ndm
ndm copied to clipboard
720kb
[Snyk] Security upgrade npm from 4.6.1 to 6.14.6
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|
 |
Prototype Pollution SNYK-JS-AJV-584908 |
Yes | No Known Exploit |
 |
Insertion of Sensitive Information into Log File SNYK-JS-NPM-575435 |
Yes | No Known Exploit |
Commit messages
Package name: npm
The new version differs by 250 commits.- 66092d5 6.14.6
- 46e91d9 update AUTHORS
- 66aab41 docs: changelog for 6.14.6
- 94eca63 [email protected]
- a9857b8 chore: remove auth info from logs
- 479e45c style: fix lint error with no trailing comma
- 1aec4cb test: add test for `npm doctor` that ping registry returns error
- b7ad775 fix: wrong `npm doctor` command result
- 9a2e2e7 docs: Fix typo
- c49b6ae [email protected]
- 3dd429e docs: Add note about dropped `*` filenames
- 0ca3509 Update npm-link.md
- 2e05298 chore(docs): fixed links to cli commands
- abdf528 6.14.5
- 074f9a5 update AUTHORS
- 1238ee0 chore: remove slack notification
- 19a0230 docs: updated node-gyp links
- 36c878d chore: remove pyc files from tarball
- 0f219cc chore: reenable windows ci
- 725bef8 docs: changelog for 6.14.5
- e6d2083 [email protected]
- 8228d1f [email protected]
- 07a4d88 [email protected]
- 5587ac0 [email protected]
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
