[Snyk] Upgrade nodemon from 2.0.1 to 2.0.13

[snyk-bot]

Snyk has created this PR to upgrade nodemon from 2.0.1 to 2.0.13.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 21 versions ahead of your current version.
• The recommended version was released 21 days ago, on 2021-09-23.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-LODASH-608086	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-INI-1048974	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-UNDEFSAFE-548940	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-590103	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-AJV-584908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-LODASH-567746	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-HAPIHOEK-548452	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-DOTPROP-543489	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: nodemon

• 2.0.13 - 2021-09-23
  

  2.0.13 (2021-09-23)

  Bug Fixes

  • bump update-notifier (90e7a3e), closes #1919
  • release process on main (9f82a48)
• 2.0.13-alpha.1 - 2021-07-27
• 2.0.12 - 2021-07-10
  

  2.0.12 (2021-07-10)

  Bug Fixes

  • windows: properly handle quoted args in event (0823f18), closes #1823
• 2.0.12-alpha.3 - 2021-07-10
• 2.0.12-alpha.2 - 2021-07-10
• 2.0.12-alpha.1 - 2021-07-10
• 2.0.11 - 2021-07-09
  

  2.0.11 (2021-07-09)

  Bug Fixes

  • ensure numerical OS version check (f523d0e)
• 2.0.11-alpha.1 - 2021-07-09
• 2.0.10 - 2021-07-08
  

  2.0.10 (2021-07-08)

  Bug Fixes

  • windows 8 doesn't support windows-kill (6c6cb65), closes #1876
• 2.0.10-alpha.2 - 2021-07-07
• 2.0.10-alpha.1 - 2021-07-02
• 2.0.9 - 2021-06-30
  

  2.0.9 (2021-06-30)

  Bug Fixes

  • allow windows users to install globally again (#1874) (3242215), closes #1872
• 2.0.8 - 2021-06-29
  

  2.0.8 (2021-06-29)

  Bug Fixes

  • add support for SIGINT on Windows (fixes issue #1720) (#1853) (500c1b0)
• 2.0.8-alpha.a - 2021-05-05
• 2.0.8-alpha.1 - 2021-06-30
• 2.0.7 - 2021-01-06
  

  2.0.7 (2021-01-06)

  Bug Fixes

  • postinstall hide message in CI (3d2320f)
  • redirect help (#1825) (ac0b55e), closes #1807
• 2.0.6 - 2020-10-19
  

  2.0.6 (2020-10-19)

  Bug Fixes

  • ignore ./ on cwd (#1787) (03c4ed3), closes #1784
• 2.0.5 - 2020-10-13
  

  2.0.5 (2020-10-13)

  Bug Fixes

  • package.main with -- arguments (#1773) (2967726), closes #1758
  • respect env.OPENCOLLECTIVE_HIDE (#1765) (273d774)
  • runOnChangeOnly=true (7e00a30), closes #1742 #1751
• 2.0.4 - 2020-05-14
  

  2.0.4 (2020-05-14)

  Bug Fixes

  • add funding in package (a74f5dc)
• 2.0.3 - 2020-04-08
• 2.0.2 - 2019-12-11
• 2.0.1 - 2019-11-22

from nodemon GitHub release notes

Commit messages

Package name: nodemon

• b91a61d chore: add releaserc
• d8c285f chore: set release workflow node version
• 99e3b32 chore: fix workflow branch
• 9f82a48 fix: release process on main
• 90e7a3e fix: bump update-notifier
• 842c2db chore: supporters
• a264404 chore: new supporter
• 793e4ff Merge branch 'main' of github.com:remy/nodemon
• bb8e0a5 chore: new supporter
• f32e6ec docs(installation): Minor Improvements
• a8acae2 chore: add supporter
• 7393b5a chore: new supporter
• ea62c2f chore: clean a logo
• 53da0e2 chore: new supporter
• 4a3f3cc chore: tweak supporter message
• 0823f18 fix(windows): properly handle quoted args in event
• b52fc89 Merge branch 'master' of github.com:remy/nodemon
• f523d0e fix: ensure numerical OS version check
• 46791d6 chore: update issue template
• 79ad546 chore: fix stale.yml
• 08f6599 chore: move workflow to dir
• f3903a4 chore: update stalebot
• 6c6cb65 fix: windows 8 doesn't support windows-kill
• 5bb92d4 Merge branch 'master' of github.com:remy/nodemon

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs