[Snyk] Upgrade nodemon from 2.0.15 to 2.0.22

[Loonz206]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade nodemon from 2.0.15 to 2.0.22.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 7 versions ahead of your current version.
• The recommended version was released 4 months ago, on 2023-03-22.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-LOADERUTILS-3043105	375/1000 Why? CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-LOADERUTILS-3043105	375/1000 Why? CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-MONGOOSE-2961688	375/1000 Why? CVSS 7.5	Proof of Concept
	Sandbox Bypass SNYK-JS-WEBPACK-3358798	375/1000 Why? CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	375/1000 Why? CVSS 7.5	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	375/1000 Why? CVSS 7.5	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	375/1000 Why? CVSS 7.5	No Known Exploit
	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	375/1000 Why? CVSS 7.5	No Known Exploit
	Information Exposure SNYK-JS-NANOID-2332193	375/1000 Why? CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CONVENTIONALCOMMITSPARSER-1766960	375/1000 Why? CVSS 7.5	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	375/1000 Why? CVSS 7.5	Proof of Concept
	Open Redirect SNYK-JS-GOT-2932019	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	375/1000 Why? CVSS 7.5	Proof of Concept
	Session Fixation SNYK-JS-PASSPORT-2840631	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TERSER-2806366	375/1000 Why? CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TRIMOFFNEWLINES-1296850	375/1000 Why? CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	375/1000 Why? CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	375/1000 Why? CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: nodemon

• 2.0.22 - 2023-03-22
  

  2.0.22 (2023-03-22)

  Bug Fixes

  • remove ts mapping if loader present (f7816e4), closes #2083
• 2.0.21 - 2023-03-02
  

  2.0.21 (2023-03-02)

  Bug Fixes

  • remove ts mapping if loader present (1468397), closes #2083
• 2.0.20 - 2022-09-16
  

  2.0.20 (2022-09-16)

  Bug Fixes

  • remove postinstall script (e099e91)
• 2.0.19 - 2022-07-05
  

  2.0.19 (2022-07-05)

  Bug Fixes

  • Replace update notifier with simplified deps (#2033) (176c4a6), closes #1961 #2028
• 2.0.18 - 2022-06-23
  

  2.0.18 (2022-06-23)

  Bug Fixes

  • revert update-notifier forcing esm (1b3bc8c)
• 2.0.17 - 2022-06-23
  

  2.0.17 (2022-06-23)

  Bug Fixes

  • bump update-notifier to v6.0.0 (#2029) (0144e4f)
  • update packge-lock (27e91c3)
• 2.0.16 - 2022-04-29
  

  2.0.16 (2022-04-29)

  Bug Fixes

  • support windows by using path.delimiter (e26aaa9)
• 2.0.15 - 2021-11-09
  

  2.0.15 (2021-11-09)

  Bug Fixes

  • bump prod dep versions (54784ab)

from nodemon GitHub release notes

Commit messages

Package name: nodemon

• c971fdc Merge branch 'main' of github.com:remy/nodemon
• b9679a2 chore: supporters
• f7816e4 fix: remove ts mapping if loader present
• 9f3ffdb One more fix
• abc8522 Get rid of spawning shell windows if nodemon is started without console.
• b11ddd1 Merge branch 'main' of github.com:remy/nodemon
• 204af11 chore: missing supporters
• 1468397 fix: remove ts mapping if loader present
• 26b1f0f chore: add conventional commit check
• adaafa1 One more fix
• 010266a Get rid of spawning shell windows if nodemon is started without console.
• ec9ea6c chore: update supporters
• a15f469 chore: + support
• fb7cd1c chore: supporters
• 736dff0 chore: update
• 506c80f chore: update supporters
• ee561cf chore: fix url
• 544e3d5 chore: supporters
• 80dc137 chore: supporters
• 1de684b chore: supporters
• 0a6ff95 Merge branch 'main' of github.com:remy/nodemon
• fcf423d chore: update supporters
• fe6471e docs: add workaround for inspect problem to faq.md
• e099e91 fix: remove postinstall script

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
0.0% Duplication