Nomnom version 1.8.0 introduces notable changes for developers compared to its predecessor, version 1.7.0. The core functionality, providing an option parser with generated usage and commands, remains consistent. However, the dependency management has been refined.
A significant update is the replacement of the "colors" dependency (0.5.x in v1.7.0) with "chalk" (~0.4.0) in v1.8.0. Chalk is known for providing more robust and customizable terminal styling capabilities. This shift suggests an enhanced focus on the visual presentation of command-line interfaces generated by Nomnom. Developers leveraging Nomnom to build CLI tools will benefit from Chalk's features for improved user experience through clearer and more engaging output.
Furthermore, the "underscore" dependency has been upgraded from "~1.4.4" to "~1.6.0". This update brings in performance improvements, bug fixes, and potentially new utility functions offered by the Underscore library. While not a breaking change, developers should consult Underscore's changelog to understand specific improvements. The upgrade should provide subtle performance boost as well as more stability.
Both versions maintain the same development dependencies (nodeunit ~0.7.4) and repository details. The release dates indicate a fairly rapid iteration with approximately one month separating the releases, showing an active project. Ultimately, the upgrade to version 1.8.0 is recommended for developers seeking better terminal styling with Chalk and potential performance enhancements offered by the updated Underscore library.
All the vulnerabilities related to the version 1.8.0 of the package
Arbitrary Code Execution in underscore
The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Execution via the template function, particularly when a variable property is passed as an argument as it is not sanitized.
