[Snyk] Upgrade nodemon from 2.0.4 to 2.0.22

[NOUIY]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade nodemon from 2.0.4 to 2.0.22.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 28 versions ahead of your current version.

• The recommended version was released a year ago, on 2023-03-22.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	292/1000 Why? Proof of Concept exploit, CVSS 3.7	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	292/1000 Why? Proof of Concept exploit, CVSS 3.7	Proof of Concept
	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	292/1000 Why? Proof of Concept exploit, CVSS 3.7	Proof of Concept
	Open Redirect SNYK-JS-GOT-2932019	292/1000 Why? Proof of Concept exploit, CVSS 3.7	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	292/1000 Why? Proof of Concept exploit, CVSS 3.7	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	292/1000 Why? Proof of Concept exploit, CVSS 3.7	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	292/1000 Why? Proof of Concept exploit, CVSS 3.7	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	292/1000 Why? Proof of Concept exploit, CVSS 3.7	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: nodemon

• 2.0.22 - 2023-03-22
  

  2.0.22 (2023-03-22)

  Bug Fixes

  • remove ts mapping if loader present (f7816e4), closes #2083
• 2.0.21 - 2023-03-02
  

  2.0.21 (2023-03-02)

  Bug Fixes

  • remove ts mapping if loader present (1468397), closes #2083
• 2.0.20 - 2022-09-16
  

  2.0.20 (2022-09-16)

  Bug Fixes

  • remove postinstall script (e099e91)
• 2.0.19 - 2022-07-05
  

  2.0.19 (2022-07-05)

  Bug Fixes

  • Replace update notifier with simplified deps (#2033) (176c4a6), closes #1961 #2028
• 2.0.18 - 2022-06-23
  

  2.0.18 (2022-06-23)

  Bug Fixes

  • revert update-notifier forcing esm (1b3bc8c)
• 2.0.17 - 2022-06-23
  

  2.0.17 (2022-06-23)

  Bug Fixes

  • bump update-notifier to v6.0.0 (#2029) (0144e4f)
  • update packge-lock (27e91c3)
• 2.0.16 - 2022-04-29
  

  2.0.16 (2022-04-29)

  Bug Fixes

  • support windows by using path.delimiter (e26aaa9)
• 2.0.15 - 2021-11-09
  

  2.0.15 (2021-11-09)

  Bug Fixes

  • bump prod dep versions (54784ab)
• 2.0.14 - 2021-10-19
  

  2.0.14 (2021-10-19)

  Bug Fixes

  • add windows signals SIGUSR2 & SIGUSR1 to terminate the process (#1938) (61e7abd), closes #1903 #1915 #1936 #1937 #1882 #1893
• 2.0.14-alpha.1 - 2021-10-18
• 2.0.13 - 2021-09-23
  

  2.0.13 (2021-09-23)

  Bug Fixes

  • bump update-notifier (90e7a3e), closes #1919
  • release process on main (9f82a48)
• 2.0.13-alpha.1 - 2021-07-27
• 2.0.12 - 2021-07-10
• 2.0.12-alpha.3 - 2021-07-10
• 2.0.12-alpha.2 - 2021-07-10
• 2.0.12-alpha.1 - 2021-07-10
• 2.0.11 - 2021-07-09
• 2.0.11-alpha.1 - 2021-07-09
• 2.0.10 - 2021-07-08
• 2.0.10-alpha.2 - 2021-07-07
• 2.0.10-alpha.1 - 2021-07-02
• 2.0.9 - 2021-06-30
• 2.0.8 - 2021-06-29
• 2.0.8-alpha.a - 2021-05-05
• 2.0.8-alpha.1 - 2021-06-30
• 2.0.7 - 2021-01-06
• 2.0.6 - 2020-10-19
• 2.0.5 - 2020-10-13
• 2.0.4 - 2020-05-14

from nodemon GitHub release notes

Commit messages

Package name: nodemon

• c971fdc Merge branch 'main' of github.com:remy/nodemon
• b9679a2 chore: supporters
• f7816e4 fix: remove ts mapping if loader present
• 9f3ffdb One more fix
• abc8522 Get rid of spawning shell windows if nodemon is started without console.
• b11ddd1 Merge branch 'main' of github.com:remy/nodemon
• 204af11 chore: missing supporters
• 1468397 fix: remove ts mapping if loader present
• 26b1f0f chore: add conventional commit check
• adaafa1 One more fix
• 010266a Get rid of spawning shell windows if nodemon is started without console.
• ec9ea6c chore: update supporters
• a15f469 chore: + support
• fb7cd1c chore: supporters
• 736dff0 chore: update
• 506c80f chore: update supporters
• ee561cf chore: fix url
• 544e3d5 chore: supporters
• 80dc137 chore: supporters
• 1de684b chore: supporters
• 0a6ff95 Merge branch 'main' of github.com:remy/nodemon
• fcf423d chore: update supporters
• fe6471e docs: add workaround for inspect problem to faq.md
• e099e91 fix: remove postinstall script

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

[guardrails]

⚠️ We detected 1 security issue in this pull request:

Vulnerable Libraries (1)

Severity	Details
Medium	pkg:npm/nodemon@2.0.22 upgrade to: > 2.0.22

More info on how to fix Vulnerable Libraries in JavaScript.

---

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.