[Snyk] Upgrade lint-staged from 11.1.2 to 13.0.3

[snyk-bot]

Snyk has created this PR to upgrade lint-staged from 11.1.2 to 13.0.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 45 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2022-06-24.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-SETVALUE-450213	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-1540541	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-450213	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-1540541	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MIXINDEEP-450212	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-608086	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-450202	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Arbitrary Code Execution SNYK-JS-JSYAML-174129	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary Code Execution SNYK-JS-ISMYJSONVALID-597167	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISMYJSONVALID-597165	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-ASYNC-2441827	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Information Exposure SNYK-JS-NODEFETCH-2342118	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-559764	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-JSYAML-173999	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-JSONPOINTER-1577288	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Reverse Tabnabbing SNYK-JS-ISTANBULREPORTS-2328088	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Validation Bypass SNYK-JS-KINDOF-537849	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-JSONPOINTER-598804	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: lint-staged

• 13.0.3 - 2022-06-24
  

  13.0.3 (2022-06-24)

  Bug Fixes

  • correctly handle git stash when using MSYS2 (#1178) (0d627a5)
• 13.0.2 - 2022-06-16
  

  13.0.2 (2022-06-16)

  Bug Fixes

  • use new --diff and --diff-filter options when checking task modifications (1a5a66a)
• 13.0.1 - 2022-06-08
  

  13.0.1 (2022-06-08)

  Bug Fixes

  • correct spelling of "0 files" (f27f1d4)
  • suppress error from process.kill when killing tasks on failure (f2c6bdd)
  • deps: update pidtree@^0.6.0 to fix screen size error in WSL (1a77e42)
  • ignore "No matching pid found" error (cb8a432)
  • prevent possible race condition when killing tasks on failure (bc92aff)

  Performance Improvements

  • use EventsEmitter instead of setInterval for killing tasks on failure (c508b46)
• 13.0.0 - 2022-06-01
  

  13.0.0 (2022-06-01)

  Bug Fixes

  • deps: update execa@^6.1.0 (659c85c)
  • deps: update yaml@^2.1.1 (2750a3d)

  Features

  • remove support for Node.js 12 (5fb6df9)

  BREAKING CHANGES

  • lint-staged will no longer support Node.js 12, which is EOL since 30 April 2022
• 12.5.0 - 2022-05-31
  

  12.5.0 (2022-05-31)

  Bug Fixes

  • include all files when using --config <path> (641d1c2)
  • skip backup stash when using the --diff option (d4da24d)

  Features

  • add --diff-filter option for overriding list of (staged) files (753ef72)
  • add --diff option for overriding list of (staged) files (35fcce9)
• 12.4.3 - 2022-05-30
  

  12.4.3 (2022-05-30)

  Bug Fixes

  • deps: downgrade [email protected] to support Node.js 12 (383a96e)
  • deps: update commander@^9.2.0 (22ebf52)
  • deps: update yaml@^2.0.1 (ec73af0)
• 12.4.2 - 2022-05-24
  

  12.4.2 (2022-05-24)

  Bug Fixes

  • correctly handle --max-arg-length cli option (1db5f26)
• 12.4.1 - 2022-04-26
  

  12.4.1 (2022-04-26)

  Bug Fixes

  • correctly handle symlinked config files (b3f63ec)
• 12.4.0 - 2022-04-20
  

  12.4.0 (2022-04-20)

  Bug Fixes

  • handle empty input by returning empty array from parseGitZOutput (a118817)
  • limit configuration discovery to cwd (d8fdf1d)
  • restore functionality of parent globs for a single configuration file (877ab4c)

  Features

  • expose --max-arg-length cli option (e8291b0)
• 12.3.8 - 2022-04-15
  

  12.3.8 (2022-04-15)

  Bug Fixes

  • avoid passing unexpected arguments from forEach to process.kill() (1b1f0e4)
  • clear execution interruption interval on first catch (46952cb)
• 12.3.7 - 2022-03-17
• 12.3.6 - 2022-03-16
• 12.3.5 - 2022-03-05
• 12.3.4 - 2022-02-13
• 12.3.3 - 2022-02-01
• 12.3.2 - 2022-01-26
• 12.3.1 - 2022-01-23
• 12.3.0 - 2022-01-23
• 12.2.2 - 2022-01-20
• 12.2.1 - 2022-01-19
• 12.2.0 - 2022-01-18
• 12.1.7 - 2022-01-07
• 12.1.6 - 2022-01-07
• 12.1.5 - 2022-01-02
• 12.1.4 - 2021-12-24
• 12.1.3 - 2021-12-18
• 12.1.2 - 2021-11-22
• 12.1.1 - 2021-11-21
• 12.1.0 - 2021-11-21
• 12.0.3 - 2021-11-18
• 12.0.2 - 2021-11-14
• 12.0.1 - 2021-11-13
• 12.0.0 - 2021-11-13
• 11.3.0-beta.2 - 2021-10-30
• 11.3.0-beta.1 - 2021-10-04
• 11.2.6 - 2021-10-26
• 11.2.5 - 2021-10-26
• 11.2.4 - 2021-10-23
• 11.2.3 - 2021-10-10
• 11.2.2 - 2021-10-09
• 11.2.1 - 2021-10-09
• 11.2.0 - 2021-10-04
• 11.2.0-beta.1 - 2021-10-02
• 11.1.4 - 2021-10-02
• 11.1.3 - 2021-10-02
• 11.1.2 - 2021-08-06

from lint-staged GitHub release notes

Commit messages

Package name: lint-staged

• 0d627a5 fix: correctly handle git stash when using MSYS2 (Genitive case plurals i18next/i18next#1178)
• 1a5a66a fix: use new `--diff` and `--diff-filter` options when checking task modifications
• 32806da test: split integration tests into separate files and improve isolation
• 4384114 refactor: reuse Listr stuff better
• f27f1d4 fix: correct spelling of "0 files"
• f2c6bdd fix: suppress error from `process.kill` when killing tasks on failure
• c5cec0a docs: add section about task concurrency to README.md
• 5bf1f18 docs: remove `mrm` from README.md
• c508b46 perf: use `EventsEmitter` instead of `setInterval` for killing tasks on failure
• 1a77e42 fix(deps): update pidtree@^0.6.0 to fix screen size error in WSL
• 9e3394e chore(deps): update dependencies
• bc92aff fix: prevent possible race condition when killing tasks on failure
• cb8a432 fix: ignore "No matching pid found" error
• 50f95b3 refactor: remove `supports-color`
• 659c85c fix(deps): update `execa@^6.1.0`
• 2750a3d fix(deps): update `yaml@^2.1.1`
• 5f0a6a7 refactor: use optional chaining `?.`
• eae9622 refactor: use `node:` protocol imports
• 5fb6df9 feat: remove support for Node.js 12
• d4da24d fix: skip backup stash when using the `--diff` option
• 1f06dd0 refactor: do not use Symbol in configuration mapping
• 641d1c2 fix: include all files when using `--config <path>`
• 753ef72 feat: add `--diff-filter` option for overriding list of (staged) files
• 35fcce9 feat: add `--diff` option for overriding list of (staged) files

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs