[Snyk] Upgrade npm from 6.2.0 to 6.14.18 #1003

restinpeaceinout · 2023-01-11T23:14:38Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade npm from 6.2.0 to 6.14.18.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 66 versions ahead of your current version.
The recommended version was released 21 days ago, on 2022-12-21.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Arbitrary File Write SNYK-JS-TAR-1579155	425/1000 Why? CVSS 8.5	No Known Exploit
Arbitrary File Write SNYK-JS-TAR-1579152	425/1000 Why? CVSS 8.5	No Known Exploit
Arbitrary File Write SNYK-JS-TAR-1579147	425/1000 Why? CVSS 8.5	No Known Exploit
Arbitrary File Overwrite SNYK-JS-TAR-1536531	425/1000 Why? CVSS 8.5	No Known Exploit
Arbitrary File Overwrite SNYK-JS-TAR-1536528	425/1000 Why? CVSS 8.5	No Known Exploit
Arbitrary File Overwrite SNYK-JS-TAR-174125	425/1000 Why? CVSS 8.5	Proof of Concept
Arbitrary File Write SNYK-JS-TAR-1579155	425/1000 Why? CVSS 8.5	No Known Exploit
Arbitrary File Write SNYK-JS-TAR-1579152	425/1000 Why? CVSS 8.5	No Known Exploit
Arbitrary File Write SNYK-JS-TAR-1579147	425/1000 Why? CVSS 8.5	No Known Exploit
Arbitrary File Overwrite SNYK-JS-TAR-1536531	425/1000 Why? CVSS 8.5	No Known Exploit
Arbitrary File Overwrite SNYK-JS-TAR-1536528	425/1000 Why? CVSS 8.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	425/1000 Why? CVSS 8.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	425/1000 Why? CVSS 8.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-NPMUSERVALIDATE-1019352	425/1000 Why? CVSS 8.5	No Known Exploit
Arbitrary File Write SNYK-JS-NPM-537606	425/1000 Why? CVSS 8.5	Proof of Concept
Arbitrary File Overwrite SNYK-JS-NPM-537603	425/1000 Why? CVSS 8.5	Proof of Concept
Arbitrary File Overwrite SNYK-JS-FSTREAM-174725	425/1000 Why? CVSS 8.5	No Known Exploit
Arbitrary File Write SNYK-JS-BINLINKS-537610	425/1000 Why? CVSS 8.5	Proof of Concept
Arbitrary File Overwrite SNYK-JS-BINLINKS-537608	425/1000 Why? CVSS 8.5	Proof of Concept
Denial of Service (DoS) npm:mem:20180117	425/1000 Why? CVSS 8.5	No Known Exploit
Insertion of Sensitive Information into Log File SNYK-JS-NPMREGISTRYFETCH-575432	425/1000 Why? CVSS 8.5	No Known Exploit
Insertion of Sensitive Information into Log File SNYK-JS-NPMREGISTRYFETCH-575432	425/1000 Why? CVSS 8.5	No Known Exploit
Insertion of Sensitive Information into Log File SNYK-JS-NPM-575435	425/1000 Why? CVSS 8.5	No Known Exploit
Man-in-the-Middle (MitM) SNYK-JS-HTTPSPROXYAGENT-469131	425/1000 Why? CVSS 8.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	425/1000 Why? CVSS 8.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	425/1000 Why? CVSS 8.5	No Known Exploit
Unauthorized File Access SNYK-JS-NPM-537604	425/1000 Why? CVSS 8.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-DEBUG-3227433	425/1000 Why? CVSS 8.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-DEBUG-3227433	425/1000 Why? CVSS 8.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-DEBUG-3227433	425/1000 Why? CVSS 8.5	No Known Exploit
Unauthorized File Access SNYK-JS-BINLINKS-537609	425/1000 Why? CVSS 8.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: npm

6.14.18 - 2022-12-21
6.14.18 (2022-12-21)

DEPENDENCIES
- f55bd65da rimraf@2.7.1
- cd4894696 bluebird@3.7.2
- 023d7e96b cacache@12.0.4
- dd2811c0b config-chain@1.1.1:3
- e21b6ebd9 deep-equal@1.1.1
- 2bec581c6 dezalgo@1.0.4
- 273485157 figgy-pudding@3.5.2
- 720f8ae5e glob@7.2.3
- 5f1200e33 graceful-fs@4.2.1:0
- 58b74a38b is-cidr@3.1.1
- 4b609655f jsdom@16.7.0
- 14c7a1a85 meant@1.0.3
- 06d9cefc4 minimatch@3.1.2
- 1d2da355c mkdirp@0.5.6
- 22eda3a26 node-gyp@5.1.1
- b77a7f1b0 npm-registry-mock@1.3.2
- de37398af query-string@6.14.1
- 196650baa qw@1.0.2
- 3218c16b5 read-package-json@2.1.2
- 0f5d57919 request@2.88.2
- 43ed5c23b safe-buffer@5.2.1
- 31b51c564 tar-stream@2.2.0
- 209a79d1f uuid@3.4.0
- 4778a8d95 yaml@1.10.2
- 8b357e558 decode-uri-component@0.2.2
- d3e7eed13 lock-verify@2.2.2
6.14.17 - 2022-04-28
6.14.16 - 2022-01-19
6.14.15 - 2021-08-24
6.14.14 - 2021-07-27
6.14.13 - 2021-04-12
6.14.12 - 2021-03-25
6.14.11 - 2021-01-08
6.14.10 - 2020-12-18
6.14.9 - 2020-11-20
6.14.8 - 2020-08-17
6.14.7 - 2020-07-21
6.14.6 - 2020-07-07
6.14.5 - 2020-05-04
6.14.4 - 2020-03-25
6.14.3 - 2020-03-19
6.14.2 - 2020-03-03
6.14.1 - 2020-02-27
6.14.0 - 2020-02-25
6.13.7 - 2020-01-28
6.13.6 - 2020-01-09
6.13.5 - 2020-01-09
6.13.4 - 2019-12-11
6.13.3 - 2019-12-10
6.13.2 - 2019-12-03
6.13.1 - 2019-11-18
6.13.0 - 2019-11-05
6.12.1 - 2019-10-29
6.12.0 - 2019-10-08
6.12.0-next.0 - 2019-09-26
6.11.3 - 2019-09-03
6.11.2 - 2019-08-22
6.11.1 - 2019-08-21
6.11.0 - 2019-08-20
6.10.3 - 2019-08-06
6.10.2 - 2019-07-23
6.10.2-next.3 - 2019-07-22
6.10.2-next.2 - 2019-07-21
6.10.2-next.1 - 2019-07-17
6.10.2-next.0 - 2019-07-16
6.10.1 - 2019-07-11
6.10.1-next.2 - 2019-07-10
6.10.1-next.1 - 2019-07-03
6.10.1-next.0 - 2019-07-03
6.10.0 - 2019-07-03
6.10.0-next.0 - 2019-07-01
6.9.2 - 2019-06-27
6.9.1-next.0 - 2019-03-20
6.9.0 - 2019-03-06
6.9.0-next.0 - 2019-02-21
6.8.0 - 2019-02-13
6.8.0-next.2 - 2019-02-07
6.8.0-next.1 - 2019-02-06
6.8.0-next.0 - 2019-01-31
6.7.0 - 2019-01-23
6.6.0 - 2019-01-17
6.6.0-next.1 - 2019-01-10
6.6.0-next.0 - 2018-12-12
6.5.0 - 2018-12-10
6.5.0-next.0 - 2018-11-28
6.4.1 - 2018-08-29
6.4.1-next.0 - 2018-08-23
6.4.0 - 2018-08-15
6.4.0-next.0 - 2018-08-09
6.3.0 - 2018-08-02
6.3.0-next.0 - 2018-07-25
6.2.0 - 2018-07-14