Skip to content

Commit

Permalink
Dependency update for jest-reporters, addressing CVE-2022-25883
Browse files Browse the repository at this point in the history 
 - istanbul-lib-instrument updated from 5.10.0 to 6.0.0
   - istanbul-lib-instrument dropping support for node 10
   - fixing semver vuln. CVE-2022-25883
  • Loading branch information
@karlnorling
karlnorling authored and Karl Norling committed Aug 11, 2023
1 parent 0fd5b1c commit 94c1216
Show file tree
Hide file tree
Showing 5 changed files with 21 additions and 4 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Expand Up @@ -4,6 +4,8 @@

### Fixes

- `[jest-reporters]` Updating istanbul-lib-instrument dependency. istanbul-lib-instrument 6.0.0 has dropped support for node 10 and updated semver addressing CVE-2022-25883

### Chore & Maintenance

### Performance
Expand Down
1 change: 1 addition & 0 deletions docs/Configuration.md
View file
Expand Up @@ -1177,6 +1177,7 @@ export default config;
```

We hope to support Prettier v3 seamlessly out of the box in a future version of Jest. See [this](https://github.com/jestjs/jest/issues/14305) tracking issue.

</details>

### `projects` \[array&lt;string | ProjectConfig&gt;]
Expand Down
2 changes: 1 addition & 1 deletion packages/jest-reporters/package.json
View file
Expand Up @@ -25,7 +25,7 @@
"glob": "^7.1.3",
"graceful-fs": "^4.2.9",
"istanbul-lib-coverage": "^3.0.0",
"istanbul-lib-instrument": "^5.1.0",
"istanbul-lib-instrument": "^6.0.0",
"istanbul-lib-report": "^3.0.0",
"istanbul-lib-source-maps": "^4.0.0",
"istanbul-reports": "^3.1.3",
Expand Down
1 change: 1 addition & 0 deletions website/versioned_docs/version-29.6/Configuration.md
View file
Expand Up @@ -1177,6 +1177,7 @@ export default config;
```

We hope to support Prettier v3 seamlessly out of the box in a future version of Jest. See [this](https://github.com/jestjs/jest/issues/14305) tracking issue.

</details>

### `projects` \[array&lt;string | ProjectConfig&gt;]
Expand Down
19 changes: 16 additions & 3 deletions yarn.lock
View file
Expand Up @@ -3096,7 +3096,7 @@ __metadata:
glob: ^7.1.3
graceful-fs: ^4.2.9
istanbul-lib-coverage: ^3.0.0
istanbul-lib-instrument: ^5.1.0
istanbul-lib-instrument: ^6.0.0
istanbul-lib-report: ^3.0.0
istanbul-lib-source-maps: ^4.0.0
istanbul-reports: ^3.1.3
Expand Down Expand Up @@ -12251,7 +12251,7 @@ __metadata:
languageName: node
linkType: hard

"istanbul-lib-instrument@npm:^5.0.4, istanbul-lib-instrument@npm:^5.1.0":
"istanbul-lib-instrument@npm:^5.0.4":
version: 5.2.1
resolution: "istanbul-lib-instrument@npm:5.2.1"
dependencies:
Expand All @@ -12264,6 +12264,19 @@ __metadata:
languageName: node
linkType: hard

"istanbul-lib-instrument@npm:^6.0.0":
version: 6.0.0
resolution: "istanbul-lib-instrument@npm:6.0.0"
dependencies:
"@babel/core": ^7.12.3
"@babel/parser": ^7.14.7
"@istanbuljs/schema": ^0.1.2
istanbul-lib-coverage: ^3.2.0
semver: ^7.5.4
checksum: b9dc3723a769e65dbe1b912f935088ffc07cf393fa78a3ce79022c91aabb0ad01405ffd56083cdd822e514798e9daae3ea7bfe85633b094ecb335d28eb0a3f97
languageName: node
linkType: hard

"istanbul-lib-report@npm:^3.0.0":
version: 3.0.0
resolution: "istanbul-lib-report@npm:3.0.0"
Expand Down Expand Up @@ -18193,7 +18206,7 @@ __metadata:
languageName: node
linkType: hard

"semver@npm:^7.0.0, semver@npm:^7.1.1, semver@npm:^7.3.2, semver@npm:^7.3.4, semver@npm:^7.3.5, semver@npm:^7.3.7, semver@npm:^7.3.8, semver@npm:^7.5.1, semver@npm:^7.5.3, semver@npm:~7.5.4":
"semver@npm:^7.0.0, semver@npm:^7.1.1, semver@npm:^7.3.2, semver@npm:^7.3.4, semver@npm:^7.3.5, semver@npm:^7.3.7, semver@npm:^7.3.8, semver@npm:^7.5.1, semver@npm:^7.5.3, semver@npm:^7.5.4, semver@npm:~7.5.4":
version: 7.5.4
resolution: "semver@npm:7.5.4"
dependencies:
Expand Down

0 comments on commit 94c1216

Please sign in to comment.