adonis-cli icon indicating copy to clipboard operation
adonis-cli copied to clipboard
verified publisher icon adonisjs

[Snyk] Security upgrade @adonisjs/ace from 5.0.8 to 6.0.0

Open snyk-bot opened this issue 5 years ago • 0 comments

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 686/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3		 Prototype Pollution
SNYK-JS-SETVALUE-450213		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: @adonisjs/ace The new version differs by 26 commits.
  • 32d7b9a chore(release): 6.0.0
  • 35dbfb6 chore: update dependencies
  • cd5ed19 chore(package): going back to original version
  • a0084fa refactor: export manifest
  • 70f701d feat(utils): add utility for handling errors
  • 20da1f1 feat: kernel now entertains manifest as a first class citizen
  • 786e1f1 refactor: move help command to kernel itself
  • dae9a53 feat: add support for manifest file
  • ebf98b4 feat: add method to run commands directly
  • cc0c8c2 feat: add support for spread args
  • 3ecf6c5 feat: add decorators and docs
  • efd5586 refactor: get rid of lerna and monorepo
  • 009a037 feat(kernel): add support for command suggestions
  • 83877b5 refactor(kernel): ensure optional args comes at the end
  • 35571b8 feat(help): add utility to create help screens
  • 2223f24 refactor(kernel): make commands and flags public
  • e6450b4 refactor: move argv parsing to a dedicated parser
  • bf0eab5 feat: add functions to print commands help
  • c93610a style: update docblock
  • b445264 feat: add support for description in command, args and flags
  • 07f662f feat(ace): add command sorting and grouping helper
  • 81877de chore(tsconfig): add support for decorators
  • 4209e63 feat(ace): add command parser kernel
  • bf5037c chore(package): add pre commit hook

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

snyk-bot avatar Oct 23 '20 03:10 snyk-bot