Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[Snyk] Upgrade lerna from 3.15.0 to 3.16.4#3

Open
snyk-bot wants to merge 1 commit into
masterfrom
snyk-upgrade-80219e5ef05ae39d3b470e2aeae922d1
Open

[Snyk] Upgrade lerna from 3.15.0 to 3.16.4#3
snyk-bot wants to merge 1 commit into
masterfrom
snyk-upgrade-80219e5ef05ae39d3b470e2aeae922d1

Conversation

@snyk-bot

Copy link
Copy Markdown

Snyk has created this PR to upgrade lerna from 3.15.0 to 3.16.4.

  • The recommended version is 5 versions ahead of your current version.
  • The recommended version was released 2 months ago, on 2019-07-24.

The recommended version fixes:

Severity Title Issue ID
Prototype Pollution SNYK-JS-HANDLEBARS-469063
Release notes
  • 3.16.4 - 2019-07-24

    3.16.4 (2019-07-24)

    Bug Fixes

    • conventional-commits: Avoid duplicate root changelog entries with custom --tag-version-prefix (8adeac1), closes #2197
    • conventional-commits: Preserve tag prefix in fixed changelog comparison links (11cf6d2), closes #2197
    • pack-directory: Use correct property when packing subdirectories (1575396)
    • publish: Pass correct arguments to packDirectory() (b1aade3)
  • 3.16.3 - 2019-07-23

    3.16.3 (2019-07-23)

    Bug Fixes

    • publish: Identify tagged packages correctly with custom --tag-version-prefix (f4cbd4d), closes #2195
  • 3.16.2 - 2019-07-22

    3.16.2 (2019-07-22)

    Bug Fixes

    • create-symlink: Generate shims for missing bin scripts for Windows (c3f7998)
    • create-symlink: Use octal notation for chmod values (03f80b7)
    • deps: npm-lifecycle@^3.1.2 (25edebf), closes #2189
    • deps: Switch to actively-maintained @zkochan/cmd-shim (60d1100)
    • integration: Limit concurrency of bootstrap --hoist test (f25854d)
  • 3.16.1 - 2019-07-19

    3.16.1 (2019-07-19)

    Bug Fixes

  • 3.16.0 - 2019-07-18

    3.16.0 (2019-07-18)

    Bug Fixes

    • command: Bump minimum range of lodash, silence dumb 'security' warning (c405871)
    • conventional-commits: Hard-pin lodash.template dependency to silence 'helpful' security warning (c54ad68)
    • deps: Bump @evocateur/pacote (03e4797)
    • deps: Update forked npm libs (4d67426)
    • npm-conf: OTP should default to undefined, figgy pudding is very strict (2fa02a8)
    • pack-directory: Bump npm-packlist + tar dependencies (59ebd19)
    • package-graph: Flatten cycles to avoid skipping packages (#2185) (b335763)
    • project: Ensure deprecated githubRelease config is also remapped from command.publish namespace (a3d264e), closes #2177
    • publish: Add --graph-type option to control packages included in topological sort (#2152) (ae87669), closes #1437
    • publish: Allow --no-verify-access to prevent checking for account-level 2FA (ce58d8f)
    • publish: OTP cache should be seeded from conf value, not CLI directly (cf56622)
    • publish: Propagate root license into custom publish directories (d410a58), closes #2157

    Features

    • bootstrap: Add --strict option to enable throwing when --hoist warns (#2140) (91437b5)
    • deps: @octokit/plugin-enterprise-rest@^3.6.1 (74a3890)
    • deps: @octokit/rest@^16.28.4 (5f09f50)
    • deps: byte-size@^5.0.1 (ed51ddd)
    • deps: conventional-recommended-bump@^5.0.0 (2a0ed60)
    • deps: fs-extra@^8.1.0 (313287f)
    • deps: get-port@^4.2.0 (778ae6a)
    • deps: glob-parent@^5.0.0 (c6bc218)
    • deps: globby@^9.2.0 (d9aa249)
    • deps: import-local@^2.0.0 (14d2c66)
    • deps: is-ci@^2.0.0 (ab2ad83)
    • deps: load-json-file@^5.3.0 (3718cc9)
    • deps: multimatch@^3.0.0 (968b0d7)
    • deps: p-map@^2.1.0 (9e58394)
    • deps: pify@^4.0.1 (f8ee7e6)
    • deps: semver@^6.2.0 (d8016d9)
    • deps: slash@^2.0.0 (bedd6af)
    • deps: write-json-file@^3.2.0 (4fa7dea)
    • listable: Output JSON adjacency list with --graph (9457a21), closes #1970
    • otplease: Expose getOneTimePassword() helper (44b9f70)
    • publish: Eager prompt for OTP when account-level 2FA is enabled (4f893d1)
    • run-lifecycle: Upgrade npm-lifecycle@^3.1.0 (e015a74)
  • 3.15.0 - 2019-06-09

    3.15.0 (2019-06-09)

    Bug Fixes

    • deps: Consume forked npm libs (bdd4fa1)

    Features

    • version: Add --create-release=[gitlab|github] option (#2073) (4974b78)

from lerna GitHub Release Notes


🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment