  Breaking changes

  1. Removed .enumerable, .enumerables (deprecated since 11.2.0)
  2. Fix for #150

  New

  Added Typescript bindings (still considering this as beta as i am TS newbie)

• 12.0.0 - 2017-08-28
• 11.2.1 - 2017-03-09
• 11.2.0 - 2017-01-27
• 11.1.2 - 2016-12-10
• 11.1.1 - 2016-10-10
• 11.1.0 - 2016-08-14
• 11.0.0 - 2016-08-10
• 10.0.0 - 2016-07-18
• 9.0.2 - 2016-06-10

from should GitHub release notes

Commit messages

Package name: should

• 38910f7 Release 13.2.3
• 40db606 Do not use getter internally
• 031b8e6 Release 13.2.2
• 6db456c Merge branch 'master' of github.com:shouldjs/should.js
• 1ab1661 Add note about TS
• 889e22e Merge pull request [Feature Request] Postfix nosir/cleave.js#171 from jsoref/spelling
• 79ec809 Spelling fixes
• 0abf2d5 Merge pull request Uppercase not working nosir/cleave.js#167 from lumaxis/bugfix/typescript-error
• d1e9efe Fix TypeScript compiler issue with fulfilled assertion
• 9dcde0f Merge pull request Uncaught TypeError: Cannot set property 'initValue' of undefined nosir/cleave.js#164 from chris-grabcad/UpdateDefinitionsOfTrueAndFalseInTypings
• 7917c9c Add optional message to [Tt]rue and [Ff]alse so they can be used in typecript tests
• 9748ae6 Release 13.2.1
• 70733b9 Fix .size with should as function
• 7095ae5 Release 13.2.0
• bcf4588 Update build
• 120e3d9 Add test for Set.containEql
• cc2f68b Release 13.1.3
• 76ed8ce Merge pull request Padding credit card numbers with spaces should depend on the cursor's direction of travel nosir/cleave.js#160 from shouldjs/deps
• 1e7b1d0 Merge pull request Is there a way to use this with Redux Form?  nosir/cleave.js#159 from shouldjs/fix-157
• 82c1683 Update deps
• 6a7989f Fix Prefix Formatting Bug when using default value nosir/cleave.js#157
• ff0877a Release 13.1.2
• 6c8cb39 Revert typings to use = instead of default export. Fixes Request: apply own dateFormatter nosir/cleave.js#155
• f8ab675 Release 13.1.1

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

_{Mention [stepsize] in a comment if you'd like to report some technical debt. See examples here.}

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
0.0% Duplication