[Snyk] Upgrade: , , , babel-jest, jest, chalk, yaml, fs-extra, json5, glob, change-case, commander, docsify, eslint, eslint-plugin-jest, husky, jsdoc-to-markdown, json5-jest, jsonc-parser, less, lint-staged, node-sass, stylus, tinycolor2, tsd

[WontonSam]

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

Name	Versions	Released on

@babel/preset-env
from 7.16.11 to 7.25.4 | 50 versions ahead of your current version | 23 days ago
on 2024-08-22
@commitlint/cli
from 16.1.0 to 19.4.0 | 52 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a month ago
on 2024-08-07
@commitlint/config-conventional
from 16.0.0 to 19.2.2 | 36 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 5 months ago
on 2024-04-14
babel-jest
from 27.4.6 to 29.7.0 | 50 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-09-12
jest
from 27.4.7 to 29.7.0 | 51 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-09-12
chalk
from 4.1.2 to 5.3.0 | 7 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-06-29
yaml
from 1.10.2 to 2.5.0 | 39 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 2 months ago
on 2024-07-24
fs-extra
from 10.0.0 to 11.2.0 | 6 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 10 months ago
on 2023-11-28
json5
from 2.2.2 to 2.2.3 | 1 version ahead of your current version | 2 years ago
on 2022-12-31
glob
from 7.2.0 to 11.0.0 | 54 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 2 months ago
on 2024-07-08
change-case
from 4.1.2 to 5.4.4 | 13 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 5 months ago
on 2024-04-03
commander
from 8.3.0 to 12.1.0 | 17 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 4 months ago
on 2024-05-18
docsify
from 4.12.2 to 4.13.1 | 3 versions ahead of your current version | a year ago
on 2023-06-24
eslint
from 8.7.0 to 9.9.1 | 70 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 22 days ago
on 2024-08-23
eslint-plugin-jest
from 26.0.0 to 28.8.0 | 85 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a month ago
on 2024-08-07
husky
from 7.0.4 to 9.1.5 | 21 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 25 days ago
on 2024-08-20
jsdoc-to-markdown
from 7.1.0 to 8.0.3 | 5 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 2 months ago
on 2024-07-24
json5-jest
from 1.0.1 to 2.0.0 | 1 version ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-06-14
jsonc-parser
from 3.0.0 to 3.3.1 | 5 versions ahead of your current version | 3 months ago
on 2024-06-24
less
from 4.1.2 to 4.2.0 | 2 versions ahead of your current version | a year ago
on 2023-08-05
lint-staged
from 12.3.1 to 15.2.9 | 42 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a month ago
on 2024-08-13
node-sass
from 7.0.3 to 9.0.0 | 2 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-05-20
stylus
from 0.56.0 to 0.63.0 | 8 versions ahead of your current version | 6 months ago
on 2024-03-05
tinycolor2
from 1.4.2 to 1.6.0 | 13 versions ahead of your current version | 2 years ago
on 2023-02-03
tsd
from 0.19.1 to 0.31.1 | 23 versions ahead of your current version | 3 months ago
on 2024-06-17

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Prototype Pollution SNYK-JS-JSON5-3182856	178	Proof of Concept
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	178	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	178	Proof of Concept
	Internal Property Tampering SNYK-JS-TAFFYDB-2992450	178	Proof of Concept
	Denial of Service (DoS) SNYK-JS-WS-7266574	178	Proof of Concept
	Infinite loop SNYK-JS-MARKDOWNIT-6483324	178	Proof of Concept
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	178	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	178	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	178	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	178	Proof of Concept
	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	178	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	178	Proof of Concept
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	178	Proof of Concept
	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	178	Proof of Concept
	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	178	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	178	No Known Exploit
	Denial of Service (DoS) SNYK-JS-NWSAPI-2841516	178	No Known Exploit
	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	178	Proof of Concept
	Template Injection SNYK-JS-DOMPURIFY-6474511	178	Proof of Concept
	Server-Side Request Forgery (SSRF) SNYK-JS-IP-7148531	178	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	178	Proof of Concept

Release notes

Package name: @babel/preset-env

• 7.25.4 - 2024-08-22
  

  v7.25.4 (2024-08-22)

  🐛 Bug Fix

  • babel-traverse
    • #16756 fix: Skip computed key when renaming (@ liuxingbaoyu)
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
    • #16755 fix: Decorator 2018-09 may throw an exception (@ liuxingbaoyu)
  • babel-types
    • #16710 Visit AST fields nodes according to their syntactical order (@ nicolo-ribaudo)
  • babel-generator
    • #16709 Print semicolon after TS export namespace as A (@ nicolo-ribaudo)

  💅 Polish

  • babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-typescript, babel-runtime-corejs2, babel-runtime, babel-traverse
    • #16722 Avoid unnecessary parens around sequence expressions (@ nicolo-ribaudo)
  • babel-generator, babel-plugin-transform-class-properties
    • #16714 Avoid unnecessary parens around exported arrow functions (@ nicolo-ribaudo)
  • babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-transform-object-rest-spread
    • #16712 Avoid printing unnecessary parens around object destructuring (@ nicolo-ribaudo)

  🔬 Output optimization

  • babel-generator
    • #16740 Avoid extra spaces between comments/regexps in compact mode (@ nicolo-ribaudo)

  Committers: 4

  • Babel Bot (@ babel-bot)
  • Huáng Jùnliàng (@ JLHwung)
  • Nicolò Ribaudo (@ nicolo-ribaudo)
  • @ liuxingbaoyu
• 7.25.3 - 2024-07-31
  

  v7.25.3 (2024-07-31)

  🐛 Bug Fix

  • babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-traverse
    • #16699 Avoid validating visitors produced by traverse.visitors.merge (@ nicolo-ribaudo)

  🏠 Internal

  • babel-parser
    • #16688 Add @ babel/types as a dependency of @ babel/parser (@ nicolo-ribaudo)

  Committers: 2

  • Huáng Jùnliàng (@ JLHwung)
  • Nicolò Ribaudo (@ nicolo-ribaudo)
• 7.25.2 - 2024-07-30
  

  v7.25.2 (2024-07-30)

  🐛 Bug Fix

  • babel-core, babel-traverse
    • #16695 Ensure that requeueComputedKeyAndDecorators is available (@ nicolo-ribaudo)

  Committers: 2

  • Huáng Jùnliàng (@ JLHwung)
  • Nicolò Ribaudo (@ nicolo-ribaudo)
• 7.25.0 - 2024-07-26
  

  v7.25.0 (2024-07-26)

  Thanks @ davidtaylorhq and @ slatereax for your first PR!

  You can find the release blog post with some highlights at https://babeljs.io/blog/2024/07/26/7.25.0.

  👓 Spec Compliance

  • babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3
    • #16537 await using normative updates (@ JLHwung)
  • babel-plugin-transform-typescript
    • #16602 Ensure enum members syntactically determinable to be strings do not get reverse mappings (@ liuxingbaoyu)

  🚀 New Feature

  • babel-helper-create-class-features-plugin, babel-helper-function-name, babel-helper-plugin-utils, babel-helper-wrap-function, babel-plugin-bugfix-safari-class-field-initializer-scope, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-preset-env, babel-traverse, babel-types
    • #16658 Move ensureFunctionName to NodePath.prototype (@ nicolo-ribaudo)
  • babel-helper-hoist-variables, babel-helper-plugin-utils, babel-plugin-proposal-async-do-expressions, babel-plugin-transform-modules-systemjs, babel-traverse
    • #16644 Move hoistVariables to Scope.prototype (@ nicolo-ribaudo)
  • babel-helper-create-class-features-plugin, babel-helper-module-transforms, babel-helper-plugin-utils, babel-helper-split-export-declaration, babel-plugin-transform-classes, babel-traverse, babel-types
    • #16645 Move splitExportDeclaration to NodePath.prototype (@ nicolo-ribaudo)
  • babel-helper-create-class-features-plugin, babel-helper-environment-visitor, babel-helper-module-transforms, babel-helper-plugin-utils, babel-helper-remap-async-to-generator, babel-helper-replace-supers, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-plugin-transform-async-generator-functions, babel-plugin-transform-classes, babel-traverse
    • #16649 Move environment-visitor helper into @ babel/traverse (@ nicolo-ribaudo)
  • babel-core, babel-parser
    • #16480 Expose wether a module has TLA or not as .extra.async (@ nicolo-ribaudo)
  • babel-compat-data, babel-plugin-bugfix-safari-class-field-initializer-scope, babel-preset-env
    • #16569 Introduce bugfix-safari-class-field-initializer-scope (@ davidtaylorhq)
  • babel-plugin-transform-block-scoping, babel-traverse, babel-types
    • #16551 Add NodePath#getAssignmentIdentifiers (@ JLHwung)
  • babel-helper-import-to-platform-api, babel-plugin-proposal-json-modules
    • #16579 Add uncheckedRequire option for JSON imports to CJS (@ nicolo-ribaudo)
  • babel-helper-transform-fixture-test-runner, babel-node
    • #16642 Allow using custom config in babel-node --eval (@ slatereax)
  • babel-compat-data, babel-helper-create-regexp-features-plugin, babel-plugin-proposal-duplicate-named-capturing-groups-regex, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-preset-env, babel-standalone
    • #16445 Add duplicate-named-capturing-groups-regex to preset-env (@ JLHwung)

  🐛 Bug Fix

  • babel-generator
    • #16678 Print parens around as expressions on the LHS (@ nicolo-ribaudo)
  • babel-template, babel-types
    • #15286 fix: Props are lost when the template replaces the node (@ liuxingbaoyu)

  🏠 Internal

  • Other
    • #16674 bump gulp to 5 (@ JLHwung)
  • babel-generator
    • #16651 Simplify the printing logic for ( before ambiguous tokens (@ nicolo-ribaudo)
  • babel-helper-function-name, babel-plugin-transform-arrow-functions, babel-plugin-transform-function-name, babel-preset-env, babel-traverse
    • #16652 Simplify helper-function-name logic (@ nicolo-ribaudo)

  🏃‍♀️ Performance

  • babel-parser, babel-plugin-proposal-pipeline-operator
    • #16461 Some minor parser performance improvements for ts (@ liuxingbaoyu)

  🔬 Output optimization

  • babel-plugin-transform-classes
    • #16670 Reduce redundant assertThisInitialized (@ liuxingbaoyu)
  • babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-exponentiation-operator, babel-plugin-transform-object-super, babel-plugin-transform-private-methods, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
    • #16374 Improve super.x output (@ liuxingbaoyu)
  • babel-plugin-transform-class-properties, babel-plugin-transform-classes
    • #16656 Simplify output for anonymous classes with no methods (@ nicolo-ribaudo)

  Committers: 6

  • Artem (@ slatereax)
  • Babel Bot (@ babel-bot)
  • David Taylor (@ davidtaylorhq)
  • Huáng Jùnliàng (@ JLHwung)
  • Nicolò Ribaudo (@ nicolo-ribaudo)
  • @ liuxingbaoyu
• 7.24.8 - 2024-07-11
• 7.24.7 - 2024-06-05
• 7.24.6 - 2024-05-24
• 7.24.5 - 2024-04-29
• 7.24.4 - 2024-04-03
• 7.24.3 - 2024-03-20
• 7.24.1 - 2024-03-19
• 7.24.0 - 2024-02-28
• 7.23.9 - 2024-01-25
• 7.23.8 - 2024-01-08
• 7.23.7 - 2023-12-29
• 7.23.6 - 2023-12-11
• 7.23.5 - 2023-11-29
• 7.23.3 - 2023-11-09
• 7.23.2 - 2023-10-11
• 7.22.20 - 2023-09-16
• 7.22.15 - 2023-09-04
• 7.22.14 - 2023-08-30
• 7.22.10 - 2023-08-07
• 7.22.9 - 2023-07-12
• 7.22.7 - 2023-07-06
• 7.22.6 - 2023-07-04
• 7.22.5 - 2023-06-08
• 7.22.4 - 2023-05-29
• 7.22.2 - 2023-05-26
• 7.22.1 - 2023-05-26
• 7.22.0 - 2023-05-26
• 7.21.5 - 2023-04-28
• 7.21.4 - 2023-03-31
• 7.21.4-esm.4 - 2023-04-04
• 7.21.4-esm.3 - 2023-04-04
• 7.21.4-esm.2 - 2023-04-04
• 7.21.4-esm.1 - 2023-04-04
• 7.21.4-esm - 2023-04-04
• 7.20.2 - 2022-11-04
• 7.19.4 - 2022-10-10
• 7.19.3 - 2022-09-27
• 7.19.1 - 2022-09-14
• 7.19.0 - 2022-09-05
• 7.18.10 - 2022-08-01
• 7.18.9 - 2022-07-18
• 7.18.6 - 2022-06-27
• 7.18.2 - 2022-05-25
• 7.18.0 - 2022-05-19
• 7.17.12 - 2022-05-16
• 7.17.10 - 2022-04-29
• 7.16.11 - 2022-01-20

from @babel/preset-env GitHub release notes

Package name: @commitlint/cli

• 19.4.0 - 2024-08-07
  

  Features

  • Support command line options from a file by @ benquarmby in #4109
  • Support linting from the last tag by @ benquarmby in #4110

  Chore & Docs

  • docs(api/lint): add from keyword by @ Saber2pr in #4084
  • docs: warns about windows correct files encoding by @ jefersoneiji in #4086
  • ci: add schedule&workflow_dispatch triggers by @ knocte in #4087
  • docs: fixing rules.md by @ Naedri in #4098
  • feat(docs): add edit link by @ abitrolly in #4104
  • docs: remove GitLab clone depth limitation by @ abitrolly in #4105
  • Update local-setup.md by @ mostafa-rio in #4111

  New Contributors

  • @ Saber2pr made their first contribution in #4084
  • @ jefersoneiji made their first contribution in #4086
  • @ Naedri made their first contribution in #4098
  • @ mostafa-rio made their first contribution in #4111
  • @ benquarmby made their first contribution in #4109

  Full Changelog: v19.3.1...v19.4.0

• 19.3.0 - 2024-04-23
  

  19.3.0 (2024-04-23)

  Features

  • feat(format): print full commit message for valid commits if -V by @ weixinwu in #4026
  • feat(container): added @ commitlint/config-nx-scopes for nx monorepos by @ gperdomor in #3913

  Chore

  • docs: 📝 add pnpm to the getting started and local setup guides by @ VoloshchenkoAl in #4041

  New Contributors

  • @ weixinwu made their first contribution in #4026
  • @ fuyangpengqi made their first contribution in #4035
  • @ gperdomor made their first contribution in #3913
  • @ VoloshchenkoAl made their first contribution in #4041

  Full Changelog: v19.2.2...v19.3.0

• 19.2.2 - 2024-04-14
  

  19.2.2 (2024-04-14)

  Bug Fixes

  • fix(is-ignored): ignore "amend!" commits by @ chalkygames123 in #4024

  Chore

  • Update circleci ci-setup.md by @ HennaAbbas in #3989

  New Contributors

  • @ HennaAbbas made their first contribution in #3989

  Full Changelog: v19.2.1...v19.2.2

• 19.2.1 - 2024-03-19
  

  19.2.1 (2024-03-19)

  Bug Fixes

  • fix(config-nx-scopes): include file extension in nx imports by @ timonmasberg in #3979
  • Fix regression when using --last flag by @ webwarrior-ws in #3982

  New Contributors

  • @ timonmasberg made their first contribution in #3979
  • @ webwarrior-ws made their first contribution in #3982

  Full Changelog: v19.2.0...v19.2.1

• 19.2.0 - 2024-03-15
  

  19.2.0 (2024-03-15)

  Features

  • feat(cli): introduce new --last flag, to stop recommending HEAD~1 by @ knocte in #3916
  • feat(load): update cosmiconfig to v9 to add support for package.yaml config by @ danielbayley in #3976

  New Contributors

  • @ danielbayley made their first contribution in #3976

  Full Changelog: v19.1.0...v19.2.0

• 19.1.0 - 2024-03-12
  

  19.1.0 (2024-03-12)

  Bug Fixes

  • fix: add main and types keys in package.json by @ marcalexiei in #3953
  • fix: add missing conditions param for moduleResolve by @ JounQin in #3962
  • fix: add missing cjs entry in package by @ frantic1048 in #3967

  Features

  • feat: add CJS export for cz-commitlint by @ frantic1048 in #3963

  Chore

  • docs: Update cz-commitlint install command by @ gin0606 in #3955

  New Contributors

  • @ gin0606 made their first contribution in #3955
  • @ frantic1048 made their first contribution in #3963

  Full Changelog: v19.0.3...v19.1.0

• 19.0.3 - 2024-02-28
  

  19.0.3 (2024-02-28)

  Bug Fixes

  • fix: mark @ types/conventional-commits-parser as dep for @ commitlint/types by @ JounQin in #3944

  Full Changelog: v19.0.2...v19.0.3

• 19.0.2 - 2024-02-28
  

  19.0.2 (2024-02-28)

  Bug Fixes

  • fix: fallback to resolve-from for Yarn P'n'P by @ JounQin in #3941

  Full Changelog: v19.0.1...v19.0.2

• 19.0.1 - 2024-02-27
• 19.0.0 - 2024-02-27
• 18.6.1 - 2024-02-13
• 18.6.0 - 2024-01-25
• 18.5.0 - 2024-01-22
• 18.4.4 - 2024-01-04
• 18.4.3 - 2023-11-21
• 18.4.2 - 2023-11-16
• 18.4.1 - 2023-11-12
• 18.4.0 - 2023-11-10
• 18.2.0 - 2023-10-26
• 18.1.0 - 2023-10-25
• 18.0.0 - 2023-10-20
• 17.8.1 - 2023-10-20
• 17.8.0 - 2023-10-14
• 17.7.2 - 2023-09-28
• 17.7.1 - 2023-08-10
• 17.7.0 - 2023-08-09
• 17.6.7 - 2023-07-19
• 17.6.6 - 2023-06-24
• 17.6.5 - 2023-05-30
• 17.6.3 - 2023-05-04
• 17.6.1 - 2023-04-14
• 17.6.0 - 2023-04-13
• 17.5.1 - 2023-03-28
• 17.5.0 - 2023-03-22
• 17.4.4 - 2023-02-17
• 17.4.3 - 2023-02-13
• 17.4.2 - 2023-01-12
• 17.4.1 - 2023-01-09
• 17.4.0 - 2023-01-04
• 17.3.0 -...

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.