[Snyk] Upgrade xlsx from 0.14.5 to 0.16.6

[snyk-bot]

Snyk has created this PR to upgrade xlsx from 0.14.5 to 0.16.6.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 14 versions ahead of your current version.
• The recommended version was released a month ago, on 2020-08-12.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-XLSX-585898	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: xlsx

• 0.16.6 - 2020-08-12
  

  version bump 0.16.6: xlfn option

• 0.16.5 - 2020-07-31
  

  version bump 0.16.5: sheet_add_dom (fixes #2073)

• 0.16.4 - 2020-07-16
• 0.16.3 - 2020-06-29
  
  • updated SSF to 0.11.2
  • XLS write support for bookSST
• 0.16.2 - 2020-06-05
  

  version bump 0.16.2

• 0.16.1 - 2020-05-17
  
  • Custom Properties use correct encoding
  • AMD wrapper change (see #1937)
• 0.16.0 - 2020-04-30
  

  closes #1904 h/t

  • @atcazzual : Adam Cazzolla of the Sonatype Security Research team
  • @davisjam : James (Jamie) Davis of Virginia Tech
• 0.15.6 - 2020-03-15
  
  • CFB prevent infinite loop (h/t @rossj)
  • pass updated eslint checks (fixes #1726 h/t @BjoernRave)
  • defined name proper encoding (fixes #1785 h/t @laohe98)
  • correct theme color order (fixes #389 h/t @foreverpw)
  • ODS / XLML more aggressive flagging of stub cells
  • cellStyles implies sheetStubs
  • updated SSF to 0.10.3
• 0.15.5 - 2020-01-28
  

  version bump 0.15.5: sheets option

• 0.15.4 - 2019-12-23
• 0.15.3 - 2019-11-27
• 0.15.2 - 2019-11-15
  

  version bump 0.15.2: actually pass lint tests

• 0.15.1 - 2019-08-14
• 0.15.0 - 2019-08-04
• 0.14.5 - 2019-08-03

from xlsx GitHub release notes

Commit messages

Package name: xlsx

• 2e32611 version bump 0.16.6: xlfn option
• 3b589f0 XLSX SST treat <si></si> as empty (fixes #2083)
• abed474 whitespace check (fixes #2075)
• 554d300 Fixed logic error in `book_append_sheet`
• 78b0119 temporary fix for test suite
• 227f970 version bump 0.16.5: `sheet_add_dom` (fixes #2073)
• 41cc307 Fix encoding wb.WBProps.CodeName
• 4fcb49b fix: move script from 28 to 29
• 6b1f5a0 version bump 0.16.4
• 6127e19 feat(raw-numbers): optional raw numbers
• 9add78a Fix write not working and refactor
• 57b296e Added fix for null value cell.v (#1730)
• 6dc5e88 update test_files
• d45669b add: unicode test cases for cross-sheet names (#2047)
• 5c94936 Add quotes to worksheet references in formulae (#2046)
• 5b08ba7 change test: buffer to string (#2042)
• 8ecbf4d browser test cleanup (#2039)
• 93ec51e Fixed failing travis builds (#2040)
• 8795f86 Commented out fixed version number
• 503fe89 check first 8 bytes for CFB in readSync (#2038)
• 768e1bd version bump 0.16.3
• 5b1440a Update electron demo (#2027)
• 9ec9f4f Add name to SheetProps
• cb2d835 when range is a single cell, s and e hold the same references and thus modifying properties of one affects the other (#2026)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs