Lint-staged saw a minor version bump from 4.0.4 to 4.1.0, introducing several key changes for developers concerned with code quality and Git workflow integration. Version 4.1.0 incorporates notable dependency updates and additions, including chalk for enhanced terminal output styling, jest-validate for robust configuration validation, and stringify-object likely used for improved object serialization/deserialization within the tool. Furthermore, lodash was completely refactored, the specific lodash chunk function was removed and instead the standard lodash library was added
Several developer dependencies were also updated. Most notably Eslint was updated to version 4.5.0 and peer eslint-config-okonet was updated to version 5.0.1. This update helps developers use more modern linting rules and configurations.
These updates collectively aim to improve the developer experience by providing better feedback, easier configuration, and a more robust core tool.
All the vulnerabilities related to the version 4.1.0 of the package
Regular Expression Denial of Service (ReDoS) in cross-spawn
Versions of the package cross-spawn before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string.
