[Snyk] Upgrade @npmcli/template-oss from 4.19.0 to 4.22.0

[YoutacRandS-VA]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade @npmcli/template-oss from 4.19.0 to 4.22.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 7 versions ahead of your current version.

• The recommended version was released on 2 months ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	696	Proof of Concept
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	696	Proof of Concept
	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	696	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	696	Proof of Concept
	Denial of Service (DoS) SNYK-JS-WS-7266574	696	Proof of Concept
	Server-Side Request Forgery (SSRF) SNYK-JS-IP-7148531	696	Proof of Concept
	Improper Authorization SNYK-JS-REACTDEVTOOLSCORE-6023999	696	Proof of Concept
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	696	Proof of Concept

Release notes

Package name: @npmcli/template-oss

• 4.22.0 - 2024-05-03
  

  4.22.0 (2024-05-03)

  Features

  • 21c9262 #440 use macos-(latest|13) based on node version (#440) (@ lukekarrys)

  Bug Fixes

  • 8b2e738 #432 remove custom node-workspace plugin (@ lukekarrys)
  • 0df268d #442 properly check for diff with multiple files from overwrite:false (#442) (@ lukekarrys)
  • 2eca24b #441 use git+https protocol for repo url (#441) (@ lukekarrys)
  • 732dddc #439 update actions workflow versions (#439) (@ lukekarrys)
  • 7949ec3 #438 add node 22 to CI matrix (#438) (@ lukekarrys)
  • 6d54cbf #436 get correct exit code from npm publish/view (#436) (@ lukekarrys)
  • d0bf7c2 #435 update license (#435) (@ lukekarrys)
  • df03d8b #433 dont create chore only PRs (#433) (@ lukekarrys)

  Dependencies

  • dff1b5b #432 bump release-please from 16.3.1 to 16.10.2 (@ dependabot[bot])
• 4.21.4 - 2024-04-15
  

  4.21.4 (2024-04-15)

  Bug Fixes

  • b8cf803 #430 only use latest template-oss specific commits in changelog (#430) (@ lukekarrys)
  • 5d806ab #429 iterate over releases from env var (#429) (@ lukekarrys)
  • 8906397 #423 turn of body-max-line-length commitlint rule (@ lukekarrys)

  Dependencies

  • 0b1c048 #423 @ commitlint/[email protected]
  • 47e9d8d #423 bump @ commitlint/cli from 18.6.1 to 19.0.3 (@ dependabot[bot])
  • 41ee083 #425 bump undici from 5.28.3 to 6.7.0 (#425) (@ dependabot[bot])
  • 1106838 #427 [email protected] (#427)
• 4.21.3 - 2023-12-06
  

  4.21.3 (2023-12-06)

  Bug Fixes

  • acd6429 #398 dont allow release-please to update workspace changelogs (#398) (@ lukekarrys)
• 4.21.2 - 2023-12-05
  

  4.21.2 (2023-12-05)

  Bug Fixes

  • 8953024 #394 increase open dependabot limit (@ lukekarrys)
  • 9e24894 #392 do not collapse chores for now (#392) (@ lukekarrys)

  Chores

  • ed599cd #394 ignore release-please coverage (@ lukekarrys)
• 4.21.1 - 2023-12-04
  

  4.21.1 (2023-12-04)

  Bug Fixes

  • a64e952 #389 collapse chores in changelog (@ lukekarrys)
  • 1df98ef #389 run install-latest-npm in temp dir (@ lukekarrys)
• 4.21.0 - 2023-12-01
  

  4.21.0 (2023-12-01)

  Features

  • 2daff23 #334 use upstream release-please (#334) (@ lukekarrys)
  • 3d76fc4 #380 release workflow uses composite actions (#380) (@ lukekarrys)

  Bug Fixes

  • fbe355c #388 pin release-please version (#388) (@ lukekarrys)
  • 4fad5d8 #387 make prerelease config switch versioning strategy (#387) (@ lukekarrys)
  • c892260 #386 fallback to default release process of 404 from hosted version (#386) (@ lukekarrys)
  • 9b22b83 #384 give release integration workflow correct permissions and secrets (#384) (@ lukekarrys)
• 4.20.0 - 2023-11-16
  

  4.20.0 (2023-11-15)

  Features

  • 17ea62d #371 add typescript and esm support (@ lukekarrys)
  • ea0e866 #373 update engines (#373) (@ lukekarrys)

  Bug Fixes

  • 74331b4 #371 remove tap 16 specific config when using tap 18 (@ lukekarrys)
  • 3fca74f #371 always lint all js-ish extensions (@ lukekarrys)
  • 37e9e0e #371 use npx semver to better determine latest npm (@ lukekarrys)
  • 3e1792c #362 add suffix to template files (#362) (@ rotu)
  • ebb48ec #368 add PR approval to auto publish flow (#368) (@ wraithgar)
  • f065bcb #366 prefer upstream over origin when getting remote (@ lukekarrys)
  • 29bf19d #364 Ignore transient tap test directories (#364) (@ wraithgar)

  Documentation

  • 2a8d79e #372 add note about semver and breaking changes (#372) (@ lukekarrys)

  Dependencies

  • ec65582 #375 bump @ commitlint/config-conventional from 17.8.1 to 18.1.0
  • c8420a6 #374 bump @ commitlint/cli from 17.8.1 to 18.2.0
  • f2521ed #370 bump @ npmcli/arborist from 6.5.0 to 7.2.1
  • 8c20554 #346 bump @ npmcli/git from 4.1.0 to 5.0.3
  • f25926a #343 bump @ npmcli/package-json from 4.0.1 to 5.0.0
  • af30dbe #357 bump hosted-git-info from 6.1.1 to 7.0.1
  • 0b59cd6 #349 bump npm-package-arg from 10.1.0 to 11.0.1
• 4.19.0 - 2023-09-15
  

  4.19.0 (2023-09-15)

  Features

  • 994a278 #356 set ci versions from engines (@ lukekarrys)
  • cad156a #360 set backport release from config instead of current branch (@ lukekarrys)

  Bug Fixes

  • de319e8 #358 allow overriding path to npm bin in workspaces (@ lukekarrys)

from @npmcli/template-oss GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs