[Snyk-dev] Security upgrade yargs from 11.1.0 to 15.0.1

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/snyk-protect/test/fixtures/single-patchable-module-with-quotes/node_modules/nyc/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: yargs

The new version differs by 166 commits.

• aa09faf chore: release 15.0.1 (feat: paths always shown where available #1480)
• 6a9ebe2 fix(deps): cliui, find-up, and string-width, all drop Node 6 support (Analytics: track integration environment #1479)
• 5cc2b5e chore: release 15.0.0 (test: runTest jest test, user sees userMessage when generic error occurs #1462)
• 62a114a force build
• 1840ba2 feat: expose `Parser` from `require('yargs/yargs')` (#1477)
• afd5b48 fix(docs): update boolean description and examples in docs (chore: re-introducing acceptance test #1474)
• c10c38c feat(deps)!: yargs-parser now throws on invalid combinations of config (fix: correct classpath extraction for reachable vulns on windows #1470)
• 0cba424 build: switch to release-please for releases (Set integration name for Homebrew installs #1471)
• 445bc58 chore: update engines to note Node 6 is dropped (chore: fix flaky acceptance test #1469)
• 52d875a test: add additional test for 1459
• 12c82e6 fix: stop-parse was not being respected by commands (Feat/container static scanning #1459)
• b4812ac test: add tests for argsert warning to display positional information (chore: add platform metadata to human-readable output #1468)
• 10f10ee test: cover missing filter arg in obj-filter (feat: make reachability wording consistent #1467)
• cb0396f build: switch to c8 for coverage (feat: test #1464)
• ebee59d fix!: update to yargs-parser with fix for array default values (fix: remove docker desktop limit reached cta #1463)
• 5120aec test: adds missing array choice regression test (fix: woof command #1447)
• 2ba8ce0 chore!: drop Node 6 support (test: add jest test for runTest #1461)
• cb64329 build: configure release-please
• 0d3642b refactor!: remove package.json-based parserConfiguration (chore: add Ukrainian language to snyk woof #1460)
• 9adf22e doc(webpack): webpack example (#1436)
• 7e1c8fc Add missing french translation (Feat/revert container static scanning #1456)
• b1b156a fix(docs): TypeScript import to prevent a future major release warning (woof command language selection works #1441)
• bc3c4d1 chore(release): 14.2.0
• 4d21520 feat(deps): introduce yargs-parser with support for unknown-options-as-args (feat: remove logs when downloading java call graph builder #1440)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[github-actions]

	Warnings
⚠️	Your commit message "fix: packages/snyk-protect/test/fixtures/single-patchable-module-with-quotes/node_modules/nyc/package.json to reduce vulnerabilities" is too long. Keep first line of your commit under 72 characters.

Generated by 🚫 dangerJS against c60f7c0