[Snyk] Fix for 1 vulnerabilities

[Woodpile37]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Uncaught Exception SNYK-JS-YAML-5458867	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @commitlint/cli

The new version differs by 12 commits.

• ed437d2 v17.0.0
• daeeb49 chore(config-nx-scopes)!: migrate @ nrwl/tao to nx following 13.9.0 release (--filter package^... does not seem to excludeSelf from a package.json script pnpm/pnpm#3135)
• 8db72f0 fix: update dependency yargs to v17.5.1 (fix: escape a colon in tarball dependency ID pnpm/pnpm#3183)
• 2f68961 chore: deps (install fails if package url contains port number pnpm/pnpm#3182)
• 63ddea8 chore: update chalk (feat: pnpm publish -r --force pnpm/pnpm#3181)
• 15e3c37 chore: update typescript (feat: Update README.md pnpm/pnpm#3180)
• 6653220 chore: update jest monorepo (major) (pnpm remove fails with save-workspace-protocol = false pnpm/pnpm#3144)
• ea5fa87 chore: update dependency husky to v8 (pnpm for Python pnpm/pnpm#3164)
• ac5f9b4 chore!: minimum node version v14 (print warning to stderr pnpm/pnpm#3128)
• 6dbc982 docs: remove scope-case rule workspace install doesn't respect prepare script for linked package pnpm/pnpm#3157 (Add support for `.pnpmrc` that would override what’s specified in `.npmrc` pnpm/pnpm#3178)
• 95f6b7c docs: align subject case rule in readme please do not warn on seeing unsupported fund option in .npmrc pnpm/pnpm#3159 (Custom flag/commands via pnpmfile pnpm/pnpm#3179)
• 0f86cbf chore: update dependency eslint-plugin-jest to v26.2.2 ([feature request] Run multiple commands in parallel pnpm/pnpm#3177)

See the full diff

Package name: @commitlint/prompt-cli

The new version differs by 12 commits.

• ed437d2 v17.0.0
• daeeb49 chore(config-nx-scopes)!: migrate @ nrwl/tao to nx following 13.9.0 release (--filter package^... does not seem to excludeSelf from a package.json script pnpm/pnpm#3135)
• 8db72f0 fix: update dependency yargs to v17.5.1 (fix: escape a colon in tarball dependency ID pnpm/pnpm#3183)
• 2f68961 chore: deps (install fails if package url contains port number pnpm/pnpm#3182)
• 63ddea8 chore: update chalk (feat: pnpm publish -r --force pnpm/pnpm#3181)
• 15e3c37 chore: update typescript (feat: Update README.md pnpm/pnpm#3180)
• 6653220 chore: update jest monorepo (major) (pnpm remove fails with save-workspace-protocol = false pnpm/pnpm#3144)
• ea5fa87 chore: update dependency husky to v8 (pnpm for Python pnpm/pnpm#3164)
• ac5f9b4 chore!: minimum node version v14 (print warning to stderr pnpm/pnpm#3128)
• 6dbc982 docs: remove scope-case rule workspace install doesn't respect prepare script for linked package pnpm/pnpm#3157 (Add support for `.pnpmrc` that would override what’s specified in `.npmrc` pnpm/pnpm#3178)
• 95f6b7c docs: align subject case rule in readme please do not warn on seeing unsupported fund option in .npmrc pnpm/pnpm#3159 (Custom flag/commands via pnpmfile pnpm/pnpm#3179)
• 0f86cbf chore: update dependency eslint-plugin-jest to v26.2.2 ([feature request] Run multiple commands in parallel pnpm/pnpm#3177)

See the full diff

Package name: syncpack

The new version differs by 76 commits.

• 95e26ee chore(release): 8.5.14
• cb58070 feat(cli): tidy log output and make it more consistent
• 6c402cd refactor(format): improve readability
• e40833a refactor(fix-mismatches): improve readability
• 14af7f1 refactor(list): improve readability
• fbf6b6c refactor(groups): organise semver groups
• 0dbf3c3 refactor(list-mismatches): improve readability
• 65ea995 refactor(groups): comment and refactor instance group
• f2c0322 fix(npm): update dependencies
• a11c14c refactor(groups): create version group class
• 1c51366 fix(output): remove console.log in readConfigFileSync
• 5a9061d refactor(groups): organise version groups
• 34272c1 refactor(lib): organise utils
• bdebf40 refactor(data): rename wrapper to package json file
• 39ee3f9 refactor(cli): decouple io and data transformation
• dbe5a97 refactor(groups): be explicit about which are default
• 3188f74 refactor(list): refactor listVersionGroups
• fa21deb refactor(lib): localise utils used once
• 25c6813 refactor(versions): move getExpectedVersion
• 4624d44 style(imports): run organize-imports-cli
• 4fd6647 chore(chalk): pin to 4.1.2
• 8e82d55 refactor(types): organise and comment types
• 13e6c70 docs(readme): fix CI workflow status per Change to GitHub workflow badge routes badges/shields#8671
• 3ec1361 fix(npm): update dependencies

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.