Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade jshint from 2.9.5 to 2.13.4 #2

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

elorzafe
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade jshint from 2.9.5 to 2.13.4.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 16 versions ahead of your current version.
  • The recommended version was released 5 months ago, on 2022-01-24.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Improper Privilege Management
SNYK-JS-SHELLJS-2332187
676/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.1
Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-73638
676/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.1
Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-608086
676/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.1
Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-567746
676/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.1
Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-450202
676/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.1
Proof of Concept
Command Injection
SNYK-JS-LODASH-1040724
676/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.1
Proof of Concept
Prototype Pollution
npm:lodash:20180130
676/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.1
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-73639
676/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.1
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905
676/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.1
Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: jshint
  • 2.13.4 - 2022-01-24

    2.13.4 (2022-01-24)

    Bug Fixes

  • 2.13.3 - 2022-01-05

    2.13.3 (2022-01-05)

    Bug Fixes

    • Recognize ES2020 globals (b1426f1)
  • 2.13.2 - 2021-12-27

    2.13.2 (2021-12-27)

    Bug Fixes

    • Add missing well-known globals (#3582) (cc1adf6)
    • add URL for node in src/vars.js (#3570) (ca06e6a)
    • change escape-sequence handler for double quotes (") (#3566) (75e48b7)
    • Limit "Too many Errors" (E043) to errors only (#3562) (4a681b9)
    • Tolerate keyword in object shorthand (057b1c6)
    • Tolerate unterminated nullish coalescing (ecae54a)
  • 2.13.1 - 2021-08-10

    2.13.1 (2021-08-10)

    Bug Fixes

    • Allow invoking result of optional chaining (71ec395)
    • Allow optional chaining call as satement (11dc0a6)
    • Tolerate dangling NewExpression (7c890aa)
  • 2.13.0 - 2021-05-30

    2.13.0 (2021-05-30)

    Bug Fixes

    • Allow comma expression in MemberExpression (f05c8d1)
    • Consider all exported bindings "used" (90228b7)
    • Correct interpretation of ImportSpecifier (72a8102)
    • Correct location for error (e831188)
    • Correct location reported for directive (ee6aa68)
    • Detect duplicate exported bindings (916c230)
    • Don't warn when Function() is used without 'new'. (#3531) (c13c5cc)
    • Don't warn when RegExp() is used without 'new'. (#3529) (c18a6e4)
    • Enforce restrictions on new operand (c2719eb)
    • Graduate BigInt support to esversion: 11 (553f816)
    • Improve declaration parsing (a9bdc93)
    • Report early reference with warning (2c1a5f8)
    • Support RegExp Unicode property escapes (e7fa785)

    Features

    • Add support for "export * as ns from" (c46f464)
    • Add support for import.meta (73d7e0d)
    • Add support for dynamic import (6bfcaed)
    • Add support for optional chaining (b125dbe)
    • Implement support for nullish coalescing (f50b14d)
  • 2.12.0 - 2020-08-03

    2.12.0 (2020-08-02)

    Features

  • 2.11.2 - 2020-07-30

    2.11.2 (2020-07-30)

    Bug Fixes

    • Allow "rest" operator in param dstrctrng (c45d1b2)
    • Disallow invalid numeric literals (b02a025)
    • Disallow leading zeros in BigInts (3b2c8cf)
    • Improve numeric literal warnings/errors (370e159)
    • Limit positions for class declarations (0f0acd8)
    • maxcomplexity doesn't take into account && (047d5af), closes #840
    • Update Lodash to latest 4.17.19 (#3494) (17d8f5a)
  • 2.11.1 - 2020-05-14

    2.11.1 (2020-05-14)

    This release includes patches from a number of first-time contributors. James
    Owen, Tim Gates, ossdev, stvcisco, and thetric helped to make this the best
    JSHint release yet. Thank you all!

    Bug Fixes

    • Correct ASI for break and continue (3eb1b02)
    • Correct ASI for C-style for loops (ac232a5)
    • Improve tokenization of RegExp literals (#3471) (f786002)
    • TypeError accessing 'value' of undefined (8884eb9), closes #3455
    • Use relative paths with --filename when recieving from stdin (c1b5c2b)

    Features

    • Replacing PhantomJS with Puppeteer (51963a3)
  • 2.11.0 - 2020-01-13

    2.11.0 (2020-01-13)

    This release was previously published using the "release candidate" pattern. No
    regressions were reported in the four weeks that followed, so the change set is
    being promoted to a true "minor" release.

    The release notes for version 2.11.0-rc1 completely describes the changes
    included in this version.

  • 2.11.0-rc1 - 2019-12-11
  • 2.10.3 - 2019-11-05
  • 2.10.2 - 2019-03-13
  • 2.10.1 - 2019-02-05
  • 2.10.0 - 2019-02-05
  • 2.9.7 - 2018-12-07
  • 2.9.6 - 2018-07-30
  • 2.9.5 - 2017-06-22
from jshint GitHub release notes
Commit messages
Package name: jshint

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

elorzafe pushed a commit that referenced this pull request Jun 24, 2022
* feat(@aws-amplify/geo): add geofence APIs (aws-amplify#9278)

* feat(@aws-amplify/geo): verify coordinates

* chore(@aws-amplify/geo): remove unused file

* feat(@aws-amplify/geo): add initial types for geofences

* chore(@aws-amplify/geo): add types and validation utils

* feat(@aws-amplify/geo): add createGeofence to provider

* feat(@aws-amplify/geo): add createGeofence to Geo

* fix(@aws-amplify/geo): remove bad import

* fix(@aws-amplify/geo): update jsdoc on createGeofence

Co-authored-by: Amplifiyer <51211245+Amplifiyer@users.noreply.github.com>

* fix(@aws-amplify/geo): update jsdoc on createGeofence in provider

Co-authored-by: Amplifiyer <51211245+Amplifiyer@users.noreply.github.com>

* fix(@aws-amplify/geo): update error message for bad polygon

Co-authored-by: Amplifiyer <51211245+Amplifiyer@users.noreply.github.com>

* fix(@aws-amplify/geo): first update from PR comments

* fix(@aws-amplify/geo): update #2 from PR comments

* fix(@aws-amplify/geo): update types and batch calls

* Update packages/geo/src/types/Geo.ts

Co-authored-by: Amplifiyer <51211245+Amplifiyer@users.noreply.github.com>

* fix(geo): update types from PR feedback

* chore(geo): add error handling on failed API call

* test(geo): add test for batch API calls

* test(geo): add test for bad api call in createGeofences

feat(geo): add getGeofence api (aws-amplify#9309)

* feat(@aws-amplify/geo): verify coordinates

* chore(@aws-amplify/geo): add types and validation utils

* feat(@aws-amplify/geo): add createGeofence to provider

* feat(@aws-amplify/geo): add createGeofence to provider

* feat(geo): add getGeofence api

* chore(geo): combine some try/catch blocks

* chore(geo): add > to jsdoc comment

feat(geo): add listGeofences api (aws-amplify#9310)

feat(geo): add updateGeofences api (aws-amplify#9312)

* feat(geo): add listGeofences api

* feat(geo): add initial updateGeofences api

* refactor(geo): optimize _batchPutGeofence function

feat(geo): add deleteGeofences api (aws-amplify#9314)

* feat(@aws-amplify/geo): verify coordinates

* feat(geo): batch deleteGeofences call

* chore(geo): fix issue with response

refactor(geo): update loggers and remove unused code

refactor(geo): create/updateGeofences => saveGeofences

chore(geo): split out testData and testFunctions

* fix(geo): update validations and error messages (aws-amplify#9670)

* chore(geo): remove unused `logger` function

* fix(geo): update validation error messages

* fix(geo): add validation for empty input arrays

* fix(geo): polygon if statement and nits

* fix(geo): get rid of that really bad extra space in comment

* fix(geo): fix nextToken type

* fix(geo): fix missspelling

* fix(geo): update batch array naming and types

* fix(geo): add GeofenceId type

* fix(geo): add test for tooManyVertices
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants