Git Product home page Git Product logo

atlassian's Introduction

Logo

atlassian

jira and confluence command line interface.

Version Bundle size Downloads

CodeFactor SonarCloud Codacy Scrutinizer

Dependencies Security Build Status Coverage Status

Commit activity FOSSA License

πŸ‡ΊπŸ‡¦ Help Ukraine

I woke up on my 26th birthday at 5 am from the blows of russian missiles. They attacked the city of Kyiv, where I live, as well as the cities in which my family and friends live. Now my country is a war zone.

We fight for democratic values, freedom, for our future! Once again Ukrainians have to stand against evil, terror, against genocide. The outcome of this war will determine what path human history is taking from now on.

πŸ’›πŸ’™ Help Ukraine! We need your support! There are dozen ways to help us, just do it!

Table of Contents

Requirements

Platform Status

To use library you need to have node and npm installed in your machine:

  • node >=10
  • npm >=6

Note: if you received yargs error "yargs parser supports a minimum Node.js version of x", try to set evironment variable YARGS_MIN_NODE_VERSION=10.

Package is continuously tested on darwin, linux and win32 platforms. All active and maintenance LTS node releases are supported.

Installation

To install the library run the following command

  npm i -g atlassian

Usage

Jira cli

Init

jira init

Add attlasian profile

Options:
  -h, --help     Show help                                             [boolean]
      --version  Show version number                                   [boolean]

List Tasks

Generally, jira list command can help to list all tasks

jira list [--dev] [--mine] [--search=<search>] [--sprint=<sprint>] [--verbose]
[--profile=<profile>]

List Tasks

Options:
  -h, --help                Show help                                                 [boolean]
      --version             Show version number                                       [boolean]
  -v, --verbose             verbose logs                                              [boolean]
  -p, --profile             specify profile name                                       [string]
  -d, --dev, --development  filter only tasks in development                          [boolean]
  -m, --mine, --my          filter only mine issues                                   [boolean]
  -s, --search, --grep      search issues by summary                                   [string]
      --sprint              specify sprints for filter
                                           [array] [choices: "all", "open"] [default: ["open"]]

Some common examples:

  1. get all mine tasks in development for open sprint:

       jira ls -dm

    where ls is alias for list command and -dm means mine tasks in dev status

  2. search issues that contains memory leak words:

       jira ls -s 'memory leak'

    where -s is a shortcut for --search or --grep

Send issue(s) to testing

jira test [--verbose] [--profile=<profile>] <issueId...>

Send task to testing

Options:
  -h, --help     Show help                                                            [boolean]
      --version  Show version number                                                  [boolean]
  -v, --verbose  verbose logs                                                         [boolean]
  -p, --profile  specify profile name                                                  [string]
      --issueId  id(s) of task                                                          [array]

Clear worklog

jira worklog clear <issueId> [--verbose] [--profile=<profile>]

Clear worklog

Positionals:
  <issueId>  Id of the issue                                                           [string]

Options:
  -h, --help     Show help                                                            [boolean]
      --version  Show version number                                                  [boolean]
  -v, --verbose  verbose logs                                                         [boolean]
  -p, --profile  specify profile name                                                  [string]

Print jira statuses

jira statuses [--verbose] [--profile=<profile>]

List jira configuration statuses

Options:
  -h, --help     Show help                                                            [boolean]
      --version  Show version number                                                  [boolean]

Confluence cli

Init

confluence init

Add attlasian profile

Options:
  -h, --help     Show help                                             [boolean]
      --version  Show version number                                   [boolean]

Get list of pages

confluence pages <space> [--profile=<profile>] [--verbose]

List Pages

Options:
      --version  Show version number                                                  [boolean]
  -h, --help     Show help                                                            [boolean]
  -v, --verbose  verbose logs                                                         [boolean]
      --debug    debug logs                                                           [boolean]
      --space    Id of confluence space                                                [string]

Export page of pdf

To export specific page as pdf firstly obtain pageId. Then use pageId as argument for next command:

confluence export <page> [--path=<path>] [--verbose] [--debug] [--profile=<profile>]

Export Page as pdf

Options:
      --version  Show version number                                                  [boolean]
  -h, --help     Show help                                                            [boolean]
  -v, --verbose  verbose logs                                                         [boolean]
      --debug    debug logs                                                           [boolean]
      --page     Id of space page                                                      [string]

Path to generated .pdf will be written to stdout.

Contribute

Make the changes to the code and tests. Then commit to your branch. Be sure to follow the commit message conventions. Read Contributing Guidelines for details.

atlassian's People

Contributors

lalaps[bot] avatar lgtm-com[bot] avatar pustovitdmytro avatar renovate-bot avatar renovate[bot] avatar semantic-release-bot avatar snyk-bot avatar

Stargazers

avatar avatar

Watchers

avatar avatar avatar

Forkers

fossabot hartl3y94 fr34k8 lgtm-migrator

atlassian's Issues

CVE-2022-0536 (Medium) detected in follow-redirects-1.14.7.tgz - autoclosed

CVE-2022-0536 - Medium Severity Vulnerability

Vulnerable Library - follow-redirects-1.14.7.tgz

HTTP and HTTPS modules that follow redirects.

Library home page: https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.7.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/follow-redirects/package.json

Dependency Hierarchy:

  • base-api-client-1.5.8.tgz (Root Library)
    • axios-0.25.0.tgz
      • ❌ follow-redirects-1.14.7.tgz (Vulnerable Library)

Found in HEAD commit: dd0a7d4da9a8000bf0c587c216284c759a38b136

Found in base branch: master

Vulnerability Details

Exposure of Sensitive Information to an Unauthorized Actor in NPM follow-redirects prior to 1.14.8.

Publish Date: 2022-02-09

URL: CVE-2022-0536

CVSS 3 Score Details (5.9)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: High
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: None
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0536

Release Date: 2022-02-09

Fix Resolution: follow-redirects - 1.14.8

Step up your Open Source Security Game with Mend here

Feature: dry-run

Is your feature request related to a problem? Please describe.
Add --dry-run option for 'unsafe' use-cases

CVE-2022-31051 (High) detected in semantic-release-19.0.2.tgz - autoclosed

CVE-2022-31051 - High Severity Vulnerability

Vulnerable Library - semantic-release-19.0.2.tgz

Automated semver compliant package publishing

Library home page: https://registry.npmjs.org/semantic-release/-/semantic-release-19.0.2.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/semantic-release/package.json

Dependency Hierarchy:

  • ❌ semantic-release-19.0.2.tgz (Vulnerable Library)

Found in HEAD commit: 9b797f877c39ef1c3817e76133983c4332052454

Found in base branch: master

Vulnerability Details

semantic-release is an open source npm package for automated version management and package publishing. In affected versions secrets that would normally be masked by semantic-release can be accidentally disclosed if they contain characters that are excluded from uri encoding by encodeURI. Occurrence is further limited to execution contexts where push access to the related repository is not available without modifying the repository url to inject credentials. Users are advised to upgrade. Users unable to upgrade should ensure that secrets that do not contain characters that are excluded from encoding with encodeURI when included in a URL are already masked properly.

Publish Date: 2022-06-09

URL: CVE-2022-31051

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: None
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-x2pg-mjhr-2m5x

Release Date: 2022-06-09

Fix Resolution: 19.0.3

Step up your Open Source Security Game with Mend here

Feature: add aliases

Is your feature request related to a problem? Please describe.
Add alias (last month, last week...)

CVE-2022-0235 (Medium) detected in node-fetch-2.6.1.tgz - autoclosed

CVE-2022-0235 - Medium Severity Vulnerability

Vulnerable Library - node-fetch-2.6.1.tgz

A light-weight module that brings window.fetch to node.js

Library home page: https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.1.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/danger/node_modules/node-fetch/package.json

Dependency Hierarchy:

  • danger-10.8.0.tgz (Root Library)
    • ❌ node-fetch-2.6.1.tgz (Vulnerable Library)

Found in base branch: master

Vulnerability Details

node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

Publish Date: 2022-01-16

URL: CVE-2022-0235

CVSS 3 Score Details (6.1)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Changed
  • Impact Metrics:
    • Confidentiality Impact: Low
    • Integrity Impact: Low
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-r683-j2x4-v87g

Release Date: 2022-01-16

Fix Resolution: node-fetch - 2.6.7,3.1.1

Step up your Open Source Security Game with WhiteSource here

CVE-2021-23566 (Medium) detected in nanoid-3.1.25.tgz - autoclosed

CVE-2021-23566 - Medium Severity Vulnerability

Vulnerable Library - nanoid-3.1.25.tgz

A tiny (108 bytes), secure URL-friendly unique string ID generator

Library home page: https://registry.npmjs.org/nanoid/-/nanoid-3.1.25.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/nanoid/package.json

Dependency Hierarchy:

  • mocha-9.1.2.tgz (Root Library)
    • ❌ nanoid-3.1.25.tgz (Vulnerable Library)

Found in base branch: master

Vulnerability Details

The package nanoid before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated.

Publish Date: 2022-01-14

URL: CVE-2021-23566

CVSS 3 Score Details (5.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Local
    • Attack Complexity: Low
    • Privileges Required: Low
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: None
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23566

Release Date: 2022-01-14

Fix Resolution: nanoid - 3.1.31

Step up your Open Source Security Game with WhiteSource here

CVE-2022-2216 (High) detected in parse-url-6.0.0.tgz - autoclosed

CVE-2022-2216 - High Severity Vulnerability

Vulnerable Library - parse-url-6.0.0.tgz

An advanced url parser supporting git urls too.

Library home page: https://registry.npmjs.org/parse-url/-/parse-url-6.0.0.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/parse-url/package.json

Dependency Hierarchy:

  • semantic-release-telegram-1.5.1.tgz (Root Library)
    • git-url-parse-11.6.0.tgz
      • git-up-4.0.5.tgz
        • ❌ parse-url-6.0.0.tgz (Vulnerable Library)

Found in HEAD commit: dd0a7d4da9a8000bf0c587c216284c759a38b136

Found in base branch: master

Vulnerability Details

Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 7.0.0.

Publish Date: 2022-06-27

URL: CVE-2022-2216

CVSS 3 Score Details (9.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://huntr.dev/bounties/505a3d39-2723-4a06-b1f7-9b2d133c92e1/

Release Date: 2022-06-27

Fix Resolution: parse-url - 6.0.1

Step up your Open Source Security Game with Mend here

WS-2022-0238 (High) detected in parse-url-6.0.0.tgz - autoclosed

WS-2022-0238 - High Severity Vulnerability

Vulnerable Library - parse-url-6.0.0.tgz

An advanced url parser supporting git urls too.

Library home page: https://registry.npmjs.org/parse-url/-/parse-url-6.0.0.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/parse-url/package.json

Dependency Hierarchy:

  • semantic-release-telegram-1.5.1.tgz (Root Library)
    • git-url-parse-11.6.0.tgz
      • git-up-4.0.5.tgz
        • ❌ parse-url-6.0.0.tgz (Vulnerable Library)

Found in HEAD commit: dd0a7d4da9a8000bf0c587c216284c759a38b136

Found in base branch: master

Vulnerability Details

File Protocol Spoofing in parse-url before 8.0.0 can lead to attacks, such as XSS, Arbitrary Read/Write File, and Remote Code Execution.

Publish Date: 2022-06-30

URL: WS-2022-0238

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: High
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://huntr.dev/bounties/52060edb-e426-431b-a0d0-e70407e44f18/

Release Date: 2022-06-30

Fix Resolution: parse-url - 8.0.0

Step up your Open Source Security Game with Mend here

CVE-2022-29244 (High) detected in npm-8.4.1.tgz - autoclosed

CVE-2022-29244 - High Severity Vulnerability

Vulnerable Library - npm-8.4.1.tgz

a package manager for JavaScript

Library home page: https://registry.npmjs.org/npm/-/npm-8.4.1.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/npm/package.json

Dependency Hierarchy:

  • semantic-release-19.0.2.tgz (Root Library)
    • npm-9.0.0.tgz
      • ❌ npm-8.4.1.tgz (Vulnerable Library)

Found in HEAD commit: dd0a7d4da9a8000bf0c587c216284c759a38b136

Found in base branch: master

Vulnerability Details

npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag (ie. --workspaces, --workspace=<name>). Anyone who has run npm pack or npm publish inside a workspace, as of v7.9.0 and v7.13.0 respectively, may be affected and have published files into the npm registry they did not intend to include. Users should upgrade to the latest, patched version of npm v8.11.0, run: npm i -g npm@latest . Node.js versions v16.15.1, v17.19.1, and v18.3.0 include the patched v8.11.0 version of npm.

Publish Date: 2022-06-13

URL: CVE-2022-29244

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: None
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-hj9c-8jmm-8c52

Release Date: 2022-06-13

Fix Resolution (npm): 8.11.0

Direct dependency fix Resolution (semantic-release): 19.0.3

Step up your Open Source Security Game with Mend here

CVE-2022-2900 (High) detected in parse-url-6.0.0.tgz - autoclosed

CVE-2022-2900 - High Severity Vulnerability

Vulnerable Library - parse-url-6.0.0.tgz

An advanced url parser supporting git urls too.

Library home page: https://registry.npmjs.org/parse-url/-/parse-url-6.0.0.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/parse-url/package.json

Dependency Hierarchy:

  • semantic-release-telegram-1.5.1.tgz (Root Library)
    • git-url-parse-11.6.0.tgz
      • git-up-4.0.5.tgz
        • ❌ parse-url-6.0.0.tgz (Vulnerable Library)

Found in HEAD commit: dd0a7d4da9a8000bf0c587c216284c759a38b136

Found in base branch: master

Vulnerability Details

Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 8.1.0.

Publish Date: 2022-09-14

URL: CVE-2022-2900

CVSS 3 Score Details (9.1)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2022-09-14

Fix Resolution: parse-url - 8.0.0

Step up your Open Source Security Game with Mend here

CVE-2021-43307 (High) detected in semver-regex-3.1.3.tgz - autoclosed

CVE-2021-43307 - High Severity Vulnerability

Vulnerable Library - semver-regex-3.1.3.tgz

Regular expression for matching semver versions

Library home page: https://registry.npmjs.org/semver-regex/-/semver-regex-3.1.3.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/semver-regex/package.json

Dependency Hierarchy:

  • semantic-release-19.0.2.tgz (Root Library)
    • find-versions-4.0.0.tgz
      • ❌ semver-regex-3.1.3.tgz (Vulnerable Library)

Found in HEAD commit: dd0a7d4da9a8000bf0c587c216284c759a38b136

Found in base branch: master

Vulnerability Details

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test() method

Publish Date: 2022-06-02

URL: CVE-2021-43307

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://research.jfrog.com/vulnerabilities/semver-regex-redos-xray-211349/

Release Date: 2022-06-02

Fix Resolution (semver-regex): 3.1.4

Direct dependency fix Resolution (semantic-release): 19.0.3

Step up your Open Source Security Game with Mend here

CVE-2024-28849 (Medium) detected in follow-redirects-1.15.2.tgz

CVE-2024-28849 - Medium Severity Vulnerability

Vulnerable Library - follow-redirects-1.15.2.tgz

HTTP and HTTPS modules that follow redirects.

Library home page: https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/follow-redirects/package.json

Dependency Hierarchy:

  • base-api-client-1.5.8.tgz (Root Library)
    • axios-0.25.0.tgz
      • ❌ follow-redirects-1.15.2.tgz (Vulnerable Library)

Found in base branch: master

Vulnerability Details

follow-redirects is an open source, drop-in replacement for Node's http and https modules that automatically follows redirects. In affected versions follow-redirects only clears authorization header during cross-domain redirect, but keep the proxy-authentication header which contains credentials too. This vulnerability may lead to credentials leak, but has been addressed in version 1.15.6. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Publish Date: 2024-03-14

URL: CVE-2024-28849

CVSS 3 Score Details (6.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: Low
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: None
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-cxjh-pqwp-8mfp

Release Date: 2024-03-14

Fix Resolution: follow-redirects - 1.15.6

Step up your Open Source Security Game with Mend here

CVE-2021-3807 (High) detected in ansi-regex-3.0.0.tgz, ansi-regex-5.0.0.tgz - autoclosed

CVE-2021-3807 - High Severity Vulnerability

Vulnerable Libraries - ansi-regex-3.0.0.tgz, ansi-regex-5.0.0.tgz

ansi-regex-3.0.0.tgz

Regular expression for matching ANSI escape codes

Library home page: https://registry.npmjs.org/ansi-regex/-/ansi-regex-3.0.0.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/npm/node_modules/string-width/node_modules/ansi-regex/package.json

Dependency Hierarchy:

  • semantic-release-19.0.2.tgz (Root Library)
    • npm-9.0.0.tgz
      • npm-8.4.1.tgz
        • npmlog-6.0.0.tgz
          • gauge-4.0.0.tgz
            • wide-align-1.1.5.tgz
              • string-width-2.1.1.tgz
                • strip-ansi-4.0.0.tgz
                  • ❌ ansi-regex-3.0.0.tgz (Vulnerable Library)
ansi-regex-5.0.0.tgz

Regular expression for matching ANSI escape codes

Library home page: https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/npm/node_modules/cli-table3/node_modules/ansi-regex/package.json

Dependency Hierarchy:

  • semantic-release-19.0.2.tgz (Root Library)
    • npm-9.0.0.tgz
      • npm-8.4.1.tgz
        • cli-table3-0.6.1.tgz
          • string-width-4.2.2.tgz
            • strip-ansi-6.0.0.tgz
              • ❌ ansi-regex-5.0.0.tgz (Vulnerable Library)

Found in HEAD commit: 9b797f877c39ef1c3817e76133983c4332052454

Found in base branch: master

Vulnerability Details

ansi-regex is vulnerable to Inefficient Regular Expression Complexity

Publish Date: 2021-09-17

URL: CVE-2021-3807

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994/

Release Date: 2021-09-17

Fix Resolution (ansi-regex): 3.0.1

Direct dependency fix Resolution (semantic-release): 19.0.3

Fix Resolution (ansi-regex): 5.0.1

Direct dependency fix Resolution (semantic-release): 19.0.3

Step up your Open Source Security Game with Mend here

CVE-2023-45857 (Medium) detected in axios-0.25.0.tgz

CVE-2023-45857 - Medium Severity Vulnerability

Vulnerable Library - axios-0.25.0.tgz

Promise based HTTP client for the browser and node.js

Library home page: https://registry.npmjs.org/axios/-/axios-0.25.0.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/axios/package.json

Dependency Hierarchy:

  • base-api-client-1.5.8.tgz (Root Library)
    • ❌ axios-0.25.0.tgz (Vulnerable Library)

Found in base branch: master

Vulnerability Details

An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.

Publish Date: 2023-11-08

URL: CVE-2023-45857

CVSS 3 Score Details (6.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: None
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2023-11-08

Fix Resolution: axios - 1.6.0

Step up your Open Source Security Game with Mend here

CVE-2022-0624 (High) detected in parse-path-4.0.3.tgz - autoclosed

CVE-2022-0624 - High Severity Vulnerability

Vulnerable Library - parse-path-4.0.3.tgz

Parse paths (local paths, urls: ssh/git/etc)

Library home page: https://registry.npmjs.org/parse-path/-/parse-path-4.0.3.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/parse-path/package.json

Dependency Hierarchy:

  • semantic-release-telegram-1.5.1.tgz (Root Library)
    • git-url-parse-11.6.0.tgz
      • git-up-4.0.5.tgz
        • parse-url-6.0.0.tgz
          • ❌ parse-path-4.0.3.tgz (Vulnerable Library)

Found in HEAD commit: dd0a7d4da9a8000bf0c587c216284c759a38b136

Found in base branch: master

Vulnerability Details

Authorization Bypass Through User-Controlled Key in GitHub repository ionicabizau/parse-path prior to 5.0.0.

Publish Date: 2022-06-28

URL: CVE-2022-0624

CVSS 3 Score Details (7.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: Low
    • Integrity Impact: Low
    • Availability Impact: Low

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0624

Release Date: 2022-06-28

Fix Resolution: parse-path - 5.0.0

Step up your Open Source Security Game with Mend here

CVE-2021-35065 (High) detected in glob-parent-5.1.2.tgz - autoclosed

CVE-2021-35065 - High Severity Vulnerability

Vulnerable Library - glob-parent-5.1.2.tgz

Extract the non-magic parent path from a glob string.

Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/glob-parent/package.json

Dependency Hierarchy:

  • eslint-7.32.0.tgz (Root Library)
    • ❌ glob-parent-5.1.2.tgz (Vulnerable Library)

Found in HEAD commit: 9b797f877c39ef1c3817e76133983c4332052454

Found in base branch: master

Vulnerability Details

The package glob-parent before 6.0.1 are vulnerable to Regular Expression Denial of Service (ReDoS)

Publish Date: 2021-06-22

URL: CVE-2021-35065

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-cj88-88mr-972w

Release Date: 2021-06-22

Fix Resolution (glob-parent): 6.0.1

Direct dependency fix Resolution (eslint): 8.0.0

Step up your Open Source Security Game with Mend here

CVE-2022-3224 (High) detected in parse-url-6.0.0.tgz - autoclosed

CVE-2022-3224 - High Severity Vulnerability

Vulnerable Library - parse-url-6.0.0.tgz

An advanced url parser supporting git urls too.

Library home page: https://registry.npmjs.org/parse-url/-/parse-url-6.0.0.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/parse-url/package.json

Dependency Hierarchy:

  • semantic-release-telegram-1.5.1.tgz (Root Library)
    • git-url-parse-11.6.0.tgz
      • git-up-4.0.5.tgz
        • ❌ parse-url-6.0.0.tgz (Vulnerable Library)

Found in base branch: master

Vulnerability Details

Misinterpretation of Input in GitHub repository ionicabizau/parse-url prior to 8.1.0.

Publish Date: 2022-09-15

URL: CVE-2022-3224

CVSS 3 Score Details (9.4)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: Low
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3224

Release Date: 2022-09-15

Fix Resolution: parse-url - 8.1.0

Step up your Open Source Security Game with Mend here

WS-2022-0239 (Medium) detected in parse-url-6.0.0.tgz - autoclosed

WS-2022-0239 - Medium Severity Vulnerability

Vulnerable Library - parse-url-6.0.0.tgz

An advanced url parser supporting git urls too.

Library home page: https://registry.npmjs.org/parse-url/-/parse-url-6.0.0.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/parse-url/package.json

Dependency Hierarchy:

  • semantic-release-telegram-1.5.1.tgz (Root Library)
    • git-url-parse-11.6.0.tgz
      • git-up-4.0.5.tgz
        • ❌ parse-url-6.0.0.tgz (Vulnerable Library)

Found in HEAD commit: dd0a7d4da9a8000bf0c587c216284c759a38b136

Found in base branch: master

Vulnerability Details

Cross-Site Scripting via Improper Input Validation (parser differential) in parse-url before 8.0.0.
Through this vulnerability, an attacker is capable to execute malicious JS codes.

Publish Date: 2022-07-02

URL: WS-2022-0239

CVSS 3 Score Details (6.1)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Changed
  • Impact Metrics:
    • Confidentiality Impact: Low
    • Integrity Impact: Low
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://huntr.dev/bounties/5fa3115f-5c97-4928-874c-3cc6302e154e

Release Date: 2022-07-02

Fix Resolution: parse-url - 8.0.0

Step up your Open Source Security Game with Mend here

CVE-2022-0722 (High) detected in parse-url-6.0.0.tgz - autoclosed

CVE-2022-0722 - High Severity Vulnerability

Vulnerable Library - parse-url-6.0.0.tgz

An advanced url parser supporting git urls too.

Library home page: https://registry.npmjs.org/parse-url/-/parse-url-6.0.0.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/parse-url/package.json

Dependency Hierarchy:

  • semantic-release-telegram-1.5.1.tgz (Root Library)
    • git-url-parse-11.6.0.tgz
      • git-up-4.0.5.tgz
        • ❌ parse-url-6.0.0.tgz (Vulnerable Library)

Found in HEAD commit: dd0a7d4da9a8000bf0c587c216284c759a38b136

Found in base branch: master

Vulnerability Details

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository ionicabizau/parse-url prior to 7.0.0.

Publish Date: 2022-06-27

URL: CVE-2022-0722

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: None
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://huntr.dev/bounties/2490ef6d-5577-4714-a4dd-9608251b4226

Release Date: 2022-06-27

Fix Resolution: parse-url - 6.0.1

Step up your Open Source Security Game with Mend here

CVE-2022-1214 (High) detected in axios-0.21.4.tgz, axios-0.25.0.tgz - autoclosed

CVE-2022-1214 - High Severity Vulnerability

Vulnerable Libraries - axios-0.21.4.tgz, axios-0.25.0.tgz

axios-0.21.4.tgz

Promise based HTTP client for the browser and node.js

Library home page: https://registry.npmjs.org/axios/-/axios-0.21.4.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/semantic-release-telegram/node_modules/axios/package.json

Dependency Hierarchy:

  • semantic-release-telegram-1.5.1.tgz (Root Library)
    • base-api-client-1.5.3.tgz
      • ❌ axios-0.21.4.tgz (Vulnerable Library)
axios-0.25.0.tgz

Promise based HTTP client for the browser and node.js

Library home page: https://registry.npmjs.org/axios/-/axios-0.25.0.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/axios/package.json

Dependency Hierarchy:

  • base-api-client-1.5.8.tgz (Root Library)
    • ❌ axios-0.25.0.tgz (Vulnerable Library)

Found in HEAD commit: dd0a7d4da9a8000bf0c587c216284c759a38b136

Found in base branch: master

Vulnerability Details

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository axios/axios prior to 0.26.

Publish Date: 2022-05-03

URL: CVE-2022-1214

CVSS 3 Score Details (8.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: Low
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://huntr.dev/bounties/ef7b4ab6-a3f6-4268-a21a-e7104d344607/

Release Date: 2022-05-03

Fix Resolution: axios - v0.26.0

Step up your Open Source Security Game with WhiteSource here

WS-2022-0237 (High) detected in parse-url-6.0.0.tgz - autoclosed

WS-2022-0237 - High Severity Vulnerability

Vulnerable Library - parse-url-6.0.0.tgz

An advanced url parser supporting git urls too.

Library home page: https://registry.npmjs.org/parse-url/-/parse-url-6.0.0.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/parse-url/package.json

Dependency Hierarchy:

  • semantic-release-telegram-1.5.1.tgz (Root Library)
    • git-url-parse-11.6.0.tgz
      • git-up-4.0.5.tgz
        • ❌ parse-url-6.0.0.tgz (Vulnerable Library)

Found in HEAD commit: dd0a7d4da9a8000bf0c587c216284c759a38b136

Found in base branch: master

Vulnerability Details

Regular Expression Denial of Service (ReDoS) in ionicabizau/parse-url before 8.0.0.
It allows cause a denial of service when calling function parse-url

Publish Date: 2022-07-04

URL: WS-2022-0237

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2022-07-04

Fix Resolution: parse-url - 8.0.0

Step up your Open Source Security Game with Mend here

CVE-2023-26159 (Medium) detected in follow-redirects-1.15.2.tgz

CVE-2023-26159 - Medium Severity Vulnerability

Vulnerable Library - follow-redirects-1.15.2.tgz

HTTP and HTTPS modules that follow redirects.

Library home page: https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/follow-redirects/package.json

Dependency Hierarchy:

  • base-api-client-1.5.8.tgz (Root Library)
    • axios-0.25.0.tgz
      • ❌ follow-redirects-1.15.2.tgz (Vulnerable Library)

Found in base branch: master

Vulnerability Details

Versions of the package follow-redirects before 1.15.4 are vulnerable to Improper Input Validation due to the improper handling of URLs by the url.parse() function. When new URL() throws an error, it can be manipulated to misinterpret the hostname. An attacker could exploit this weakness to redirect traffic to a malicious site, potentially leading to information disclosure, phishing attacks, or other security breaches.

Publish Date: 2024-01-02

URL: CVE-2023-26159

CVSS 3 Score Details (6.1)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Changed
  • Impact Metrics:
    • Confidentiality Impact: Low
    • Integrity Impact: Low
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://www.cve.org/CVERecord?id=CVE-2023-26159

Release Date: 2024-01-02

Fix Resolution (follow-redirects): 1.15.4

Direct dependency fix Resolution (base-api-client): 1.5.9

Step up your Open Source Security Game with Mend here

Feature: specify sprint on export log

Allow to specify sprints on export log.

  1. Add or disable backlog
  2. all option
  3. sprints, were open on specified period by default

Please follow the general troubleshooting steps first:

  • I've searched on the issue tracker before creating one.
  • I'm running the latest package version.
  • I'm ready to provide help with enhancement if needed.

WS-2021-0638 (High) detected in mocha-9.2.0.tgz - autoclosed

WS-2021-0638 - High Severity Vulnerability

Vulnerable Library - mocha-9.2.0.tgz

simple, flexible, fun test framework

Library home page: https://registry.npmjs.org/mocha/-/mocha-9.2.0.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/mocha/package.json

Dependency Hierarchy:

  • ❌ mocha-9.2.0.tgz (Vulnerable Library)

Found in base branch: master

Vulnerability Details

There is regular Expression Denial of Service (ReDoS) vulnerability in mocha.
It allows cause a denial of service when stripping crafted invalid function definition from strs.

Publish Date: 2021-09-18

URL: WS-2021-0638

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://huntr.dev/bounties/1d8a3d95-d199-4129-a6ad-8eafe5e77b9e/

Release Date: 2021-09-18

Fix Resolution: https://github.com/mochajs/mocha/commit/61b4b9209c2c64b32c8d48b1761c3b9384d411ea

Step up your Open Source Security Game with Mend here

CVE-2022-2218 (Medium) detected in parse-url-6.0.0.tgz - autoclosed

CVE-2022-2218 - Medium Severity Vulnerability

Vulnerable Library - parse-url-6.0.0.tgz

An advanced url parser supporting git urls too.

Library home page: https://registry.npmjs.org/parse-url/-/parse-url-6.0.0.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/parse-url/package.json

Dependency Hierarchy:

  • semantic-release-telegram-1.5.1.tgz (Root Library)
    • git-url-parse-11.6.0.tgz
      • git-up-4.0.5.tgz
        • ❌ parse-url-6.0.0.tgz (Vulnerable Library)

Found in HEAD commit: dd0a7d4da9a8000bf0c587c216284c759a38b136

Found in base branch: master

Vulnerability Details

Cross-site Scripting (XSS) - Stored in GitHub repository ionicabizau/parse-url prior to 7.0.0.

Publish Date: 2022-06-27

URL: CVE-2022-2218

CVSS 3 Score Details (6.1)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Changed
  • Impact Metrics:
    • Confidentiality Impact: Low
    • Integrity Impact: Low
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://huntr.dev/bounties/024912d3-f103-4daf-a1d0-567f4d9f2bf5/

Release Date: 2022-06-27

Fix Resolution: parse-url - 6.0.1

Step up your Open Source Security Game with Mend here

CVE-2021-44906 (High) detected in minimist-1.2.5.tgz - autoclosed

CVE-2021-44906 - High Severity Vulnerability

Vulnerable Library - minimist-1.2.5.tgz

parse argument options

Library home page: https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz

Dependency Hierarchy:

  • html-to-text-8.1.0.tgz (Root Library)
    • ❌ minimist-1.2.5.tgz (Vulnerable Library)

Found in HEAD commit: a9b492bbdbcf1295abd8dc397e187df7dccb74ef

Found in base branch: master

Vulnerability Details

Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).

Publish Date: 2022-03-17

URL: CVE-2021-44906

CVSS 3 Score Details (9.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2022-03-17

Fix Resolution (minimist): 1.2.6

Direct dependency fix Resolution (html-to-text): 8.1.1

Step up your Open Source Security Game with Mend here

Feature: Imporove issue sort in log handler

Is your feature request related to a problem? Please describe.
Now issues are sorted by id.

Describe the solution you'd like
Sort issues by last transition to development
Such sorting should be optional (or order field included into export handler, so log handler wont sort any tasks)

Describe alternatives you've considered

Discover ability to split periods by transitions

CVE-2022-2217 (Medium) detected in parse-url-6.0.0.tgz - autoclosed

CVE-2022-2217 - Medium Severity Vulnerability

Vulnerable Library - parse-url-6.0.0.tgz

An advanced url parser supporting git urls too.

Library home page: https://registry.npmjs.org/parse-url/-/parse-url-6.0.0.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/parse-url/package.json

Dependency Hierarchy:

  • semantic-release-telegram-1.5.1.tgz (Root Library)
    • git-url-parse-11.6.0.tgz
      • git-up-4.0.5.tgz
        • ❌ parse-url-6.0.0.tgz (Vulnerable Library)

Found in HEAD commit: dd0a7d4da9a8000bf0c587c216284c759a38b136

Found in base branch: master

Vulnerability Details

Cross-site Scripting (XSS) - Generic in GitHub repository ionicabizau/parse-url prior to 7.0.0.

Publish Date: 2022-06-27

URL: CVE-2022-2217

CVSS 3 Score Details (6.1)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Changed
  • Impact Metrics:
    • Confidentiality Impact: Low
    • Integrity Impact: Low
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://huntr.dev/bounties/4e046c63-b1ca-4bcc-b418-29796918a71b/

Release Date: 2022-06-27

Fix Resolution: parse-url - 6.0.1

Step up your Open Source Security Game with Mend here

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Rate-Limited

These updates are currently rate-limited. Click on a checkbox below to force their creation now.

  • Upgrade: Update pustovitDmytro's packages (base-api-client, myrmidon)
  • Chore: Update devDependencies (non-major) (@babel/cli, @babel/core, @babel/node, @babel/plugin-proposal-class-properties, @babel/plugin-proposal-decorators, @babel/plugin-proposal-object-rest-spread, @babel/plugin-proposal-optional-chaining, @babel/preset-env, @babel/runtime, @semantic-release/changelog, chai, chance, eslint-config-incredible, eslint-plugin-censor, eslint-plugin-import, eslint-plugin-no-secrets, eslint-plugin-node, eslint-plugin-regexp, eslint-plugin-security, eslint-plugin-sonarjs, fs-extra, jscpd, lockfile-lint, mocha, mocha-junit-reporter, node-package-tester, semantic-release-telegram, winston-array-transport)
  • Upgrade: Update dependency dayjs to v1.11.11
  • Upgrade: Update dependency html-to-text to v8.2.1
  • Upgrade: Update dependency triple-beam to v1.4.1
  • Upgrade: Update dependency winston to v3.13.0
  • Upgrade: Update dependency yargs to v17.7.2
  • Upgrade: Update dependency fs-extra to v11
  • Upgrade: Update dependency html-to-text to v9
  • Upgrade: Update dependency inquirer to v9
  • Upgrade: Update dependency uuid to v9
  • chore: update actions/checkout action to v4
  • chore: update actions/setup-node action to v4
  • πŸ” Create all rate-limited PRs at once πŸ”

Pending Status Checks

These updates await pending status checks. To force their creation now, click the checkbox below.

  • chore: update github/codeql-action action to v3

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

Detected dependencies

github-actions
.github/workflows/codeql.yml
  • actions/checkout v3
  • github/codeql-action v2
  • github/codeql-action v2
  • github/codeql-action v2
.github/workflows/npt.yml
  • actions/checkout v2
  • actions/setup-node v2
  • actions/setup-node v2
npm
package.json
  • base-api-client 1.5.8
  • chalk 4.1.2
  • dayjs 1.10.7
  • fs-extra 10.0.0
  • html-to-text 8.1.0
  • inquirer 8.2.0
  • ms 2.1.3
  • myrmidon 1.7.2
  • triple-beam 1.3.0
  • uuid 8.3.2
  • winston 3.6.0
  • yargs 17.3.1
  • @babel/cli ^7.17.0
  • @babel/core ^7.17.0
  • @babel/node ^7.16.8
  • @babel/plugin-proposal-class-properties ^7.16.7
  • @babel/plugin-proposal-decorators ^7.17.0
  • @babel/plugin-proposal-object-rest-spread ^7.16.7
  • @babel/plugin-proposal-optional-chaining ^7.16.7
  • @babel/polyfill ^7.12.1
  • @babel/preset-env ^7.16.11
  • @babel/runtime ^7.17.0
  • @commitlint/cli ^13.2.1
  • @commitlint/lint ^13.2.0
  • @semantic-release/changelog ^6.0.1
  • @semantic-release/git ^10.0.1
  • babel-plugin-module-resolver ^4.1.0
  • babel-plugin-shebang ^1.0.0
  • chai ^4.3.6
  • chance ^1.1.8
  • cls-hooked ^4.2.2
  • conventional-changelog-eslint ^3.0.9
  • coveralls ^3.1.1
  • danger ^10.9.0
  • dotenv ^10.0.0
  • eslint ^7.32.0
  • eslint-config-incredible ^2.4.1
  • eslint-plugin-censor ^1.5.2
  • eslint-plugin-import ^2.25.4
  • eslint-plugin-markdown ^2.2.1
  • eslint-plugin-mocha ^9.0.0
  • eslint-plugin-no-secrets ^0.8.9
  • eslint-plugin-node ^11.1.0
  • eslint-plugin-promise ^5.2.0
  • eslint-plugin-regexp ^1.5.1
  • eslint-plugin-scanjs-rules ^0.2.1
  • eslint-plugin-security ^1.4.0
  • eslint-plugin-sonarjs ^0.11.0
  • eslint-plugin-unicorn ^36.0.0
  • fs-extra ^10.0.0
  • husky ^7.0.4
  • jscpd ^3.4.5
  • json-query ^2.2.2
  • lockfile-lint ^4.6.2
  • mocha ^9.2.0
  • mocha-junit-reporter ^2.0.2
  • mock-stdin ^1.0.0
  • node-package-tester ^1.3.4
  • nyc ^15.1.0
  • semantic-release ^19.0.5
  • semantic-release-telegram ^1.6.0
  • test-console ^2.0.0
  • winston-array-transport ^1.1.7
  • node >=10
  • Check this box to trigger a request for Renovate to run again on this repository

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    πŸ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. πŸ“ŠπŸ“ˆπŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❀️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.