[Snyk] Upgrade @npmcli/arborist from 5.6.3 to 7.5.2 #6
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)
Snyk has created this PR to upgrade @npmcli/arborist from 5.6.3 to 7.5.2.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 43 versions ahead of your current version.
The recommended version was released on 21 days ago.
Issues fixed by the recommended upgrade:
SNYK-JS-INFLIGHT-6095116
SNYK-JS-IP-7148531
Release notes
Package name: @npmcli/arborist
v7.5.2 (2021-02-02)
BUG FIXES
37613e4e6
#2395 #2329 fix(exec): use latest version when possible (@ wraithgar)567c9bd03
fix(lib/npm): do not clobber config.execPath (@ wraithgar)DEPENDENCIES
643709706
@ npmcli/config@1.2.9
(@ isaacs)4c6be4a
Restore npm v6 behavior withINIT_CWD
bbebc66
Do not set thePREFIX
environment variablev7.5.1 (2021-02-01)
BUG FIXES
0ea134e41
#2587 pass all settings through to pacote.packument, fixes #2060 (@ nlf)894fa0ac2
Add test for npm-usage.js, and fix 'npm --long' output (@ isaacs)DEPENDENCIES
7e4e88e93
@ npmcli/arborist@2.1.1
:,pacote@11.2.4
DOCUMENTATION
23dac2fef
#2557 npm team revamp (@ ruyadorno)dd05ba0c0
#2572 add note about--force
overriding peer dependencies (@ isaacs)e27639780
#2584 Fixed the spelling of contributor as it was written as conributor (@ pavanbellamkonda)13a5e3178
#2502 elaborate that npm help uses browser (@ ariccio)v7.5.0 (2021-01-28)
FEATURES
d011266b7
#1319 add npm diff command (@ ruyadorno)BUG FIXES
d2f8af2da
#2445 publish: don't complain about missing auth until after registry is chosen (@ dr-js)DOCUMENTATION
8d3fd63aa
#2559 updates to readme, removal, contributing and several other docs (@ darcyclarke)7772d9f9f
#2542 fix grammar on caching docs for search, exec and init (@ wraithgar)52e8a1aef
#2558 refreshed npm updated docs (@ ruyadorno)abae00ca0
#2565 update npm command docs (@ wraithgar)9351cbf9a
#2566 refresh npm run-script docs (@ ruyadorno)DEPENDENCIES
56c08863e
hosted-git-info@3.0.8
18a93f06b
ssri@8.0.1
cb768f671
@ npmcli/move-file@1.1.1
32cc0a4be
minipass-fetch@1.3.3
530997968
@ npmcli/arborist@2.1.0
v7.4.2 (2021-01-15)
DEPENDENCIES
e5ce6bbba
@ npmcli/arborist@2.0.5
v7.4.1 (2021-01-14)
BUG FIXES
23df96d33
#2486 npm link no longer deletes entire project when global prefix is a symlink (@ nlf)DOCUMENTATION
7dd0dfc59
#2459 fix(docs): clean upnpm start
docs (@ wraithgar)307b3bd9f
#2460 fix(docs): clean upnpm stop
docs (@ wraithgar)23f01b739
#2462 fix(docs): clean upnpm test
docs (@ wraithgar)4b43656fc
#2463 fix(docs): clean upnpm prefix
docs (@ wraithgar)1135539ba
a07bb8e69
9b55b798e
cd5eeaaa0
6df69ce10
dc6b2a8b0
a3c127446
#2464 fix(docs): clean upnpm uninstall
docs (@ wraithgar)cfdcf32fd
#2474 fix(docs): clean upnpm unpublish
docs (@ wraithgar)acd5b062a
#2475 fix(docs): updatepackage-lock.json
docs (@ isaacs)b0b0edf6d
#2482 fix(docs): clean upnpm token
docs (@ wraithgar)35559201a
#2487 fix(docs): clean upnpm search
docs (@ wraithgar)DEPENDENCIES
ea8c02169
@ npmcli/arborist@2.0.5
fb6f2c313
pacote@11.2.1
c549b7657
make-fetch-happen@8.0.13
v7.4.0 (2021-01-07)
FEATURES
47ed2dfd8
#2456 add--foreground-scripts
option (@ isaacs)BUG FIXES
d01746a5a
#2444 #1103 Remove deprecatedprocess.umask()
(@ isaacs)b2e2edf8a
#2422 npm publish --dry-run should not check login status (@ buyan302)99156df80
#2448 #2425 pass extra arguments directly to run-script as an array (@ nlf)907b34b2e
#2455 fix(ci): pay attention to --ignore-scripts (@ wraithgar)DEPENDENCIES
7a49fd4af
tar@6.1.0
,pacote@11.1.14
54a7bd16c
@ npmcli/arborist@2.0.3
DOCUMENTATION
a390d7456
#2440 Updated the url for RFC 19 so that it isn't a 404. (@ therealjeffg)e02b46ad7
#2436 Grammatical Fix in npm-ls Documentation 'Therefore' is spelled 'Therefor' (@ marsonya)0fed44dea
#2417 Fix npm bug reporting url (@ AkiaCode)7.3.0 (2020-12-18)
FEATURES
a9b8bf263
#2362 Support multiple set/get/deletes in npm config (@ isaacs)BUG FIXES
9eef63849
Pass full set of options to login helper functions. This fixesnpm login --no-strict-ssl
, as well as a host of other options that one might want to set while logging in. Reported by: @ toddself (@ isaacs)628a554bc
#2358 fix doctor test to work correctly for node pre-release versions (@ nlf)be4a0900b
#2360 raise an error early if publishing without login, registry (@ isaacs)44d433105
#2366 Include prerelease versions when deprecating (@ tiegz)cba3341da
#2373 npm profile refactor (@ ruyadorno)7539504e3
#2382 remove the metrics sender (@ nlf)DOCS
b98569a8c
add note aboutINIT_CWD
to run-script doc292929279
#2368 Revert bug-reporting links to GH. Re: https://blog.npmjs.org/post/188841555980/updates-to-community-docs-more (@ tiegz)f4560626f
updateISSUE_TEMPLATE
with modern links (@ isaacs)bc1c567ed
update npm command doc feature request links (@ isaacs)0ad958fe1
#2381 (docs,test): assorted typo fixes (@ XhmikosR)TESTING
a92d310b7
#2361 Add max-len to lint rules (@ Edu93Jer)DEPENDENCIES
4fc2f3e05
#2300@ npmcli/config@1.2.8
:Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: