[Snyk] Upgrade commander from 2.15.1 to 4.1.1

[snyk-bot]

Snyk has created this PR to upgrade commander from 2.15.1 to 4.1.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 18 versions ahead of your current version.
• The recommended version was released a month ago, on 2020-02-03.

Release notes

Package name: commander

• 4.1.1 - 2020-02-03
  

  Fixed

  • TypeScript definition for .action() should include Promise for async ([#1157])
• 4.1.0 - 2020-01-06
  

  Added

  • two routines to change how option values are handled, and eliminate name clashes with command properties (#933 #1102)
    • see storeOptionsAsProperties and passCommandToAction in README
  • .parseAsync to use instead of .parse if supply async action handlers (#806 #1118)

  Fixed

  • Remove trailing blanks from wrapped help text (#1096)

  Changed

  • update dependencies
  • extend security coverage for Commander 2.x to 2020-02-03
  • improvements to README
  • improvements to TypeScript definition documentation
  • move old versions out of main CHANGELOG
  • removed explicit use of ts-node in tests
• 4.0.1 - 2019-11-11
  

  Fixed

  • display help when requested, even if there are missing required options (#1091)
• 4.0.0 - 2019-11-01
  

  Added

  • automatically wrap and indent help descriptions for options and commands (#1051)
  • .exitOverride() allows override of calls to process.exit for additional error handling and to keep program running (#1040)
  • support for declaring required options with .requiredOptions() (#1071)
  • GitHub Actions support (#1027)
  • translation links in README

  Changed

  • dev: switch tests from Sinon+Should to Jest with major rewrite of tests (#1035)
  • call default subcommand even when there are unknown options (#1047)
  • Breaking Commander is only officially supported on Node 8 and above, and requires Node 6 (#1053)

  Fixed

  • Breaking keep command object out of program.args when action handler called (#1048)
    • also, action handler now passed array of unknown arguments
  • complain about unknown options when program argument supplied and action handler (#1049)
    • this changes parameters to command:* event to include unknown arguments
  • removed deprecated customFds option from call to child_process.spawn (#1052)
  • rework TypeScript declarations to bring all types into imported namespace (#1081)

  Migration Tips

  Testing for no arguments

  If you were previously using code like:

  if (!program.args.length) ...
  

  a partial replacement is:

  if (program.rawArgs.length < 3) ...
  

• 4.0.0-1 - 2019-10-08
  

  Added

  • support for declaring required options with .requiredOptions() (#1071)
• 4.0.0-0 - 2019-10-01
  

  Added

  • automatically wrap and indent help descriptions for options and commands (#1051)
  • .exitOverride() allows override of calls to process.exit for additional error handling and to keep program running (#1040)
  • dev: work in progress GitHub Actions support (#1027)

  Changed

  • dev: switch tests from Sinon+Should to Jest with major rewrite of tests (#1035)
  • call default subcommand even when there are unknown options (#1047)
  • Breaking Commander is only officially supported on Node 8 and above (#1053)

  Fixed

  • Breaking keep command object out of program.args when action handler called (#1048)
    • also, action handler now passed array of unknown arguments
  • complain about unknown options when program argument supplied and action handler (#1049)
    • this changes parameters to command:* event to include unknown arguments
  • removed deprecated customFds option from call to child_process.spawn (#1052)
• 3.0.2 - 2019-09-26
• 3.0.1 - 2019-08-30
• 3.0.0 - 2019-08-09
• 3.0.0-0 - 2019-07-27
• 2.20.3 - 2019-10-11
  

  Ran "npm unpublish commander@2.20.2". There is no 2.20.2.

  Fixed

  • Support Node.js 0.10 (Revert #1059)
• 2.20.1 - 2019-09-28
• 2.20.0 - 2019-04-03
• 2.19.0 - 2018-10-08
• 2.18.0 - 2018-09-07
• 2.17.1 - 2018-08-07
• 2.17.0 - 2018-08-04
• 2.16.0 - 2018-06-29
• 2.15.1 - 2018-03-20

from commander GitHub release notes

Commit messages

Package name: commander

• d5186ba Bump version to 4.1.1
• 37e9428 Add 4.1.1 to CHANGELOG
• e5f316f Use `npm ci` with CI (#1164)
• cb54d5f fix(ts): action can be an async function (#1157)
• 6791884 Merge branch 'master' into develop
• f31d757 Add FUNDING file for enabling GitHub Sponsor on repo
• d9627f5 Merge pull request #1147 from shadowspawn/feature/changelog-lint
• 32c26df Use consistent list character in markdown
• 4092956 Merge branch 'master' into develop
• 82f5157 Fix diff order for 4.1 link
• 7a480a7 Add missing diff link for 4.1.0
• e45ae5a Merge pull request #1136 from shadowspawn/feature/update-examples
• d97aaaa Add missing diff link for 4.1.0
• 8e1cdf5 Merge pull request #1142 from tj/develop
• 1c66935 add zh-CN translation for parseAsync
• f16fecf Merge remote-tracking branch 'origin/master' into develop
• 81f5079 Bump version for release
• 6f692cf Updated changelog for 4.1
• 7bcf117 Add parseAsync (#1118)
• 1d9cc72 Merge pull request #1132 from shadowspawn/feature/tidy-js-2
• 4922fb8 Update examples
• d47fb0c Rename help check routine
• 4faad59 Improve JSDoc to match code
• 03e77df Update Chinese README for v4.1.0

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs