[Snyk] Upgrade snyk-nodejs-lockfile-parser from 1.17.0 to 1.48.2

[EitanGayor]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade snyk-nodejs-lockfile-parser from 1.17.0 to 1.48.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 60 versions ahead of your current version.
• The recommended version was released 21 days ago, on 2023-03-28.

Release notes

Package name: snyk-nodejs-lockfile-parser

• 1.48.2 - 2023-03-28
  

  1.48.2 (2023-03-28)

  Bug Fixes

  • correctly index pkg lock with pkgs with similar candidates (5280457)
• 1.48.1 - 2023-03-27
  

  1.48.1 (2023-03-27)

  Bug Fixes

  • correctyl choose key to index pkg lock data (0169478)
• 1.48.0 - 2023-03-06
  

  1.48.0 (2023-03-06)

  Features

  • npm workspaces support when building dep graphs (16aebd1)
• 1.47.5 - 2023-02-27
  

  1.47.5 (2023-02-27)

  Bug Fixes

  • update readme and trigger release (2260079)
• 1.47.4 - 2023-02-21
  

  1.47.4 (2023-02-21)

  Bug Fixes

  • npm version parse test & enable logging (19c2f71)
• 1.47.3 - 2023-02-16
  

  1.47.3 (2023-02-16)

  Bug Fixes

  • handles npm lock v2 bundled dependencies (e8f210a)
• 1.47.2 - 2023-02-14
  

  1.47.2 (2023-02-14)

  Bug Fixes

  • parse the npm lockfile to json to get lockfile version irrespective of white space (666c6c7)
• 1.47.1 - 2023-02-13
  

  1.47.1 (2023-02-13)

  Bug Fixes

  • make sure to use pkgJson to pick the root package name (cb99b48)
• 1.47.0 - 2023-02-13
  

  1.47.0 (2023-02-13)

  Features

  • npm-lock-v2 depgraph builder implementation (63e30df)
• 1.46.0 - 2023-01-25
  

  1.46.0 (2023-01-25)

  Features

  • upgrade snyk-config (no more node 8) (a1c93c3)
• 1.45.1 - 2022-12-01
• 1.45.0 - 2022-11-30
• 1.44.0 - 2022-10-31
• 1.43.1 - 2022-09-08
• 1.43.0 - 2022-08-31
• 1.42.0 - 2022-08-17
• 1.41.0 - 2022-06-08
• 1.40.0 - 2022-06-08
• 1.39.0 - 2022-06-07
• 1.38.1 - 2022-06-07
• 1.38.0 - 2022-01-18
• 1.37.3 - 2022-01-03
• 1.37.2 - 2021-11-24
• 1.37.1 - 2021-09-29
• 1.37.0 - 2021-08-31
• 1.36.1 - 2021-08-10
• 1.36.0 - 2021-06-30
• 1.35.1 - 2021-05-27
• 1.35.0 - 2021-05-27
• 1.34.2 - 2021-05-11
• 1.34.1 - 2021-05-07
• 1.34.0 - 2021-04-27
• 1.33.2 - 2021-04-26
• 1.33.1 - 2021-04-22
• 1.33.0 - 2021-04-22
• 1.32.1 - 2021-04-21
• 1.32.0 - 2021-04-01
• 1.31.1 - 2021-03-02
• 1.31.0 - 2021-03-01
• 1.30.2 - 2021-02-11
• 1.30.1 - 2020-11-13
• 1.30.0 - 2020-10-05
• 1.29.0 - 2020-09-08
• 1.28.1 - 2020-09-03
• 1.28.0 - 2020-09-01
• 1.27.0 - 2020-08-19
• 1.26.3 - 2020-07-09
• 1.26.2 - 2020-07-09
• 1.26.1 - 2020-07-07
• 1.26.0 - 2020-07-02
• 1.25.0 - 2020-06-30
• 1.24.1 - 2020-06-15
• 1.24.0 - 2020-06-09
• 1.23.0 - 2020-05-28
• 1.22.0 - 2020-04-30
• 1.21.1 - 2020-04-29
• 1.21.0 - 2020-04-23
• 1.20.0 - 2020-04-22
• 1.19.0 - 2020-04-21
• 1.18.0 - 2020-04-19
• 1.17.0 - 2019-12-24

from snyk-nodejs-lockfile-parser GitHub release notes

Commit messages

Package name: snyk-nodejs-lockfile-parser

• fc86db0 Merge pull request [Snyk] Security upgrade django from 1.6.1 to 2.2.21 #185 from snyk/fix/correctly-index-pkg-lock-with-pkgs-with-similar-candidates
• 5280457 fix: correctly index pkg lock with pkgs with similar candidates
• 10f0a95 Merge pull request [Snyk] Security upgrade handlebars from 2.0.0 to 4.7.7 #184 from snyk/fix/correctly-choose-key-to-index-pkg-lock
• 74ebda8 chore: add test
• 0169478 fix: correctyl choose key to index pkg lock data
• 591bef9 Merge pull request [Snyk] Security upgrade validator from 3.40.0 to 13.6.0 #182 from snyk/feat/npm-workspace-support-when-building-depgraphs
• 16aebd1 feat: npm workspaces support when building dep graphs
• 3490b16 Merge pull request [Snyk] Security upgrade madge from 3.12.0 to 4.0.0 #180 from snyk/fix/udpate-readme-and-trigger-release
• 2260079 fix: update readme and trigger release
• 9330f69 Merge pull request [Snyk] Security upgrade grunt from 0.4.5 to 1.3.0 #178 from snyk/chore/improved-bundle-dependencies-resolution
• 21c0040 chore: improved accuracy for bundled dependencies resolution
• 22eabf3 Merge pull request [Snyk] Fix for 5 vulnerabilities #179 from snyk/chore/update-codeowners-to-os-managed
• 69d39c3 chore: update codeowners to os-managed
• e321926 Merge pull request [Snyk] Security upgrade ember-cli from 0.2.7 to 3.16.0 #177 from snyk/test/npm-version-parsing
• 7b99625 chore: enable Node 12 tests since CLI still supports it
• 19c2f71 fix: npm version parse test & enable logging
• f93a583 Merge pull request [Snyk] Security upgrade madge from 3.12.0 to 4.0.0 #176 from snyk/fix/handle-bundled-deps-in-npm-lock-v2
• e8f210a fix: handles npm lock v2 bundled dependencies
• 2867531 Merge pull request [Snyk] Security upgrade snyk from 1.101.1 to 1.230.7 #175 from snyk/fix/parse-npm-lockfile-fully-to-get-version
• 666c6c7 fix: parse the npm lockfile to json to get lockfile version irrespective of white space
• de504b1 Merge pull request [Snyk] Fix for 2 vulnerabilities #174 from snyk/fix/get-root-name-directly-from-pkg-json-npm-lock-2
• cb99b48 fix: make sure to use pkgJson to pick the root package name
• 0a821e3 Merge pull request [Snyk] Fix for 2 vulnerabilities #173 from snyk/feat/npm-lock-v2-depgraph-builder
• 63e30df feat: npm-lock-v2 depgraph builder implementation

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs