[Snyk] Upgrade chokidar from 2.0.3 to 2.1.8

[snyk-bot]

Snyk has created this PR to upgrade chokidar from 2.0.3 to 2.1.8.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 9 versions ahead of your current version.
• The recommended version was released 2 years ago, on 2019-08-21.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) npm:sshpk:20180409	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution npm:extend:20180424	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution npm:deep-extend:20180409	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Arbitrary File Overwrite SNYK-JS-TAR-174125	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Arbitrary File Write SNYK-JS-TAR-1579155	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-SETVALUE-450213	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-1540541	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-SETVALUE-450213	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-1540541	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-MIXINDEEP-450212	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-INI-1048974	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Arbitrary File Overwrite SNYK-JS-FSTREAM-174725	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-AJV-584908	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:tough-cookie:20170905	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Uninitialized Memory Exposure npm:stringstream:20180511	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Mature
	Prototype Pollution npm:hoek:20180212	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Validation Bypass SNYK-JS-KINDOF-537849	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: chokidar

• 2.1.8 - 2019-08-21
• 2.1.6 - 2019-05-15
• 2.1.5 - 2019-03-22
• 2.1.4 - 2019-03-22
• 2.1.3 - 2019-03-22
• 2.1.2 - 2019-02-18
• 2.1.1 - 2019-02-11
• 2.1.0 - 2019-02-05
• 2.0.4 - 2018-06-18
• 2.0.3 - 2018-03-23

from chokidar GitHub release notes

Commit messages

Package name: chokidar

• a609619 Release 2.1.8, fix npm tag.
• e3e5ed0 Release 2.1.7.
• 29a6391 Don't use fsevents if API is changed (related to 2 version). (Update ts-node to version 1.7.0 🚀 railsware/upterm#875, closes Update ts-node to version 1.5.2 🚀 railsware/upterm#827)
• 8f5be3c Release 2.1.6.
• ccb5624 fix Update lodash to version 4.16.4 🚀 railsware/upterm#806: Chokidar doesn't let process exit when watching globs with subfolders (Update mocha to version 3.1.2 🚀 railsware/upterm#818)
• 3595b42 Release 2.1.5.
• b79120b Revert "A better workaround for atomic writes (Update electron-prebuilt to version 1.4.2 🚀 railsware/upterm#791)"
• fc243cd Release 2.1.4.
• 4954842 add typing to event listeners (Update ts-node to version 1.4.1 🚀 railsware/upterm#811)
• 1ea6388 Release 2.1.3.
• d60635f Update README.
• a8f64aa bump upath version to fix problems related with yarn (Update ts-node to version 1.4.0 🚀 railsware/upterm#808)
• 8f56261 A better workaround for atomic writes (Update electron-prebuilt to version 1.4.2 🚀 railsware/upterm#791)
• 20cb767 Release 2.1.2.
• ca092de Update changelog
• 75e6043 Add TypeScript type definitions (Update npm-check-updates to version 2.8.3 🚀 railsware/upterm#801)
• 24f13bb always fire "changed" event if mtime has been changed (Windows Support railsware/upterm#800)
• 3e2e9f3 Copyright 2012-2019!
• d34e55e Release 2.1.1.
• 4388428 Reshuffle package.json
• c5f9718 handle simultaneous change of LastAccessTime and ModifiedTime (Update electron-builder to version 7.10.1 🚀 railsware/upterm#793)
• c7cf6e9 Update changelog.
• 12b45c1 Update changelog.
• 0f25353 Release 2.1.0.

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs