[Snyk] Upgrade string-width from 4.1.0 to 5.1.2

[snyk-bot]

Snyk has created this PR to upgrade string-width from 4.1.0 to 5.1.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 9 versions ahead of your current version.
• The recommended version was released 6 months ago, on 2022-02-28.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TMPL-1583443	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Arbitrary File Write SNYK-JS-TAR-1579155	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-SETVALUE-450213	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-1540541	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-450213	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-1540541	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-INI-1048974	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-HANDLEBARS-1056767	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-AJV-584908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PROMPTS-1729737	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-NWSAPI-2841516	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Command Injection SNYK-JS-NODENOTIFIER-1035794	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-559764	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-HANDLEBARS-567742	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-HANDLEBARS-1279029	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Validation Bypass SNYK-JS-KINDOF-537849	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: string-width

• 5.1.2 - 2022-02-28
  
  • Internal refactor (#40) 2fe6df9

  v5.1.1...v5.1.2

• 5.1.1 - 2022-02-27
  
  • Fix incorrect default for ambiguousIsNarrow option 483baa1

  v5.1.0...v5.1.1

• 5.1.0 - 2022-01-09
  
  • Add ambiguousIsNarrow option (#34) 8438ea2

  v5.0.1...v5.1.0

• 5.0.1 - 2021-09-13
  
  • Upgrade dependencies (#31) 0a37b98

  v5.0.0...v5.0.1

• 5.0.0 - 2021-04-16
  

  Breaking

  • Require Node.js 12 cec9757
  • This package is now pure ESM. Please read this.

  v4.2.2...v5.0.0

• 4.2.3 - 2021-09-23
  
  • Backport: Upgrade strip-ansi dependency: https://github.com/chalk/strip-ansi/releases/tag/v6.0.1

  v4.2.2...v4.2.3

• 4.2.2 - 2021-02-28
  
  • Improve performance (#28) b319f06

  v4.2.1...v4.2.2

• 4.2.1 - 2021-02-26
  
  • Improve performance by performing an early exit (#27) a9fc011

  v4.2.0...v4.2.1

• 4.2.0 - 2019-11-11
  
  • Update to strip-ansi v6.x (#24) 581d345

  v4.1.0...v4.2.0

• 4.1.0 - 2019-03-31
  
  • Refactor TypeScript definition to CommonJS compatible export (#22) bd785c3

  v4.0.0...v4.1.0

from string-width GitHub release notes

Commit messages

Package name: string-width

• 9f90691 5.1.2
• 2fe6df9 Use `for..of` loop (Support python mirror  felixrieseberg/windows-build-tools#40)
• 8b84b9b Add test for ⬆️ Bump y18n from 4.0.0 to 4.0.3 #2 (The term 'python' is not recognized felixrieseberg/windows-build-tools#39)
• d0d53da 5.1.1
• 483baa1 Fix incorrect default for `ambiguousIsNarrow` option
• 56a47ea 5.1.0
• 8438ea2 Add `ambiguousIsNarrow` option (Options for additional contents during install? felixrieseberg/windows-build-tools#34)
• fd57509 5.0.1
• 0a37b98 Upgrade `strip-ansi` (getaddrinfo ENOTFOUND download.microsoft.com download.microsoft.com:80 while installing build tools .. kindly help here felixrieseberg/windows-build-tools#31)
• 89eb79a 5.0.0
• cec9757 Require Node.js 12 and move to ESM
• 8158802 4.2.2
• b319f06 Improve performance (installation fail due to undefined exception. felixrieseberg/windows-build-tools#28)
• 0ba0a95 4.2.1
• a9fc011 Improve performance by performing an early exit (Installer stuck after printing out 'Successfully installed Visual Studio Build Tools' on windows 10 felixrieseberg/windows-build-tools#27)
• 5ad02fe Move to GitHub Actions (Remove the --global flag from README felixrieseberg/windows-build-tools#25)
• 34bca56 4.2.0
• 581d345 Update to strip-ansi v6.x (chore: Configure Renovate - autoclosed MarcelRaschke/windows-build-tools#24)
• b91fadb Tidelift tasks
• 17d56a3 Create funding.yml
• 5f30aaf Add Node.js 12 to testing (⬆️ Bump json5 from 2.1.0 to 2.2.3 MarcelRaschke/windows-build-tools#23)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs