[Snyk] Upgrade husky from 4.3.6 to 7.0.2 #5
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade husky from 4.3.6 to 7.0.2. See this package in npm: https://www.npmjs.com/package/husky See this project in Snyk: https://app.snyk.io/org/baby636/project/96b2bb9d-c53d-4427-8d85-3ad99d81b13c?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade husky from 4.3.6 to 7.0.2.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Warning: This is a major version upgrade, and may be a breaking change.
The recommended version fixes:
SNYK-JS-TMPL-1583443
Why? Proof of Concept exploit, Recently disclosed, CVSS 7.5
SNYK-JS-SEMVERREGEX-1585624
Why? Proof of Concept exploit, Recently disclosed, CVSS 7.5
SNYK-JS-SEMVERREGEX-1584358
Why? Proof of Concept exploit, Recently disclosed, CVSS 7.5
SNYK-JS-AXIOS-1579269
Why? Proof of Concept exploit, Recently disclosed, CVSS 7.5
SNYK-JS-SEMVERREGEX-1047770
Why? Proof of Concept exploit, Recently disclosed, CVSS 7.5
SNYK-JS-PATHVAL-596926
Why? Proof of Concept exploit, Recently disclosed, CVSS 7.5
SNYK-JS-PATHPARSE-1077067
Why? Proof of Concept exploit, Recently disclosed, CVSS 7.5
SNYK-JS-NODENOTIFIER-1035794
Why? Proof of Concept exploit, Recently disclosed, CVSS 7.5
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: husky
-
7.0.2 - 2021-08-25
-
7.0.1 - 2021-07-06
- Fix gracefully fail if Git command is not found #1003 (same as in v6)
-
7.0.0 - 2021-07-01
- Improve
- Improve error output (shorter)
- Update
- Update
- Drop Node 10 support
-
6.0.0 - 2021-03-29
- Programmatically use husky:
- TypeScript definitions
-
5.2.0 - 2021-03-21
- Add
- Update
- Improve error messages
-
5.1.3 - 2021-03-02
- docs: add specific Yarn v2 install/uninstall instructions
- cli:
-
5.1.2 - 2021-03-01
- docs: recommend
- cli:
-
5.1.1 - 2021-02-22
- style(shell): add trailing newlines (#870)
- fix(init): update package.json postinstall
-
5.1.0 - 2021-02-21
- Add
-
5.0.9 - 2021-02-08
- fix(install): do not fail if not inside a Git directory (closes #851)
-
5.0.8 - 2021-01-28
-
5.0.7 - 2021-01-27
-
5.0.6 - 2020-12-11
-
5.0.5 - 2020-12-11
-
5.0.4 - 2020-11-22
-
5.0.3 - 2020-11-22
-
5.0.2 - 2020-11-22
-
5.0.1 - 2020-11-17
-
5.0.0 - 2020-11-16
-
5.0.0-beta.0 - 2020-10-16
-
5.0.0-alpha.6 - 2020-10-01
-
5.0.0-alpha.5 - 2020-09-21
-
5.0.0-alpha.4 - 2020-09-15
-
5.0.0-alpha.3 - 2020-09-15
-
5.0.0-alpha.2 - 2020-09-15
-
5.0.0-alpha.1 - 2020-09-15
-
5.0.0-alpha.0 - 2020-09-14
-
4.3.8 - 2021-01-15
-
4.3.7 - 2021-01-07
-
4.3.6 - 2020-12-13
from husky GitHub release notesFix pre-commit hook in WebStorm (#1023)
.husky/directory structure..husky/.gitignoreis now unnecessary and can be removed.husky-initCLIhusky-4-to-7CLIPlease help me develop and release OSS projects ❤️ on GitHub Sponsors or Open Collective. Thank you for your support!
After being in early access for Open Source projects and Sponsors for a limited time, I'm happy to announce that husky 6 is MIT again and can be freely used in commercial projects! 🎉
Many thanks to the Open Source projects and Companies which have switched to/sponsored the new husky during this period!
OSS is my full-time job, please consider sponsoring the development of husky on GitHub sponsors or Open Collective. Thank you!
Breaking change
husky inithas been moved to its own package (npx husky-init)Added
require('husky')Migrating from husky 4
Husky 6 contains breaking changes. If you're coming from v4,
npm install husky@6won't be enough.Recommended: see husky-4-to-6 CLI to automatically migrate your config. There's also a dedicated section in the docs.
If you're curious why config has changed, you may be interested in reading:
https://blog.typicode.com/husky-git-hooks-javascript-config/
Also Husky 6 follows official npm and Yarn best practices regarding autoinstall. It's recommended to use
preparescript instead (see usage in docs).setcommand to replace hooks (husky set .husky/pre-commit cmd)addcommand to append command (husky add .husky/pre-commit cmd)husky initwill detect Yarn v2 and initialize accordinglypreparescript instead ofpostinstall(#890)husky initusepreparescript (#890)husky initSee https://github.com/typicode/husky/releases/tag/v5.0.0 for v5 release notes
Commit messages
Package name: husky
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs