[Snyk] Fix for 1 vulnerabilities

[snyk-levine]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • large-file/package.json
  • large-file/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: ansi-regex

The new version differs by 15 commits.

• 64735d2 v4.1.1
• 75a657d Fix potential ReDoS ([Snyk] Security upgrade ejs from 1.0.0 to 3.1.7 #37)
• a079ab2 4.1.0
• 96200bb Support more escape types like links ([Snyk] Security upgrade moment from 2.15.1 to 2.29.2 #29)
• e076cd1 Add Tidelift mention in the readme
• a1d9246 4.0.0
• ced7421 Require Node.js 6
• eac826a Add option to only match the first occurrence ([Snyk] Security upgrade tap from 5.8.0 to 11.1.3 #24)
• 385eca9 Add scroll escapes ([Snyk] Fix for 3 vulnerabilities #20)
• 14839a4 Add failing test for [Snyk] Security upgrade tap from 5.8.0 to 11.1.3 #21 ([Snyk] Security upgrade tap from 5.8.0 to 11.1.3 #22)
• 0a8cc19 3.0.0
• d9d806e Minor tweaks
• 69bebf6 Support urxvt escapes ([Snyk] Fix for 1 vulnerabilities #13)
• 3dff5e7 Use Map instead of Object for the fixtures
• baacbab Require Node.js 4 and meta tweaks

See the full diff

Package name: clap

The new version differs by 56 commits.

• d77cbe8 3.0.0
• 9853d10 Refactor Command#handlers
• 3c1a9b4 Add coverage to git ignore
• 4d57368 Change Node.js support to `^12.20.0`, `^14.13.0` and `>=15.0.0`
• 80c57ec Update year
• 11ca667 Add transformation to CJS
• 56597a9 Migrate to ESM
• 2c9e06d Replace `chalk` with `ansi-colors`
• 21e2702 Allow args after and between options
• 4152aef Replace travis with github action
• bebe77b Update deps
• e056143 3.0.0-beta.1
• 4604256 Refactoring of params
• fdf8253 Usage only to define a command
• 41bdd93 Refactoring
• 5484e17 Rephrased, fixing some types along the way ([Snyk] Fix for 1 vulnerabilities #13)
• 00c4208 Remove Command#actionOption()/shortcutOption()
• 9636a19 Remove Command#hasOption(s)/hasCommand(s) methods
• 9973491 Change min offset in help
• 1e0db9c Rename defValue to default
• 0d250ad Remove config for Command constructor, add Command#help() method and related refactoring
• e591b3f Change argv pipeline to init -> applyConfig -> prepareContext
• 1d8f5e8 Internal refactoring, add Command#getOption(s)/getCommand(s) methods
• e8ed57b Remove removed methods

See the full diff

Package name: cli-truncate

The new version differs by 14 commits.

• 4ded8c0 2.0.0
• d474918 Meta tweaks
• baf4461 Add `preferTruncationOnSpace` option ([Snyk] Fix for 2 vulnerabilities #11)
• 21f9d9b Create funding.yml
• 5744234 Add Node.js 12 to testing ([Snyk] Security upgrade karma from 2.0.3 to 3.0.0 #14)
• 7e0c356 Add `space` option ([Snyk] Fix for 1 vulnerabilities #10)
• 21df450 Meta tweaks
• 1c65dfa Add TypeScript definition ([Snyk] Fix for 1 vulnerabilities #13)
• 27ed208 Require Node.js 8
• 94f2697 1.1.0
• a437535 Meta tweaks
• f379a0e Add support for fullwidth characters and Unicode surrogate pairs ([Snyk] Security upgrade marked from 0.3.5 to 4.0.10 #6)
• 4da60e7 1.0.0
• bd8025b ES2015ify and require Node.js 4

See the full diff

Package name: cliui

The new version differs by 28 commits.

• e49b32f chore(release): 5.0.0
• e1ad447 chore: fix testing when stdout does not support color-codes. ([Snyk] Security upgrade tap from 5.8.0 to 11.1.3 #62)
• c9dab69 force build
• 7bf79ae fix: Update wrap-ansi to fix compatibility with latest versions of chalk. ([Snyk] Security upgrade tap from 5.8.0 to 12.6.2 #60)
• d7494f3 docs: Replace `ui.row` with `ui.div` ([Snyk] Security upgrade hawk from 5.0.0 to 9.0.1 #58)
• 83ada4a chore(release): 4.1.0
• c958738 chore: slight tweak to wording in README
• 7246902 feat: add resetOutput method ([Snyk] Fix for 1 vulnerabilities #57)
• a76e646 chore(release): 4.0.0
• 04e4b50 chore: switch to release from version
• d064922 feat: add fallback for window width ([Snyk] Fix for 1 vulnerabilities #45)
• 3e3ff71 docs: document the `text` property of a column ([Snyk] Security upgrade humanize-ms from 1.0.1 to 1.2.1 #50)
• 7350e36 fix: set env variable FORCE_COLOR. ([Snyk] Security upgrade update-notifier from 2.5.0 to 6.0.0 #56)
• a710255 Revert "fix: downgrades strip-ansi to version 3.0.1 ([Snyk] Fix for 1 vulnerabilities #54)" ([Snyk] Security upgrade snyk from 1.389.0 to 1.680.0 #55)
• 5764c46 fix: downgrades strip-ansi to version 3.0.1 ([Snyk] Fix for 1 vulnerabilities #54)
• b105376 chore: drop support for node < 4 ([Snyk] Fix for 1 vulnerabilities #53)
• 0afe9c9 chore(package): update nyc to version 10.0.0
• 751fb34 chore(package): update nyc to version 9.0.1
• 679964a chore(package): update standard-version to version 3.0.0 ([Snyk] Fix for 1 vulnerabilities #44)
• 94fc0a4 chore(package): update standard to version 8.0.0 ([Snyk] Security upgrade tap from 5.8.0 to 9.0.0 #42)
• d06d624 Merge pull request [Snyk] Security upgrade term-ng from 0.8.1 to 0.8.2 #41 from yargs/greenkeeper-nyc-8.1.0
• 60a26b9 chore(package): update nyc to version 8.1.0
• f78eb90 Merge pull request [Snyk] Security upgrade tap from 5.8.0 to 9.0.0 #39 from yargs/greenkeeper-mocha-3.0.0
• 1d491f6 chore(package): update mocha to version 3.0.0

See the full diff

Package name: csso

The new version differs by 52 commits.

• d150161 3.0.0
• 826a2bf use last stable csstree – 1.0.0-alpha17
• 7ef0e93 fix a test
• ddf4757 no global flag
• 0923082 some tweaks
• 3342dff update api, complete source map section, formatting
• 36cdae4 drop bin reference
• f381f09 change module's layout
• a67d1e9 hide all csstree methods behind syntax property and update tests
• 9dbdfc8 move API doc down
• 44fc320 add source-map as dev-dependency since requires for tests
• 7b8632a move cli to standalone package (css/csso-cli)
• ab28815 update years
• 22ea50f lint tests with jscs
• f301dcb Minor typos ([Snyk(Unlimited)] Upgrade from thebespokepixel/es-tinycolor to thebespokepixel/es-tinycolor snyk-fixtures/npm-lockfiles#322)
• 58986b7 Space -> WhiteSpace
• f217458 fix broken tests
• 0af7c31 Hash -> HexColor
• 773c377 fix space and universal removal
• 6aa9e69 align to last changes in css-tree
• a42433c don't merge loc's (source maps doesn't support it anyway)
• 6920da5 align to latest changes in csstree
• 717ba5b align to latest csstree changes
• 6638b6e use csstree version from master

See the full diff

Package name: has-ansi

The new version differs by 11 commits.

• e0482ff 4.0.0
• 5922c60 Require Node.js 8
• cc62ac2 Tidelift tasks
• 5b1f1e1 3.0.0
• 7ba9550 Bump ansi-regex
• 4a130d3 Require Node.js 4
• d4c3315 Updates maintainer email.
• 82a887c update tests for latest AVA version
• 8265d04 add XO
• 77fd627 added Qix as maintainer
• 4d4def8 update references to new org

See the full diff

Package name: listr

The new version differs by 16 commits.

• edbba65 0.14.2
• f5d0b0d Remove unused dependencies
• 69ad1d4 Fix tests
• b53c439 Meta tweaks
• b3d4abe Drop support for Node.js <= 4 ([Snyk] Fix for 1 vulnerabilities #99)
• 5880368 0.14.1
• 0e3d740 Pin XO for Node.js 4
• e422755 Test Node.js 10
• d6a722f Fix `is-observable` detection for RxJS@6
• 4e41f98 Fix linting and example
• bee2889 Remove is-observable due to issues with RxJS@6
• 447e8d1 Upgrade [email protected] - fixes [Snyk] Fix for 66 vulnerabilities #91
• b295525 0.14.0
• 42f38c2 refactor(lib): Cleanup linter errors
• 44cb4db fix(deps): Add support for RxJS 6
• d28fb95 Remove unused dependency ([Snyk] Fix for 18 vulnerabilities #82)

See the full diff

Package name: mocha

The new version differs by 250 commits.

• 18a1055 build(v9.1.2): release
• 011a5a4 fix: regex in 'update-authors.js'
• 06f3f63 build(v9.1.2): update CHANGELOG [ci skip]
• a87461c chore(deps): remove 'wide-align' ([Snyk(Unlimited)] Upgrade truwrap from 0.8.1 to 0.8.4 snyk-fixtures/npm-lockfiles#4754)
• c7f56d1 docs: how to use 'rootHooks' in the browser ([Snyk(Unlimited)] Upgrade sgr-composer from 0.5.0 to 0.5.3 snyk-fixtures/npm-lockfiles#4755) [ci skip]
• 8421974 fix(browser): stop using all global vars in 'browser-entry' ([Snyk(Unlimited)] Upgrade verbosity from 0.9.2 to 0.10.1 snyk-fixtures/npm-lockfiles#4746)
• 27bfc74 docs: add complete '--delay' example ([Snyk(Unlimited)] Upgrade sgr-composer from 0.5.0 to 0.5.3 snyk-fixtures/npm-lockfiles#4744) [ci skip]
• 4860738 chore(devDeps): update 'eslint' and its plugins ([Snyk(Unlimited)] Upgrade cfenv from 1.1.0 to 1.2.2 snyk-fixtures/npm-lockfiles#4737)
• abfddf8 docs: fix broken table width under 450 screen width ([Snyk(Unlimited)] Upgrade cookie-parser from 1.3.3 to 1.4.4 snyk-fixtures/npm-lockfiles#4734)
• 97b8470 chore(esm): remove code for Node versions <10 ([Snyk(Unlimited)] Upgrade humanize-ms from 1.0.1 to 1.2.1 snyk-fixtures/npm-lockfiles#4736)
• 654b5df build(v9.1.1): release
• a26cca9 build(v9.1.1): update CHANGELOG [ci skip]
• e975675 chore: update some devDependencies ([Snyk(Unlimited)] Upgrade dustjs-helpers from 1.5.0 to 1.7.4 snyk-fixtures/npm-lockfiles#4733)
• 9e0369b fix(parallel): 'XUNIT' and 'JSON' reporter crash ([Snyk(Unlimited)] Upgrade errorhandler from 1.2.0 to 1.5.1 snyk-fixtures/npm-lockfiles#4623)
• 014e47a build(v9.1.0): release
• 3a14b28 build(v9.1.0): update CHANGELOG [ci skip]
• 171e211 feat(reporter): add output option to 'JSON' ([Snyk(Unlimited)] Upgrade errorhandler from 1.2.0 to 1.5.1 snyk-fixtures/npm-lockfiles#4607)
• bbf0c11 feat: add new option 'fail-zero' ([Snyk(Unlimited)] Upgrade express-fileupload from 0.0.5 to 0.4.0 snyk-fixtures/npm-lockfiles#4716)
• 757b85d docs: improve 'grep()' and clarify docs ([Snyk(Unlimited)] Upgrade st from 0.2.4 to 0.5.5 snyk-fixtures/npm-lockfiles#4714)
• f19d3ca docs: remove unsupported 'no-timeout' option ([Snyk(Unlimited)] Upgrade adm-zip from 0.4.7 to 0.4.13 snyk-fixtures/npm-lockfiles#4719) [ci skip]
• 9f82ccb chore(gha): update 'stale.yml' ([Snyk(Unlimited)] Upgrade cookie-parser from 1.3.3 to 1.4.4 snyk-fixtures/npm-lockfiles#4718) [ci skip]
• 09ffc30 Set CSP on karma to prevent 'evalError' regression ([Snyk(Unlimited)] Upgrade consolidate from 0.14.5 to 0.15.1 snyk-fixtures/npm-lockfiles#4706)
• 02bf13d Update devDep '@ babel/preset-env' and pin 'regenerator-runtime' ([Snyk(Unlimited)] Upgrade mongoose from 4.2.4 to 4.13.19 snyk-fixtures/npm-lockfiles#4707)
• 54a5788 Add new option "node-option" ([Snyk(Unlimited)] Upgrade mongoose from 4.2.4 to 4.13.19 snyk-fixtures/npm-lockfiles#4691)

See the full diff

Package name: mongodb-js-fmt

The new version differs by 7 commits.

• c6eb112 0.0.4
• 4045480 Sunsetting this project
• 2376730 chore(package): update dependencies ([Snyk] Fix for 1 vulnerabilities #3)
• 244ded0 Update package.json with correct github url ([Snyk] Security upgrade nyc from 14.0.0 to 15.0.0 #2)
• da67a88 Update travis.yml to node_js 4 from iojs-v2.3.4 ([Snyk] Security upgrade nyc from 14.0.0 to 15.0.0 #1)
• 453ab45 💚
• d26536f 👕

See the full diff

Package name: mongodb-schema

The new version differs by 38 commits.

• 01d70e2 9.0.0
• f4147ea Update package-lock.json
• c4e8dba Bump lodash from 4.17.20 to 4.17.21 ([Snyk] Security upgrade @babel/traverse from 7.0.0 to 7.23.2 #149)
• 983b2d1 Bump cli-table from 0.3.4 to 0.3.5 ([Snyk] Security upgrade snyk from 1.389.0 to 1.518.0 #151)
• a1f3342 Bump mocha from 8.3.0 to 8.3.2 ([Snyk] Security upgrade tap from 5.8.0 to 16.0.0 #152)
• 88b20c2 Reduce the usage of lodash (round 2) ([Snyk] Security upgrade cypress from 4.12.0 to 13.0.0 #145)
• 33e0f51 Update Github workflow location
• 68a401b Added github workflow to exec. unit tests ([Snyk] Security upgrade mongoose from 4.2.4 to 4.2.5 #144)
• beb4387 Bump mocha from 3.5.3 to 8.2.1 ([Snyk] Fix for 2 vulnerabilities #124)
• d73f838 Added promise support for library ([Snyk] Security upgrade mongoose from 4.2.4 to 5.13.20 #140)
• 39af582 End support for legacy Node.js versions 🩺 ([Snyk] Security upgrade tap from 5.8.0 to 15.0.0 #136)
• 17bbff4 Bump mongodb from 3.5.2 to 3.5.3 ([Snyk] Fix for 66 vulnerabilities #84)
• 21a2fc7 Bump mongodb-js-precommit from 2.2.0 to 2.2.1 ([Snyk] Fix for 18 vulnerabilities #82)
• 8997b3e Bump debug from 2.6.9 to 4.1.1 ([Snyk] Security upgrade mongoose from 4.2.4 to 6.4.6 #68)
• 915ba85 build(deps): Bump mongodb-ns from 2.0.0 to 2.2.0 ([Snyk] Security upgrade snyk from 1.389.0 to 1.996.0 #79)
• b6e367a build(deps-dev): [Security] Bump bson from 0.5.7 to 1.0.5 ([Snyk] Security upgrade mout from 1.1.0 to 1.2.4 #77)
• 069b051 build(deps): Bump stats-lite from 2.1.1 to 2.2.0 ([Snyk] Security upgrade node-fetch from 1.7.3 to 3.2.10 #70)
• ecdbdf0 build(deps): Bump ms from 0.7.3 to 2.1.2 ([Snyk] Security upgrade file-type from 8.1.0 to 16.5.4 #66)
• 2f41b46 Bump mongodb-js-precommit from 2.0.0 to 2.2.0 ([Snyk] Security upgrade tap from 5.8.0 to 10.3.3 #71)
• e06e39a chore(deps): Bump mongodb-extended-json from 1.10.0 to 1.11.0 ([Snyk] Security upgrade tap from 5.8.0 to 14.6.8 #75)
• 79fd908 build(deps): Bump mongodb from 3.1.4 to 3.5.2 ([Snyk] Security upgrade react-tooltip from 3.8.1 to 3.8.3 #76)
• 8cbcd32 Bump mongodb-collection-sample from 4.4.2 to 4.5.1 ([Snyk] Security upgrade file-type from 8.1.0 to 16.5.4 #67)
• 6194cd3 chore(deps): Bump js-yaml from 3.12.0 to 3.13.1 ([Snyk] Security upgrade tap from 5.8.0 to 14.6.8 #74)
• 00666cf chore(deps-dev): Bump eslint-config-mongodb-js from 3.0.1 to 5.0.3 ([Snyk] Security upgrade tap from 5.8.0 to 14.6.8 #72)

See the full diff

Package name: renderkid

The new version differs by 20 commits.

• 19422e1 Bump version
• 4f38a35 Update package-lock.json
• fa6ecbd chore(deps): upgrade to latest stable; fix audit
• 4a7e401 Update mocha
• 75866f8 Bump to 2.0.5
• 6c9afb4 Update deps (fixes [Snyk] Security upgrade node-fetch from 1.7.3 to 3.1.1 #8 and [Snyk] Security upgrade karma from 2.0.3 to 6.3.14 #12)
• fbd43fb Merge pull request [Snyk] Fix for 1 vulnerabilities #13 from RDIL/master
• 7f48119 Reduce npm module size, bump node version on travis
• e8c9744 Bump to 2.0.4
• eead093 Use lodash instead of the deprecated utila
• 60b6770 Bump to 2.0.3
• 3449e4a Merge pull request [Snyk] Fix for 2 vulnerabilities #11 from billyjanitsch/caret-deps
• 4ad043c Use caret dependency ranges
• 23a59d1 Bump to 2.0.2
• 41f8d29 Update travis to use node LTS
• 5e3f9ad Actually upgrade mocha (last one was chai
• 3275dbc Upgrade mocha
• 4b382a5 Update dependency on dom-converter and utila
• 727f1fc Merge pull request [Snyk] Fix for 1 vulnerabilities #9 from ChristianDavis/master
• 302a6be clean up typos, getCols returns cols instead of rows

See the full diff

Package name: snyk

The new version differs by 250 commits.

• 3f52bdc Merge pull request [Snyk(Unlimited)] Upgrade qs from 0.0.6 to 6.9.0 snyk-fixtures/npm-lockfiles#1669 from snyk/fix/dont-fail-on-request-big-payload
• 47e106e fix: don't fail on request's big payload
• 1228b55 Merge pull request [Snyk(Unlimited)] Upgrade qs from 0.0.6 to 6.9.0 snyk-fixtures/npm-lockfiles#1624 from snyk/chore/cli-alert-improvement
• fccd907 Merge pull request [Snyk(Unlimited)] Upgrade qs from 0.0.6 to 6.9.0 snyk-fixtures/npm-lockfiles#1666 from snyk/chore/bump-cpp-test-timeout
• 6772a3e Merge pull request [Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#1649 from snyk/chore/deps-update
• 89a7767 chore: update dependencies
• eaf4915 test: wrap pagerduty await in try-catch, remove condition
• 0576431 test: add pagerduty, check if test is running before attemmpting rerun
• a08a938 chore: bump flaky cpp test timeout
• ebb8dd7 Merge pull request [Snyk(Unlimited)] Upgrade tap from 5.8.0 to 14.7.0 snyk-fixtures/npm-lockfiles#1656 from snyk/feat/protect-prime-time
• 69cd590 test: fix flakey json output test
• 3021bb2 Merge pull request [Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#1663 from snyk/fix/upgrade-snyk-gradle-plugin
• a988600 Merge pull request [Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#1654 from snyk/feat/iac-experimental-terraform-support
• b455497 feat: iac experimental tf support
• 4848b7e chore: run tests in packages in CI
• 3e7e99e feat: implement snyk protect
• bb233f1 chore: enable prettier formatting in packages
• fe0183d test: enable jest testing in snyk-protect workspace
• 40ec817 test: test fixture for snyk protect
• 7dfd3ea Merge pull request [Snyk(Unlimited)] Upgrade tap from 5.8.0 to 14.7.0 snyk-fixtures/npm-lockfiles#1661 from snyk/test/fix-flake-with-dev-count-analysis
• 02c99b8 test: remove tests previously migrated to jest
• e203fd1 test: set timeout in beforeAll
• d42f6d9 fix: update snyk-gradle-plugin to 3.13.2
• 8cd9fbf Merge pull request [Snyk(Unlimited)] Upgrade qs from 0.0.6 to 6.9.0 snyk-fixtures/npm-lockfiles#1662 from snyk/test/add-longer-timeouts

See the full diff

Package name: string-width

The new version differs by 13 commits.

• 58147d2 3.0.0
• 5b6b7ca Require Node.js 6
• 0bc308a Support emoji ([Snyk] Security upgrade karma from 2.0.3 to 3.0.0 #17)
• 74d8d55 2.1.1
• d0d3ccb Meta tweaks
• 2af7be5 Support combining characters ([Snyk] Security upgrade karma from 2.0.3 to 6.3.14 #12)
• 175b26f 2.1.0
• 79c4e30 Meta tweaks
• 73ba3b5 Update strip-ansi from ^3.0.0 to ^4.0.0 ([Snyk] Fix for 1 vulnerabilities #10)
• 130d0ad Add failing test for [Snyk] Security upgrade marked from 0.3.5 to 4.0.10 #6
• 7dd3956 Meta tweaks
• 523d7ba 2.0.0
• 14c663d ES2015ify and require Node.js 4

See the full diff

Package name: strip-ansi

The new version differs by 7 commits.

• dfab677 5.0.0
• 6a25566 Require Node.js 6 and upgrade dependencies
• e8d149c Add Tidelift mention in the readme
• 52dcf65 Add related streaming version of this module to the readme ([Snyk] Security upgrade karma from 2.0.3 to 3.0.0 #15)
• c299056 4.0.0
• 740dac9 Bump ansi-regex
• 0978944 Require Node.js 4

See the full diff

Package name: webpack-hot-middleware

The new version differs by 70 commits.

• e140693 2.25.1
• 3d5018a Merge pull request [Snyk(Unlimited)] Upgrade @thebespokepixel/es-tinycolor from 0.3.1 to 0.3.2 snyk-fixtures/npm-lockfiles#413 from nttibbetts/replace-ansi-html
• 90551e5 use public npm registry, not private one
• adeeade fix: replace ansi-html with ansi-html-community to fix vulnerability
• f0ffa4c Resolve weird desync in package lock
• 0f5e3e9 Use old-style require syntax to keep the linter happy
• aa38d42 Bump ansi/html encoding deps
• 2c31df1 Bump example dependencies
• d156bbc Simplify CI setup
• 0635d00 Replace istanbul with nyc
• 04fa8c8 Apply prettier formatting updates
• b81cfd5 Update eslint and prettier
• c98216a Upgrade test dependencies
• cb29abb 2.25.0
• bbffbe6 Merge branch 'master' of github.com:webpack-contrib/webpack-hot-middleware
• 82dd483 Merge pull request [Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#360 from jimblue/master
• e2b49ff improved client overlay style
• c430265 2.24.4
• fe33d59 Merge pull request [Snyk(Unlimited)] Upgrade debug from 2.0.0 to 2.6.9 snyk-fixtures/npm-lockfiles#355 from okcoker/ansi-color-fix
• 331ad96 Merge branch 'master' into ansi-color-fix
• f6609e4 Bump deps to sort audit out
• e605d10 Fix ansi colors
• 036bf30 Merge pull request [Snyk(Unlimited)] Upgrade color-convert from 1.9.2 to 1.9.3 snyk-fixtures/npm-lockfiles#354 from Hacksign/master
• f2b477d Resolve Code under example folder do not work. webpack-contrib/webpack-hot-middleware#353

See the full diff

Package name: wrap-ansi

The new version differs by 15 commits.

• bf27a9b 5.0.0
• cf78036 Update dependencies and meta tweaks
• c084e3e Fix a bunch of issues ([Snyk] Security upgrade moment from 2.22.1 to 2.29.2 #30)
• 8640dc3 4.0.0
• 76d163e Require Node.js 6
• 14f3af7 Bump dev dependencies
• b5fc35e Use escape codes from `ansi-styles` ([Snyk] Security upgrade tap from 5.8.0 to 11.1.3 #22)
• 165504b 3.0.1
• 1bcb5fd Fix space issues at the end of input string ([Snyk] Security upgrade tap from 5.8.0 to 11.1.3 #21)
• c0b4bfd 3.0.0
• a8c3423 Add option to not remove whitespace - fixes [Snyk] Fix for 1 vulnerabilities #9 ([Snyk] Security upgrade karma from 2.0.3 to 3.0.0 #17)
• f16f943 Add support for surrogate pairs and full width characters ([Snyk] Fix for 3 vulnerabilities #20)
• 3483a30 Require Node.js 4 and meta tweaks
• 02ad690 Fix no word wrap bug - fixes [Snyk] Security upgrade add-asset-html-webpack-plugin from 3.0.0 to 5.0.0 #18 ([Snyk] Fix for 1 vulnerabilities #19)
• e910f82 Fix tests ([Snyk] Security upgrade karma from 2.0.3 to 3.0.0 #15)

See the full diff

Package name: yargs

The new version differs by 26 commits.

• a6e67f1 chore(release): 13.2.4
• fc13476 chore: update standard-verison dependency
• bf46813 fix(i18n): rename unclear 'implication failed' to 'missing dependent arguments' ([Snyk(Unlimited)] Upgrade term-ng from 0.8.1 to 0.8.5 snyk-fixtures/npm-lockfiles#1317)
• a3a5d05 docs: fix a broken link to MS Terminology Search ([Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#1341)
• b4f8018 build: add .versionrc that hides test/build
• 0c39183 chore(release): 13.2.3
• 08e0746 chore: update deps ([Snyk(Unlimited)] Upgrade qs from 0.0.6 to 0.6.6 snyk-fixtures/npm-lockfiles#1340)
• 843e939 docs: make `--no-` boolean prefix easier to find in the docs ([Snyk(Unlimited)] Upgrade color-convert from 1.9.2 to 1.9.3 snyk-fixtures/npm-lockfiles#1338)
• 84cac07 docs: restore removed changelog of v13.2.0 ([Snyk(Unlimited)] Upgrade @thebespokepixel/es-tinycolor from 0.3.1 to 0.3.2 snyk-fixtures/npm-lockfiles#1337)
• b20db65 fix(deps): upgrade cliui for compatibility with latest chalk. ([Snyk(Unlimited)] Upgrade @thebespokepixel/string from 0.5.2 to 0.5.10 snyk-fixtures/npm-lockfiles#1330)
• c294d1b test: accept differently formatted output ([Snyk(Unlimited)] Upgrade adm-zip from 0.4.7 to 0.4.13 snyk-fixtures/npm-lockfiles#1327)
• ac3f10c chore: move .hbs templates into .js to facilitate webpacking ([Snyk(Unlimited)] Upgrade @thebespokepixel/meta from 0.2.3 to 0.2.5 snyk-fixtures/npm-lockfiles#1320)
• 0295132 fix: address issues with dutch translation ([Snyk(Unlimited)] Upgrade lodash from 4.17.10 to 4.17.15 snyk-fixtures/npm-lockfiles#1316)
• 9f2468e doc: clarify parserConfiguration object structure ([Snyk(Unlimited)] Upgrade debug from 2.0.0 to 2.6.9 snyk-fixtures/npm-lockfiles#1309)
• e7f2937 chore(release): 13.2.2
• edd0bb5 test: correct test description
• 03a9523 chore: forgoing dropping Node 6 until yargs@14 ([Snyk(Unlimited)] Upgrade color-convert from 1.9.2 to 1.9.3 snyk-fixtures/npm-lockfiles#1308)
• 14920d1 docs: remove --save option as it isn't required anymore ([Snyk(Unlimited)] Upgrade lodash from 4.17.10 to 4.17.15 snyk-fixtures/npm-lockfiles#1301)
• 545c7f1 test: slightly reworded one test
• 4375680 chore(release): 13.2.1
• dfcaa68 test: slight edit to test wording
• 3180224 fix: add zsh script to files array
• 0a96394 fix: support options/sub-commands in zsh completion
• 48249a2 chore(release): 13.2.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.