loading
loading copied to clipboard
node-modules
[Snyk] Security upgrade globby from 2.0.0 to 11.0.0
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5 |
Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116 |
Yes | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: globby
The new version differs by 109 commits.- 45ac58a 11.0.0
- 3c93fa1 Re-enable test for #97
- 4a471af Require Node.js 10
- d4681a4 Get rid of `glob` dependency (#135)
- 8bc1ab0 10.0.2
- 72e775a Fix using `gitignore` and `absolute` options at the same time on Windows (#137)
- c61561a Fix TypeScript type for the `expandDirectories` option (#138)
- 51611f5 Tidelift tasks
- 4a47044 10.0.1
- a226f5d Don't throw when specifying a non-existing `cwd` directory (#125)
- 5b0834a Readme tweaks
- 878ef6e 10.0.0
- 3706920 Upgrade `fast-glob` package to v3 (#126)
- 8aadde8 Add `globby.stream` (#113)
- 2dd76d2 Remove `**/bower_components/**` as a default ignore pattern
- 9f781ce Require Node.js 8
- 04d51bf Upgrade `ignore` package (#120)
- 2b61484 Readme tweaks
- ff3e1f9 Tidelift tasks
- 31f18ae Create funding.yml
- 33ca01c Fix using the `gitignore` and `stats` options together (#121)
- c737820 Minor TypeScript definition improvements
- 82db101 Add Node.js 12 to testing (#117)
- 766b728 9.2.0
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.
Updated dependencies detected. Learn more about Socket for GitHub ↗︎
| Packages | Version | New capabilities | Transitives | Size | Publisher |
|---|---|---|---|---|---|
| globby | 2.0.0...11.0.4 | filesystem | +23/-4 |
596 kB | sindresorhus |
![socket-security[bot] avatar](https://avatars.githubusercontent.com/in/156372?v=4 "Published by a pub.dev verified publisher"){kind=small}