Skip to content

[Snyk] Security upgrade jscs from 1.13.1 to 2.0.0 #111

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

[Snyk] Security upgrade jscs from 1.13.1 to 2.0.0 #111

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: jscs The new version differs by 160 commits.
  • 295fcb2 Docs: improve and correct the changelog
  • fbdb7ef 2.0.0
  • 2c12c50 Prepare for version 2.0.0
  • 657e96f Docs: last minutes updates for 2.0
  • e38e290 Docs: update rules sum
  • 582588a Misc: update dependencies & temporary remove coverage badge
  • 66f8994 New rules: add SpaceBeforeComma rules
  • 3161c10 Preset: fix requireDotNotation rule value according to es3 changes
  • 78979be Docs: add es3 option to OVERVIEW.md
  • 1cc8f83 Misc: code style fixes
  • b5437fe Misc: change default dialect to es5 and make appropriate changes
  • 91e9a38 Misc: introduce reservedWords instead of utils.isES3
  • 56a9b26 disallowKeywordsOnNewLine: Allow comments before keywords
  • 1072662 Preset: remove jsdoc rules from yandex preset
  • e1313e1 Intergration: correct integration tests for big amount of results
  • 26a1a08 CLI: set "maxErrors" to Infinity with enabled "fix" option
  • a249217 Preset: requireSemicolons = true for google preset
  • 1a4a462 validateIndentation: deprecate includeEmptyLines in favour of allExcept
  • fc31b91 validateIndentation: add option to ignore comments
  • 672e03e requirePaddingNewLinesAfterBlocks: consider IIFE case
  • f651f2d Docs: reflect some of the 2.0 changes
  • c617a58 Autofix: remove merge artefact
  • 5f8c939 Preset: add jsDoc rules to relevant presets
  • 32225ab Preset: add disallowTrailingWhitespace to MDCS

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

@snyk-bot
fix: package.json to reduce vulnerabilities
f724c18 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot