vow
vow copied to clipboard
adonisjs
[Snyk] Upgrade globby from 8.0.2 to 13.0.0
Snyk has created this PR to upgrade globby from 8.0.2 to 13.0.0.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Warning: This is a major version upgrade, and may be a breaking change.
- The recommended version is 18 versions ahead of your current version.
- The recommended version was released 21 days ago, on 2022-01-24.
The recommended version fixes:
| Severity | Issue | PriorityScore (*) | Exploit Maturity |
|---|---|---|---|
 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905 |
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: globby
-
13.0.0 - 2022-01-24
Breaking
- Rename
generateGlobTaskstogenerateGlobTasksSync(#221) 51c8f68 - Remove
ignoreoption forisGitIgnoredandisGitIgnoredSync(#225) 2e43cc4- This option never worked correctly.
Improvements
- Improve performance with mutiple patterns (#222) 04fbd5b
- Add async
generateGlobTasksmethod (#221) 51c8f68
Fixes
- Rename
- 12.2.0 - 2022-01-17
- 12.1.0 - 2022-01-15
-
12.0.2 - 2021-08-24
- Ensure async method is completely async e167725
-
12.0.1 - 2021-08-16
- Internal changes 5a64253
-
12.0.0 - 2021-07-22
Breaking
- Require Node.js 12.20 (#181) 5c32b4a
- This package is now pure ESM. Please read this.
- This package now uses named exports instead of a default export
globby→{globby}globby.sync→{globbySync}globby.stream→{globbyStream}globby.generateGlobTasks→{generateGlobTasks}globby.hasMagic→{isDynamicPattern}globby.gitignore→{isGitIgnored}globby.gitignore.sync→{isGitIgnoredSync}
-const globby = require('globby'); +import {globby} from 'globby';
-
11.1.0 - 2022-01-08
- Update dependencies to fix some
npm auditnotices
- Update dependencies to fix some
- 11.0.4 - 2021-06-16
- 11.0.3 - 2021-03-22
- 11.0.2 - 2021-01-06
- 11.0.1 - 2020-06-02
- 11.0.0 - 2020-01-06
- 10.0.2 - 2020-01-06
- 10.0.1 - 2019-07-05
- 10.0.0 - 2019-06-29
- 9.2.0 - 2019-04-01
- 9.1.0 - 2019-03-03
- 9.0.0 - 2019-01-11
- 8.0.2 - 2019-01-09
Commit messages
Package name: globby
- 43eccf4 13.0.0
- b3a9531 Meta tweaks
- 2e43cc4 Remove `ignore` option for `isGitIgnored` and `isGitIgnoredSync` (#225)
- 04fbd5b Improve performance with mutiple patterns (#222)
- f816156 Don't pass `options.ignore` to `isGitIgnored` (#223)
- 51c8f68 Expose new `generateGlobTasks` and `generateGlobTasksSync` (#221)
- 93f83f3 Fix `bench` script (#220)
- 09171d9 Improve task expansion (#219)
- 65af64f Simplify `expandDirectories` option handling (#218)
- 128772a Simplify task expansion (#215)
- e5d6d00 Minor refactoring (#217)
- c20c630 Improve test coverage (#216)
- 6cb81ca Apply arguments check logic to `isDynamicPattern` (#214)
- ffd6b22 Simplify result filter and unique (#213)
- de3b6fe Remove `array-union` (#211)
- ac50a7a Fix `generateGlobTasks` call without options (#212)
- 1852fc5 Fix bug with `objectMode` option (#210)
- 2c9cc27 Fix typo (#209)
- 7833ad5 Drop support for checking object with `path` property in function returns by `isGitIgnored` (#208)
- fc653c7 12.2.0
- 2e57ffa Fix readme
- 1224230 Work around TypeScript type problem with `URL` global (#206)
- a9fc794 Accept `URL` in function returned by `isGitIgnored` (#207)
- 1be9d02 12.1.0
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🔕 Ignore this dependency or unsubscribe from future upgrade PRs
