[Snyk] Upgrade: tslib, rxjs, yargs, tar, follow-redirects, inquirer, open, openshift-rest-client #649
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade multiple dependencies.
👯♂ The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
tslib
from 2.3.1 to 2.6.3 | 10 versions ahead of your current version | 3 months ago
on 2024-06-04
rxjs
from 7.5.5 to 7.8.1 | 6 versions ahead of your current version | a year ago
on 2023-04-26
yargs
from 17.5.1 to 17.7.2 | 6 versions ahead of your current version | a year ago
on 2023-04-27
tar
from 6.1.11 to 6.2.1 | 6 versions ahead of your current version | 6 months ago
on 2024-03-21
follow-redirects
from 1.14.9 to 1.15.6 | 7 versions ahead of your current version | 6 months ago
on 2024-03-14
inquirer
from 8.2.2 to 8.2.6 | 4 versions ahead of your current version | a year ago
on 2023-08-02
open
from 8.4.0 to 8.4.2 | 2 versions ahead of your current version | 2 years ago
on 2023-02-20
openshift-rest-client
from 7.0.0 to 7.1.1 | 2 versions ahead of your current version | 2 years ago
on 2022-10-14
Issues fixed by the recommended upgrade:
SNYK-JS-FOLLOWREDIRECTS-6141137
SNYK-JS-TAR-6476909
SNYK-JS-FOLLOWREDIRECTS-6444610
Release notes
Package name: tslib
What's Changed
Full Changelog: v2.6.2...v2.6.3
What's Changed
exports["module"]["types"]
by @ andrewbranch in #217Full Changelog: v2.6.1...v2.6.2
What's Changed
Full Changelog: 2.6.0...v2.6.1
What's Changed
using
andawait using
by @ rbuckton in #213Full Changelog: v2.5.3...2.6.0
What's Changed
Full Changelog: 2.5.2...v2.5.3
This release explicitly re-exports helpers to work around TypeScript's incomplete symbol resolution for tslib.
This release of tslib provides fixes for two issues.
First, it reverses the order of
init
hooks provided by decorators to correctly reflect proposed behavior.Second, it corrects the
exports
field of tslib'spackage.json
and provides accurate declaration files so that it may be consumed under thenode16
andbundler
settings formoduleResolution.
What's New
__esDecorate
and related helpers by @ rbuckton in #193Full Changelog: 2.4.1...2.5.0
This release contains fixes for early
return
s andthrow
s invoked on generators.This release includes the
__classPrivateFieldIn
helper as well as an update to__createBinding
to reduce indirection between multiple re-exports.Package name: rxjs
chore(publish): 7.8.1
Package name: yargs
17.7.2 (2023-04-27)
Bug Fixes
17.7.1 (2023-02-21)
Bug Fixes
17.7.0 (2023-02-13)
Features
Bug Fixes
17.6.2 (2022-11-03)
Bug Fixes
17.6.1 (2022-11-02)
Bug Fixes
Package name: tar
v6.2.1
6.2.0
6.1.15
6.1.14
6.1.13 (2022-12-07)
Dependencies
cc4e0dd
#343 bump minipass from 3.3.6 to 4.0.06.1.12 (2022-10-31)
Bug Fixes
57493ee
#332 ensuring close event is emited after stream has ended (@ webark)b003c64
#314 replace deprecated String.prototype.substr() (#314) (@ CommanderRoot, @ lukekarrys)Documentation
f129929
#313 remove dead link to benchmarks (#313) (@ yetzt)c1faa9f
add examples/explanation of using tar.t (@ isaacs)6.1.11
Package name: follow-redirects
No content.
No content.
No content.
No content.
No content.
No content.
No content.
No content.
Package name: inquirer
Package name: open
v8.4.1...v8.4.2
allowNonzeroExitCode
option (#296) 051edcaapp
argument with WSL (#295) 4cf1a6dv8.4.0...v8.4.1
v8.3.0...v8.4.0
Package name: openshift-rest-client
Bug Fixes
Features
Bug Fixes
7.0.0 (2021-10-01)
⚠ BREAKING CHANGES
Bug Fixes
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"tslib","from":"2.3.1","to":"2.6.3"},{"name":"rxjs","from":"7.5.5","to":"7.8.1"},{"name":"yargs","from":"17.5.1","to":"17.7.2"},{"name":"tar","from":"6.1.11","to":"6.2.1"},{"name":"follow-redirects","from":"1.14.9","to":"1.15.6"},{"name":"inquirer","from":"8.2.2","to":"8.2.6"},{"name":"open","from":"8.4.0","to":"8.4.2"},{"name":"openshift-rest-client","from":"7.0.0","to":"7.1.1"}],"env":"prod","hasFixes":true,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":[{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-6141137","issue_id":"SNYK-JS-FOLLOWREDIRECTS-6141137","priority_score":686,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.3","score":365},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Improper Input Validation"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-TAR-6476909","issue_id":"SNYK-JS-TAR-6476909","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-6444610","issue_id":"SNYK-JS-FOLLOWREDIRECTS-6444610","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"}],"prId":"ec521539-460a-4114-ad79-ea7d3dd90a25","prPublicId":"ec521539-460a-4114-ad79-ea7d3dd90a25","packageManager":"npm","priorityScoreList":[686,646,646],"projectPublicId":"be94fcb0-6164-4721-8739-126a6d6646f3","projectUrl":"https://app.snyk.io/org/seansund/project/be94fcb0-6164-4721-8739-126a6d6646f3?utm_source=github&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["priorityScore"],"type":"auto","upgrade":["SNYK-JS-FOLLOWREDIRECTS-6141137","SNYK-JS-TAR-6476909","SNYK-JS-FOLLOWREDIRECTS-6444610"],"upgradeInfo":{"versionsDiff":10,"publishedDate":"2024-06-04T20:25:19.808Z"},"vulns":["SNYK-JS-FOLLOWREDIRECTS-6141137","SNYK-JS-TAR-6476909","SNYK-JS-FOLLOWREDIRECTS-6444610"]}'