[Snyk] Fix for 47 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:

  • package.json

• Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches.
  Find out more.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	584/1000 Why? Has a fix available, CVSS 7.4	Directory Traversal SNYK-JS-ADMZIP-1065796	Yes	No Known Exploit
	619/1000 Why? Has a fix available, CVSS 8.1	Prototype Pollution SNYK-JS-AJV-584908	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIHTML-1296849	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-ASYNC-2441827	Yes	Proof of Concept
	524/1000 Why? Has a fix available, CVSS 6.2	Remote Code Execution (RCE) SNYK-JS-BUNYAN-573166	No	No Known Exploit
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution SNYK-JS-DOTPROP-543489	No	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Information Exposure SNYK-JS-EVENTSOURCE-2823375	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-GETOBJECT-1054932	No	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	Proof of Concept
	484/1000 Why? Has a fix available, CVSS 5.4	Open Redirect SNYK-JS-GOT-2932019	Yes	No Known Exploit
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Directory Traversal SNYK-JS-GRUNT-2635969	No	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Race Condition SNYK-JS-GRUNT-2813632	No	Proof of Concept
	569/1000 Why? Has a fix available, CVSS 7.1	Arbitrary Code Execution SNYK-JS-GRUNT-597546	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Denial of Service (DoS) SNYK-JS-JSYAML-173999	No	No Known Exploit
	619/1000 Why? Has a fix available, CVSS 8.1	Arbitrary Code Execution SNYK-JS-JSYAML-174129	No	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Denial of Service (DoS) SNYK-JS-JSZIP-1251497	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	No	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASH-1040724	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-450202	No	Proof of Concept
	731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2	Prototype Pollution SNYK-JS-LODASH-567746	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-608086	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-73638	No	Proof of Concept
	541/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-73639	No	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Prototype Pollution SNYK-JS-MINIMIST-2429795	Yes	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-MINIMIST-559764	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOCHA-561476	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Open Redirect SNYK-JS-NODEFORGE-2330875	Yes	Proof of Concept
	529/1000 Why? Has a fix available, CVSS 6.3	Prototype Pollution SNYK-JS-NODEFORGE-2331908	Yes	No Known Exploit
	494/1000 Why? Has a fix available, CVSS 5.6	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430337	Yes	No Known Exploit
	579/1000 Why? Has a fix available, CVSS 7.3	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430339	Yes	No Known Exploit
	494/1000 Why? Has a fix available, CVSS 5.6	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430341	Yes	No Known Exploit
	494/1000 Why? Has a fix available, CVSS 5.6	Command Injection SNYK-JS-NODENOTIFIER-1035794	No	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	Yes	Proof of Concept
	676/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.1	Improper Privilege Management SNYK-JS-SHELLJS-2332187	Yes	Proof of Concept
	619/1000 Why? Has a fix available, CVSS 8.1	Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	No	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Denial of Service (DoS) SNYK-JS-SOCKJS-575261	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	Yes	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	Yes	No Known Exploit
	596/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.5	Arbitrary Code Injection SNYK-JS-UNDERSCORE-1080984	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Information Exposure SNYK-JS-WEBPACKDEVSERVER-72405	Yes	Proof of Concept
	484/1000 Why? Has a fix available, CVSS 5.4	XML External Entity (XXE) Injection SNYK-JS-XMLDOM-1084960	No	No Known Exploit
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-YARGSPARSER-560381	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:braces:20180219	No	Proof of Concept
	469/1000 Why? Has a fix available, CVSS 5.1	Denial of Service (DoS) npm:mem:20180117	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: addons-linter

The new version differs by 250 commits.

• 3530498 4.9.0
• cd5423e Remove doctoc dependency (#4175)
• d057474 Check that background.scripts is an array before attempting to iterate over it (#4174)
• bec198a Update DOMPurify hashes (#4172)
• 225f287 chore(deps): update jest monorepo to v27.5.0 (#4171)
• 1a645f1 feat: Imported Firefox 97.0b8 API schema (#4151)
• 8c533d5 chore(deps): update dependency comment-json to v4.2.2 (#4167)
• 2592b10 Pontoon: Update Korean (ko) localization of AMO Linter
• 1da3df4 fix(deps): update dependency postcss to v8.4.6 (#4162)
• 7aca097 fix(deps): update dependency @ mdn/browser-compat-data to v4.1.6 (#4164)
• cfeed00 fix(deps): update dependency columnify to v1.6.0 (#4168)
• 9c421f4 chore(deps): update node.js to v12.22.10 (#4165)
• 6491c41 chore(deps): update dependency sinon to v13.0.1 (#4163)
• ba8f679 chore(deps): update babel monorepo to v7.17.0 (#4166)
• 8296a0a chore(deps): update dependency webpack to v5.68.0 (#4160)
• 9890c36 fix(deps): update dependency addons-scanner-utils to v6.3.0 (#4159)
• 613271e chore(deps): lock file maintenance (#4161)
• f1f0b61 ⬆️ release 4.8.0
• d3e0756 chore(deps): lock file maintenance (#4158)
• 160ae4c chore(deps): update dependency eslint-config-amo to v5.4.0 (#4157)
• 02ac6ce fix(deps): update dependency eslint to v8.8.0 (#4153)
• faefbd5 chore(deps): update dependency sinon to v13 (#4154)
• 8d656d9 fix(deps): update dependency pino to v7.6.5 (#4155)
• 788ae49 fix(deps): update dependency @ mdn/browser-compat-data to v4.1.5 (#4152)

See the full diff

Package name: bunyan

The new version differs by 1 commits.

• ea21d75 Fix a vulnerability from a crafted argument to 'bunyan -p ARG'

See the full diff

Package name: doctoc

The new version differs by 25 commits.

• bc62221 2.0.1
• 41033dc Bump lodash from 4.17.20 to 4.17.21
• d631fa9 Bump hosted-git-info from 2.8.8 to 2.8.9
• 3dddb16 security: CVE-2021-23358 in underscore
• f98b159 Bump y18n from 4.0.0 to 4.0.1
• 2faf563 2.0.0
• 68af396 Bump lodash from 4.17.15 to 4.17.20 (Update webpack to version 1.12.15 🚀 mozilla/web-ext#187)
• 9bc2c83 Update dependencies to fix deprecation warnings (Update babel-core to version 6.7.5 🚀 mozilla/web-ext#179)
• d38d04b pre-commit docs: update sha -> rev (Do not require an ID when signing an extension mozilla/web-ext#178)
• bf7896b collapse consecutive blank lines if there's no title (closes Update babel-plugin-transform-es2015-modules-commonjs to version 6.6.4 🚀 mozilla/web-ext#101) (Add command to sign a web extension mozilla/web-ext#145)
• 88ec7cd Merge pull request Don't log info about the built extension when signing mozilla/web-ext#181 from uetchy/preserve
• f07f3aa fix: update notice text
• 88e4c56 docs: add help text for --update-only
• 04ffd96 feat: add notice for --update-only
• 2be533d chore: rename --preserve to --update-only
• 617c7c5 feat: flag to keep file without toc untouched
• f146558 add --all flag (web-ext build should ignore the artifacts-dir. mozilla/web-ext#186)
• 751f031 show warning if --all flag is set
• 41bd8ff change --entire to --all
• de06803 Make commands explicit and update npm versions (Update load-grunt-tasks to version 3.5.0 🚀 mozilla/web-ext#180)
• 405b035 add --entire flag
• 427b21a Create FUNDING.yml
• e4c74ae expose API in top level (Adds a logger and implements --verbose mozilla/web-ext#160)
• 164f78e 1.4.0

See the full diff

Package name: firefox-profile

The new version differs by 38 commits.

• 604f8da Update dependencies + version bump
• e3a6328 fix: remove deprecated jetpack-id dependency (Package also for chrome mozilla/web-ext#119)
• 940bedb Bump ini from 1.3.5 to 1.3.6 (Update babel-istanbul-loader to version 0.1.0 🚀 mozilla/web-ext#114)
• 3429330 Drop `async` (Change --firefox-binary to --firefox mozilla/web-ext#116)
• 60c1f61 Drop lodash (Document how to install / run web-ext from source mozilla/web-ext#115)
• cd63285 Merge pull request chore(): switch to more concise ES6 syntax mozilla/web-ext#113 from saadtazi/archiver-upgrade
• 4bdc619 update changelog and bump major
• b6322a5 remove "broken" tests
• 5bcd9bd some packages update
• e8534d5 prettier updates
• 2bd8e21 update archiver to v5.0
• 7aae99a Merge pull request Define all commands as yargs modules mozilla/web-ext#103 from saadtazi/dependabot/npm_and_yarn/stringstream-0.0.6
• 8713d0f Merge pull request Remove all flow adapters, use flow in all tests mozilla/web-ext#108 from saadtazi/dependabot/npm_and_yarn/minimist-1.2.3
• dbc296d Merge pull request Update babel-plugin-transform-flow-strip-types to version 6.6.5 🚀 mozilla/web-ext#109 from saadtazi/dependabot/npm_and_yarn/websocket-extensions-0.1.4
• a103206 Merge pull request Update eslint to version 2.3.0 🚀 mozilla/web-ext#111 from saadtazi/drop-nodejs-support-v6-v8
• f93d56b no more coveralls... to old :-(
• 635542e drop support for nodejs 6 & 8. test 10, 12 & 14.
• 71c3bcb Bump stringstream from 0.0.5 to 0.0.6
• 55956ef Merge pull request Update babel-core to version 6.6.5 🚀 mozilla/web-ext#110 from saadtazi/dependabot/npm_and_yarn/lodash-4.17.19
• bc55584 Bump lodash from 4.17.15 to 4.17.19
• a1e55e3 Bump websocket-extensions from 0.1.3 to 0.1.4
• a80195d Bump minimist from 1.2.0 to 1.2.3
• 8c1b45f v2.0.0
• e2ce1fc Merge pull request Update grunt-contrib-copy to version 1.0.0 🚀 mozilla/web-ext#107 from Photonios/browser-specific-settings

See the full diff

Package name: fx-runner

The new version differs by 43 commits.

• 37ae59d chore: Bump version for release 1.2.0
• e8fb0c3 chore(deps): update dependency async to v3.2.2 (Remove all Flow adapters that are used for testing mozilla/web-ext#87)
• 2f90e7e chore(deps): update dependency mocha to v9.1.3 (Update babel-plugin-transform-es2015-modules-commonjs to version 6.6.3 🚀 mozilla/web-ext#86)
• bb6da31 fix(deps): update dependency shell-quote to v1.7.3 ([Snyk] Security upgrade grunt-contrib-clean from 1.1.0 to 2.0.1 #59)
• 09a776e chore(deps): update dependency mocha to v9 (chore(package): update babel-plugin-transform-es2015-modules-commonjs… mozilla/web-ext#80)
• 429707b chore(deps): update dependency async to v3.2.1 (Update babel-plugin-transform-es2015-modules-commonjs to version 6.6.2 🚀 mozilla/web-ext#84)
• ca6c119 chore(deps): update dependency mocha to v8.4.0 (Convert all of web-ext promise chains to coroutines mozilla/web-ext#72)
• 4a223d0 chore(deps): update dependency chai to v4.3.4 (Run extension in a custom Firefox binary mozilla/web-ext#71)
• bbc17a8 chore(deps): update dependency glob-parent to 5.1.2 [security] (Update babel-polyfill to version 6.6.1 🚀 mozilla/web-ext#82)
• 60d5a88 chore: Updated package.json metadata (Update babel-preset-es2015 to version 6.6.0 🚀 mozilla/web-ext#77)
• 3795517 chore(circleci): persist_project_repo step should run on the build running on nodejs_current (Remove all the Flow regex-ignore hacks mozilla/web-ext#76)
• 43d3628 chore(circleci): Added missing persist_project_repo step in build jobs (Update babel-loader to version 6.2.4 🚀 mozilla/web-ext#75)
• 8ec14cd chore: bump version for release 1.1.0
• c664ac8 Look for Firefox in HKCU as well as HKLM (fix Add code coverage mozilla/web-ext#73) (Allow build() to be used by other commands mozilla/web-ext#74)
• f1f0358 chore(deps): update dependency chai to v4.3.1 (Install/run an extension from a directory of source code mozilla/web-ext#70)
• 56b7cdd chore(deps): update dependency mocha to v8.3.0 (Run an extension in a custom profile mozilla/web-ext#69)
• 88f5a0f chore(deps): update dependency async to v3 ([Snyk] Security upgrade firefox-profile from 1.2.0 to 4.3.2 #63)
• 12bcaf9 chore(deps): update dependency chai to v4 ([Snyk] Security upgrade addons-linter from 1.3.1 to 1.4.1 #64)
• f2158cf chore(deps): update dependency dive to v0.5.0 ([Snyk] Fix for 1 vulnerabilities #55)
• 2a395ec chore(deps): update dependency sandboxed-module to v2.0.4 ([Snyk] Fix for 1 vulnerabilities #57)
• 443c6d1 chore(deps): update dependency mocha to v8.2.1 ([Snyk] Security upgrade mkdirp from 0.5.1 to 0.5.2 #56)
• 09ac532 chore(deps): update dependency async to v0.9.2 ([Snyk] Security upgrade webpack-dev-server from 2.11.1 to 4.7.3 #54)
• 12a9fc8 chore(deps): pin dependency mocha to 8.0.1 ([Snyk] Security upgrade webpack-dev-server from 2.11.1 to 3.11.3 #53)
• b3b7449 chore: Add renovate.json ([Snyk] Security upgrade git-rev-sync from 1.9.1 to 3.0.2 #52)

See the full diff

Package name: git-rev-sync

The new version differs by 42 commits.

• 181b8e5 3.0.2
• c8fdfeb Bump version of shelljs to avoid vulnerability
• 88988d5 3.0.1
• 3da4873 note support in README
• 3f43131 3.0.0
• a3e2511 Fix typo in README
• 60b56bb rm node <4 support
• a5c1f9a 2.1.0
• 89bad33 update pjson.lock
• b660df1 Updated node version.
• 2efcb13 Upgrading shelljs to 0.8.4.
• 23b4f97 2.0.0
• 9babe4a update test node targets
• a0cd404 update readme; pin deps
• 5e2a9c8 also output errors when spawnSync fails
• 0b4d444 fix submodule handling
• 0615c5b Renamed isDirty to hasUnstagedChanges & added correct isDirty
• 34a93b2 Raise and relax graceful-fs dependency
• 3e575eb fix: worktree issue
• c999c06 1.12.0
• 771819f Add check for uncommitted changes
• c2b26bf 1.11.2
• 1eae65b rel [Snyk] Security upgrade conventional-changelog-cli from 2.0.1 to 2.0.7 #41; support null as empty path param
• 74f9326 1.11.1

See the full diff

Package name: grunt

The new version differs by 80 commits.

• 82d79b8 1.5.3
• 572d79b Merge pull request fix(deps): update dependency chrome-launcher to v0.12.0 mozilla/web-ext#1745 from gruntjs/fix-copy-op
• 58016ff Patch up race condition in symlink copying.
• 0749e1d Merge pull request chore(deps): update dependency flow-bin to v0.129.0 mozilla/web-ext#1746 from JamieSlome/patch-1
• 69b7c50 Create SECURITY.md
• ac667b2 1.5.2
• 7f15fd5 Update Changelog
• b0ec6e1 Merge pull request fix(deps): update dependency source-map-support to v0.5.15 mozilla/web-ext#1743 from gruntjs/cleanup-link
• 433f91b Clean up link handling
• d5969ec 1.5.1
• ad22608 Merge pull request test: Disabled code coverage collection on Travis windows workers mozilla/web-ext#1742 from gruntjs/update-symlink-test
• 0652305 Fix symlink test
• a7ab0a8 1.5.0
• b2b2c2b Updated changelog
• 3eda6ae Merge pull request chore(deps): update dependency eslint to v6.6.0 mozilla/web-ext#1740 from gruntjs/update-deps-22-10
• 47d32de Update testing matrix
• 2e9161c More updates
• 04b960e Remove console log
• aad3d45 Update dependencies, tests...
• fdc7056 Merge pull request chore(deps): update dependency flow-bin to v0.110.0 mozilla/web-ext#1736 from justlep/main
• e35fe54 support .cjs extension
• ee722d1 1.4.1
• e7625e5 Update Changelog
• 5d67e34 Merge pull request chore: Upgrade to node 10 mozilla/web-ext#1731 from gruntjs/update-options

See the full diff

Package name: mkdirp

The new version differs by 4 commits.

• b2e7ba0 0.5.2
• c5b97d1 bump minimist to 1.2 to fix security issue
• f2003bb test: add v4 and v5 to travis
• b8629ff tools: update tap + mock-fs. Fix broken test

See the full diff

Package name: mocha

The new version differs by 250 commits.

• eb781e2 Release v6.2.3
• 10dbe94 update CHANGELOG for v6.2.3 [ci skip]
• 848d6fb security: update mkdirp, yargs, yargs-parser
• 843a322 6.2.2
• aec8b02 update CHANGELOG for v6.2.2 [ci skip]
• 7a8b95a npm audit fixes
• cebddf2 Improve reporter documentation for mocha in browser. (#4026)
• 3f7b987 uncaughtException: report more than one exception per test (#4033)
• ee82d38 modify alt text of image from Backers to Sponsors inside Sponsors section in Readme (#4046)
• e9c036c special-case parsing of "require" in unparseNodeArgs(); closes #4035 (#4063)
• 954cf0b Fix HTMLCollection iteration to make unhide function work as expected (#4051)
• 816dc27 uncaughtException: fix double EVENT_RUN_END events (#4025)
• 9650d3f add OpenJS Foundation logo to website (#4008)
• f04b81d Adopt the OpenJSF Code of Conduct (#3971)
• aca8895 Add link checking to docs build step (#3972)
• ef6c820 Release v6.2.1
• 9524978 updated CHANGELOG for v6.2.1 [ci skip]
• dfdb8b3 Update yargs to v13.3.0 (#3986)
• 18ad1c1 treat '--require esm' as Node option (#3983)
• fcffd5a Update yargs-unparser to v1.6.0 (#3984)
• ad4860e Remove extraGlobals() (#3970)
• b269ad0 Clarify effect of .skip() (#3947)
• 1e6cf3b Add Matomo to website (#3765)
• 91b3a54 fix style on mochajs.org (#3886)

See the full diff

Package name: node-notifier

The new version differs by 61 commits.

• ae03eed v5.4.5
• 2cdb290 patch: fixes security issue with non-escaping inputs [GHSL-2020-373]
• 93fa026 v5.4.4
• c4b8ade patch: fixes possible injection issue for notify-send
• 1101e6d Update version to v5.4.3
• d204329 Revert "Fixes tests after mapping change"
• 9a1fc72 Update lock file after audit
• 8769921 Revert "Bumps all dependencies"
• 3ae8fd7 Merge pull request Update eslint to version 2.12.0 🚀 mozilla/web-ext#284 from mikaelbr/revert-271-overwritable-timeout
• 5c48dc8 Revert "Allow timeout: false to remove a timeout"
• 722f9d9 Revert "Remove node 6 from travis run"
• 12d971d Revert "v5.4.2"
• d907d54 Revert "Revert "Fixes tests after mapping change""
• b9946dc Merge pull request Update babel-core to version 6.9.1 🚀 mozilla/web-ext#271 from jnielson94/overwritable-timeout
• 698c103 Merge branch 'master' into overwritable-timeout
• fd851c8 Remove node 6 from travis run
• c153da9 Updates changelog
• 378077c v5.4.2
• 8f136d9 Bumps all dependencies
• 2bbcc2d Revert "Fixes tests after mapping change"
• 64decfb v5.4.1
• e271899 Revert "Adds default timeout to notification center"
• 3fefdf3 Merge pull request Update yauzl to version 2.4.3 🚀 mozilla/web-ext#274 from Aarbel/patch-1
• ae64c68 Add event doc on notifier.onclick

See the full diff

Package name: sign-addon

The new version differs by 56 commits.

• cfc4bb0 chore: fix npm run changelog (feat: web-ext sign now supports extensions without explicit IDs mozilla/web-ext#340)
• af91a92 fix: use API v4 (npm run lint should not use file caching mozilla/web-ext#339)
• 47d4cf2 Increase signedStatusCheckTimeout (chore: Increase test suite time-out for Travis I/O mozilla/web-ext#338)
• ae7f8f3 chore(deps): update dependency webpack-cli to v3.3.10 (Update babel-istanbul to version 0.11.0 🚀 mozilla/web-ext#337)
• 05535ff feat: Remove grunt (flaky test: build lets you rebuild when files change mozilla/web-ext#335)
• c835820 chore(deps): update dependency webpack-dev-server to v3.9.0 (chore: Added a changelog script mozilla/web-ext#315)
• aa30b22 chore(deps): update dependency webpack to v4.41.2 (ECONNREFUSED since v1.1.0 mozilla/web-ext#317)
• c865290 chore(deps): update dependency mocha to v6.2.2 (Update babel-eslint to version 6.1.0 🚀 mozilla/web-ext#312)
• b72d0a8 chore(deps): update babel monorepo (Update sign-addon to version 0.0.4 🚀 mozilla/web-ext#316)
• 1cfa1e6 chore(deps): update dependency eslint to v6.6.0 (Show usage on missing or wrong command. mozilla/web-ext#311)
• 6bb7b45 fix(deps): update dependency core-js to v3.3.5 (Some modules are missing from dependencies mozilla/web-ext#318)
• 6ecdf64 fix(deps): update dependency source-map-support to v0.5.16 (Require npm greater than 3.0.0 in package.json mozilla/web-ext#330)
• a3ed6b1 chore(deps): lock file maintenance (Upgrade sign-addon mozilla/web-ext#313)
• c228fc1 feat: Add Prettier (Relative source path causes NS_ERROR_FILE_UNRECOGNIZED_PATH error mozilla/web-ext#332)
• 1853ce6 feat: Add static types via TypeScript + JSDoc (Update source-map-support to version 0.4.1 🚀 mozilla/web-ext#327)
• 51d2650 Fix request() call (Increase timeout before giving up on remote debugger connection mozilla/web-ext#322)
• a8877cf chore(deps): update dependency eslint to v6 (Show usage exceptions without a stacktrace mozilla/web-ext#310)
• ef9a679 chore(deps): update dependency eslint to v4.19.1 (fix: Re-enabled support for running extensions in Firefox 48 mozilla/web-ext#309)
• ab34b22 chore(deps): update dependency babel-eslint to v10 (Exclude web-ext-artifacts folder from web-ext build mozilla/web-ext#291)
• 5757340 chore(deps): update dependency eslint to v4 [security] (Update yauzl to version 2.4.3 🚀 mozilla/web-ext#274)
• f12ecb1 fix(deps): update dependency es6-promisify to v6 (run --no-reload has no effect mozilla/web-ext#304)
• 09fca99 chore(deps): update dependency webpack to v4.41.0 (Update babel-eslint to version 6.0.5 🚀 mozilla/web-ext#302)
• f3c6c79 fix(deps): update dependency source-map-support to v0.5.13 (Update deepcopy to version 0.6.3 🚀 mozilla/web-ext#289)
• 4c3069a chore(deps): update babel monorepo (Update babel-polyfill to version 6.9.1 🚀 mozilla/web-ext#272)

See the full diff

Package name: update-notifier

The new version differs by 50 commits.

• 311557e 6.0.0
• 9183541 Require Node.js 14 and move to ESM
• 3fdb218 5.1.0
• 73c391b Upgrade dependencies
• 0a6027e Move to GitHub Actions
• d8fa601 Rename `master` branch to `main`
• f63b2eb 5.0.1
• 9e2b772 Update dependencies
• da7c464 5.0.0
• 5b440c2 Require Node.js 10
• 3dfe42d Don't suggest to upgrade to lower version (Load add-on from pseudo symlink in run command mozilla/web-ext#192)
• 132b7ce Remove a project from "Users" section (Update flow-bin to version 0.23.0 🚀 mozilla/web-ext#191)
• c9d2166 4.1.1
• f42fc8f Improve vertical alignment of the notifier output (fix(): Fixed source-map-support import error mozilla/web-ext#183)
• 71a3f19 Use HTTPS links
• 64c5236 Fix Travis
• 9d9f4ff 4.1.0
• 4062f12 Update dependencies
• adbeb6e Add template support for the `message` option (fix(): Increased test timeout for Travis mozilla/web-ext#175)
• adf7803 4.0.0
• fb5161c Remove the `callback` option (Update eslint to version 2.5.2 🚀 mozilla/web-ext#158)
• 39682de Rename `boxenOpts` option to `boxenOptions`
• bc1721a Avoid showing notification if current version is the latest (docs(): Improved commit message docs mozilla/web-ext#174)
• ccaf686 Update dependencies

See the full diff

Package name: watchpack

The new version differs by 28 commits.

• d5b9c58 1.7.1
• 1cacc77 add chokidar2 package to package.json files
• 2db42a7 1.7.0
• 59a4990 Merge pull request Update eslint to version 2.5.1 🚀 mozilla/web-ext#153 from coreyward/update-chokidar
• f53f6c7 run CI with node.js 14
• e95336f add additional assumption test to ensure chokidar do not emit events after close
• e27a81f Update chokidar to 3.4.0
• 11caedf use chokidar 2 or 3 depending on node.js version
• f6d5f77 log out watching errors
• da8c244 catch errors on closing
• 9efbb97 enforce [email protected]
• 7dd76d9 Update chokidar to 3.3.0
• 88e13a6 Merge pull request Update babel-eslint to version 5.0.1 🚀 mozilla/web-ext#155 from webpack/ci/appveyor-yarn