[Snyk-dev] Upgrade blessed-contrib from 4.8.7 to 4.11.0

[snyk-bot]

Snyk has created this PR to upgrade blessed-contrib from 4.8.7 to 4.11.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 18 versions ahead of your current version.
• The recommended version was released 5 months ago, on 2022-02-17.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	430/1000 Why? CVSS 8.6	No Known Exploit
	Prototype Pollution SNYK-JS-AJV-584908	430/1000 Why? CVSS 8.6	No Known Exploit
	Remote Memory Exposure npm:request:20160119	430/1000 Why? CVSS 8.6	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-584281	430/1000 Why? CVSS 8.6	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-451341	430/1000 Why? CVSS 8.6	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342082	430/1000 Why? CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342073	430/1000 Why? CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-174116	430/1000 Why? CVSS 8.6	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: blessed-contrib

• 4.11.0 - 2022-02-17
• 4.10.1 - 2021-07-30
• 4.10.0 - 2021-06-29
• 4.9.0 - 2021-06-18
• 4.8.21 - 2021-01-09
• 4.8.20 - 2020-05-03
• 4.8.19 - 2020-02-26
• 4.8.18 - 2019-10-04
• 4.8.17 - 2019-09-22
  

  v4.8.17

• 4.8.16 - 2019-05-07
  

  4.8.16

• 4.8.15 - 2019-04-14
  

  4.8.15

• 4.8.14 - 2019-04-09
  

  4.8.14

• 4.8.13 - 2019-04-09
  

  4.8.13

• 4.8.12 - 2019-03-22
  

  4.8.12

• 4.8.11 - 2019-02-20
• 4.8.10 - 2018-12-29
  

  4.8.10

• 4.8.9 - 2018-12-17
• 4.8.8 - 2018-11-01
  

  4.8.8

• 4.8.7 - 2018-10-02
  

  4.8.7

from blessed-contrib GitHub release notes

Commit messages

Package name: blessed-contrib

• ecd48d9 fix: upgrade to marked@4 fixing security issues
• 410c6d7 4.10.1
• aeb95f9 fix(tree): add type declaration (#216)
• d981f1f fix(tree): now passes selectFg and selectBg options in tree, to list. (#196)
• 2ea98c6 feat: add support for displaying arbitrary numbers in donuts core text (#214)
• 48ef9c9 4.9.0
• e8eb98a fix: update deps
• df3b782 4.8.21
• 0414fd7 fix(sparkline): incorrect types for `setData` (#206)
• 6fc04e2 Merge remote-tracking branch 'upstream/master'
• 55d4ad6 4.8.20
• 92dd7e1 fix(table): add mouse option in table widget (#191)
• 460ddd1 4.8.19
• e34f19e fix: update marked-terminal dep (#187)
• 4b690bc chore(package): lint rules and package changes (#182)
• 2957fad fix(security): update vulnerable dependency
• a497e6d 4.8.16
• 87b6a5b 4.8.15
• 567c34a add some missing definitions in TableOptions (#172)
• 9d715d8 fix(markdown): markdown breaks options.style (#169)
• 5d06b5f 4.8.14
• f0e8bf7 fix: broken lodash deeps requirement on non existing >4.7.11
• 854fdc9 4.8.13
• 651a0d9 fix(dependencies): apply snyk security update (#167)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs