[Snyk] Upgrade atom-package-manager from 2.6.2 to 2.6.5

[snyk-bot]

Snyk has created this PR to upgrade atom-package-manager from 2.6.2 to 2.6.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 3 versions ahead of your current version.
• The recommended version was released a year ago, on 2021-07-08.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Arbitrary File Write SNYK-JS-TAR-1579155	425/1000 Why? CVSS 8.5	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	425/1000 Why? CVSS 8.5	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	425/1000 Why? CVSS 8.5	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	425/1000 Why? CVSS 8.5	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	425/1000 Why? CVSS 8.5	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	425/1000 Why? CVSS 8.5	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	425/1000 Why? CVSS 8.5	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	425/1000 Why? CVSS 8.5	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	425/1000 Why? CVSS 8.5	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	425/1000 Why? CVSS 8.5	No Known Exploit
	Information Exposure SNYK-JS-SIMPLEGET-2361683	425/1000 Why? CVSS 8.5	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	425/1000 Why? CVSS 8.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	425/1000 Why? CVSS 8.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	425/1000 Why? CVSS 8.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	425/1000 Why? CVSS 8.5	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	425/1000 Why? CVSS 8.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: atom-package-manager

• 2.6.5 - 2021-07-08
• 2.6.4 - 2021-06-21
  

  2.6.4

• 2.6.3 - 2021-06-12
  

  2.6.3

• 2.6.2 - 2021-04-28
  

  2.6.2

from atom-package-manager GitHub release notes

Commit messages

Package name: atom-package-manager

• ade8fbe 2.6.5
• bfff078 Merge pull request Add new helper functions from git-utils@0.26.0 atom/atom#931 from atom/bump-first-mate
• 00620c5 Merge pull request Add docs on creating UI elements atom/atom#932 from atom/remove-node-12-from-node-matrix
• 7bc64eb Remove node 12 from the node matrix
• 42134ae Bump first-mate
• 5b4fe79 2.6.4
• 08ab57b Merge pull request Link to line of code or file on github.com from editor atom/atom#926 from atom/bump-git-utils
• 6de2105 Bump git-utils@5.7.2
• 1ae38cb Merge branch 'master' of github.com:atom/apm
• e21b21b 2.6.3
• b338166 Merge pull request Create repos for converted TextMate bundles atom/atom#925 from atom/update-bundled-node-version
• 5153fe1 Update bundled node version to 12.18.3
• 0057189 Merge pull request Use Travis CI for Atom packages atom/atom#924 from DeeDeeG/no-deduping-in-postinstall
• 7be56b8 script: Remove automatic deduping from postinstall
• 231324c Merge pull request Only reload active package stylesheets atom/atom#922 from atom/update-keytar
• b91b030 ⬆️ Bump keytar@7.7.0

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs