⬆️ Updates conventional-changelog-cli to v5 #938

Security Report

You have successfully remediated 63 vulnerabilities, but introduced 2 new vulnerabilities in this branch.

❌ New vulnerabilities:

CVE	Severity	CVSS Score	Vulnerable Library	Suggested Fix	Issue
CVE-2023-44270 Path to dependency file: /tilt_modules/tilt_inspector/package.json Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/postcss/package.json Dependency Hierarchy: -> tilt-inspector-0.1.6.tgz (Root Library) -> next-10.2.3.tgz -> ❌ postcss-8.2.13.tgz (Vulnerable Library)	Medium	5.3	postcss-8.2.13.tgz	Upgrade to version: postcss - 8.4.31	None
CVE-2021-32640 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> puppeteer-core-7.0.4.tgz (Root Library) -> ❌ ws-7.4.3.tgz (Vulnerable Library)	Medium	5.3	ws-7.4.3.tgz	Upgrade to version: 5.2.3,6.2.2,7.4.6	None

✔️ Remediated vulnerabilities:

CVE	Vulnerable Library
CVE-2018-16487	lodash-2.4.2.tgz
CVE-2021-44906	minimist-1.2.5.tgz
CVE-2022-25851	jpeg-js-0.4.3.tgz
CVE-2022-25881	http-cache-semantics-4.1.0.tgz
CVE-2022-0144	shelljs-0.8.4.tgz
CVE-2021-3795	semver-regex-1.0.0.tgz
CVE-2015-9251	jquery-1.9.1.js
CVE-2020-11022	jquery-1.9.1.js
CVE-2020-28500	lodash-2.4.2.tgz
CVE-2023-26159	follow-redirects-1.14.2.tgz
CVE-2022-46175	json5-1.0.1.tgz
CVE-2024-28176	jose-2.0.5.tgz
CVE-2021-23566	nanoid-3.1.25.tgz
CVE-2023-48795	ssh2-0.8.9.tgz
CVE-2022-46175	json5-2.2.0.tgz
CVE-2022-0155	follow-redirects-1.14.2.tgz
CVE-2022-33987	got-11.8.2.tgz
CVE-2023-25166	formula-3.0.0.tgz
CVE-2021-43308	markdown-link-extractor-1.3.0.tgz
CVE-2021-3807	ansi-regex-4.1.0.tgz
CVE-2019-11358	jquery-1.9.1.js
CVE-2022-25883	semver-7.3.5.tgz
CVE-2024-28863	tar-6.1.11.tgz
CVE-2023-46234	browserify-sign-4.2.1.tgz
CVE-2023-26115	word-wrap-1.2.3.tgz
CVE-2021-23358	underscore-1.6.0.tgz
CVE-2021-3749	axios-0.21.1.tgz
CVE-2012-6708	jquery-1.8.1.min.js
CVE-2020-7656	jquery-1.8.1.min.js
CVE-2020-8203	lodash-2.4.2.tgz
CVE-2021-43307	semver-regex-1.0.0.tgz
CVE-2022-25883	semver-6.3.0.tgz
CVE-2023-45133	traverse-7.15.0.tgz
CVE-2021-23337	lodash-2.4.2.tgz
CVE-2021-3807	ansi-regex-5.0.0.tgz
CVE-2020-7753	trim-0.0.1.tgz
CVE-2022-33987	got-9.6.0.tgz
CVE-2021-3795	semver-regex-3.1.2.tgz
CVE-2023-45857	axios-0.21.1.tgz
CVE-2021-3918	json-schema-0.2.3.tgz
CVE-2022-24999	qs-6.5.2.tgz
CVE-2021-3807	ansi-regex-3.0.0.tgz
CVE-2022-31051	semantic-release-17.4.7.tgz
CVE-2021-43307	semver-regex-3.1.2.tgz
CVE-2022-36083	jose-2.0.5.tgz
CVE-2022-25883	semver-5.7.1.tgz
CVE-2024-28849	follow-redirects-1.14.2.tgz
CVE-2020-26301	ssh2-0.8.9.tgz
CVE-2020-11023	jquery-1.8.1.min.js
CVE-2019-1010266	lodash-2.4.2.tgz
CVE-2021-43138	async-3.2.1.tgz
CVE-2020-11023	jquery-1.9.1.js
CVE-2018-3721	lodash-2.4.2.tgz
CVE-2021-3777	tmpl-1.0.4.tgz
CVE-2021-43616	npm-7.21.1.tgz
CVE-2023-26136	tough-cookie-4.0.0.tgz
CVE-2015-9251	jquery-1.8.1.min.js
CVE-2022-29244	npm-7.21.1.tgz
CVE-2023-42282	ip-1.1.5.tgz
CVE-2020-11022	jquery-1.8.1.min.js
CVE-2021-23425	trim-off-newlines-1.0.1.tgz
CVE-2019-10744	lodash-2.4.2.tgz
CVE-2022-0536	follow-redirects-1.14.2.tgz

Base branch total remaining vulnerabilities: 73
Base branch commit: null

Total libraries scanned: 531

Scan token: fbab2bfb78f643c3a4fd22f92fbd004d

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

⬆️ Updates conventional-changelog-cli to v5 #938

⬆️ Updates conventional-changelog-cli to v5 #938

Security Report

Re-running checks...

⬆️ Updates conventional-changelog-cli to v5 #938

Are you sure you want to change the base?

:arrow_up: Updates conventional-changelog-cli to v5

⬆️ Updates conventional-changelog-cli to v5 #938

Security Report

Re-running checks...