[Snyk] Fix for 45 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:

  • package.json

• Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches.
  Find out more.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	619/1000 Why? Has a fix available, CVSS 8.1	Prototype Pollution SNYK-JS-AJV-584908	Yes	No Known Exploit
	616/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.9	Server-Side Request Forgery (SSRF) SNYK-JS-AXIOS-1038255	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Denial of Service (DoS) SNYK-JS-AXIOS-174505	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-ENGINEIO-1056749	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-HIGHLIGHTJS-1048676	No	No Known Exploit
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-INI-1048974	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891	Yes	Proof of Concept
	509/1000 Why? Has a fix available, CVSS 5.9	Denial of Service (DoS) SNYK-JS-JSYAML-173999	Yes	No Known Exploit
	619/1000 Why? Has a fix available, CVSS 8.1	Arbitrary Code Execution SNYK-JS-JSYAML-174129	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	Yes	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASH-1040724	Yes	Proof of Concept
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution SNYK-JS-LODASH-567746	Yes	Proof of Concept
	704/1000 Why? Has a fix available, CVSS 9.8	Prototype Pollution SNYK-JS-LODASH-590103	Yes	No Known Exploit
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-608086	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-174116	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-451540	No	No Known Exploit
	520/1000 Why? Has a fix available, CVSS 5.9	Regular Expression Denial of Service (ReDoS ) SNYK-JS-MARKED-584281	No	No Known Exploit
	751/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.6	Command Injection SNYK-JS-NODEMAILER-1038834	Yes	Proof of Concept
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	HTTP Header Injection SNYK-JS-NODEMAILER-1296415	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Insertion of Sensitive Information into Log File SNYK-JS-NPMREGISTRYFETCH-575432	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-REDIS-1255645	Yes	No Known Exploit
	619/1000 Why? Has a fix available, CVSS 8.1	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-536840	Yes	No Known Exploit
	706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7	Arbitrary Code Injection SNYK-JS-SERIALIZEJAVASCRIPT-570062	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Insecure Defaults SNYK-JS-SOCKETIO-1024859	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-SOCKETIOPARSER-1056752	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1085630	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	Yes	Proof of Concept
	696/1000 Why? Recently disclosed, Has a fix available, CVSS 8.2	Arbitrary File Overwrite SNYK-JS-TAR-1536528	Yes	No Known Exploit
	696/1000 Why? Recently disclosed, Has a fix available, CVSS 8.2	Arbitrary File Overwrite SNYK-JS-TAR-1536531	Yes	No Known Exploit
	481/1000 Why? Recently disclosed, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	Yes	No Known Exploit
	671/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7	Command Injection SNYK-JS-TREEKILL-536781	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	Yes	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Improper Input Validation SNYK-JS-URLPARSE-1078283	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Open Redirect SNYK-JS-URLPARSE-1533425	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	Yes	Proof of Concept
	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Arbitrary Code Injection SNYK-JS-XMLHTTPREQUESTSSL-1082936	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Access Restriction Bypass SNYK-JS-XMLHTTPREQUESTSSL-1255647	Yes	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-YARGSPARSER-560381	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:braces:20180219	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:jasmine-core:20180216	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: assets-webpack-plugin

The new version differs by 1 commits.

• d8c0de7 Promote to v4.0.0

See the full diff

Package name: copy-webpack-plugin

The new version differs by 70 commits.

• 650d44d chore(release): 5.1.2
• a42d63f fix(security): update `serialize-javascript` (introduce normalize.css PatrickJS/PatrickJS-starter#521)
• 96e2315 chore(release): 5.1.1
• 3b79595 fix: allow to setup empty array (Request: hit breakpoints in browser dev tools PatrickJS/PatrickJS-starter#425)
• 5df649c chore(release): 5.1.0
• c936416 refactor: tests (Minor edits PatrickJS/PatrickJS-starter#421)
• 08a4d7f docs: fix
• 8b13bc3 refactor: improve schema
• d155dd0 docs: update ignore instructions (Websockets and proxy PatrickJS/PatrickJS-starter#410)
• 45780be docs: example for placeholders in `to` (router-active.ts is not necessary anymore  PatrickJS/PatrickJS-starter#420)
• 452539a feat: validate options (chore(webpack.prod): correct app designation PatrickJS/PatrickJS-starter#419)
• 4826e56 fix: better to determine when glob is used
• 51c3680 docs: issue 408 (docs(home component): change probably forgotten comment PatrickJS/PatrickJS-starter#418)
• f6f72a7 chore(deps): update
• 0675847 chore(release): 5.0.5
• 9146c2a docs: fix typo (No original files in Debugging Tools after hot-reload PatrickJS/PatrickJS-starter#401)
• 3103940 refactor: minor code refactor (Module parse failed PatrickJS/PatrickJS-starter#399)
• c546871 perf: improvement for webpack@5 (Kendo? Grid? PatrickJS/PatrickJS-starter#406)
• 5db376b chore(deps): update (add whitespace PatrickJS/PatrickJS-starter#409)
• 806eb41 docs: fix broken fragment links (IE11 is still broken in Prod with uglify plugin PatrickJS/PatrickJS-starter#398)
• 6158483 chore(release): 5.0.4
• cd0e9f5 docs: clarify plugin description (Hot reload doesn't work PatrickJS/PatrickJS-starter#395)
• f848140 test: refactor (reflect-metadata shim is required when dist folder deployed to server PatrickJS/PatrickJS-starter#394)
• ff0c736 refactor: tests (Fails on IE11 under Windows 10 PatrickJS/PatrickJS-starter#393)

See the full diff

Package name: css-loader

The new version differs by 80 commits.

• 634ab49 chore(release): 2.0.0
• 6ade2d0 refactor: remove unused file (zone.js@0.6.14 breaks build 🚨 PatrickJS/PatrickJS-starter#860)
• e7525c9 test: nested url (Update awesome-typescript-loader to version 2.2.1 🚀 PatrickJS/PatrickJS-starter#859)
• 7259faa test: css hacks (Update awesome-typescript-loader to version 2.2.0 🚀 PatrickJS/PatrickJS-starter#858)
• 5e6034c feat: allow to filter import at-rules (Webpack is not watching my changes in a new directory. PatrickJS/PatrickJS-starter#857)
• 5e702e7 feat: allow filtering urls (Github deploy Http.get not working PatrickJS/PatrickJS-starter#856)
• 9642aa5 test: css stuff (url resolution in css files, global css support and sass support at separate branch PatrickJS/PatrickJS-starter#855)
• 3338656 fix: reduce number of require for url (Uncaught reflect-metadata shim is required when using class decorators PatrickJS/PatrickJS-starter#854)
• 533abbe test: issue 636 (ERROR with UglifyJs when building npm start build:prod PatrickJS/PatrickJS-starter#853)
• 08c551c refactor: better warning on invalid url resolution (Link to slack chat broken (404) PatrickJS/PatrickJS-starter#852)
• b0aa159 test: issue How to build app current app using web pack?  PatrickJS/PatrickJS-starter#589 (VS Code Launch.json PatrickJS/PatrickJS-starter#851)
• f599c70 fix: broken unucode characters (Update karma to version 1.2.0 🚀 PatrickJS/PatrickJS-starter#850)
• 1e551f3 test: issue 286 (Material2 alpha.7-2 PatrickJS/PatrickJS-starter#849)
• 419d27b docs: improve readme (SSL setup in webpack PatrickJS/PatrickJS-starter#848)
• d94a698 refactor: webpack-default (Update parse5 to version 2.2.0 🚀 PatrickJS/PatrickJS-starter#847)
• b97d997 feat: schema options
• 453248f fix: support module resolution in composes (Cannot find name 'Promise'. In Visual Studio Code PatrickJS/PatrickJS-starter#845)
• 8a6ea10 refactor: postcss plugins (checkNodeImport is never used! PatrickJS/PatrickJS-starter#844)
• fdcf687 fix: url resolving logic (update to rc.5 PatrickJS/PatrickJS-starter#843)
• 889dc7f feat: allow to disable css modules and disable their by default (chore: update deprecated test functions PatrickJS/PatrickJS-starter#842)
• ee2d253 test: importLoaders option (Update protractor to version 4.0.3 🚀 PatrickJS/PatrickJS-starter#841)
• 1dad1fb feat: reuse postcss ast from other loaders (i.e `postcss-loader`) (npm start fails PatrickJS/PatrickJS-starter#840)
• fe94ebc test: icss reserved keywords (How to include server side code PatrickJS/PatrickJS-starter#839)
• 9eaba66 refactor: migrate on message api for postcss-icss-plugin (Update karma-webpack to version 1.8.0 🚀 PatrickJS/PatrickJS-starter#838)

See the full diff

Package name: karma

The new version differs by 250 commits.

• 3653caf chore(release): 6.0.0 [skip ci]
• 04a811d fix(ci): abandon browserstack tests for Safari and IE (#3615)
• 4bf90f7 feat(client): update banner with connection, test status, ping times (#3611)
• 68c4a3a chore(test): run client tests without grunt wrapper (#3604)
• fec972f fix(middleware): catch errors when loading a module (#3605)
• 3fca456 fix(server): clean up close-server logic (#3607)
• 1c9c2de fix(test): mark all second connections reconnects (#3598)
• 87f7e5e chore(license): Update copyright notice to 2020 [ci skip] (#3568)
• e6b045f chore(deps): npm audit fix the package-lock.json (#3603)
• 3c649fa chore(build): remove obsolete Grunt tasks (#3602)
• 8997b74 fix(test): clear up clearContext (#3597)
• fe0e24a chore(build): unify client bundling scripts (#3600)
• 1a65bf1 feat(server): remove deprecated static methods (#3595)
• fb76ed6 chore(test): remove usage of deprecated buffer API (#3596)
• 35a5842 feat(server): print stack of unhandledrejections (#3593)
• 4a8178f fix(client): do not reset karmaNavigating in unload handler (#3591)
• 603bbc0 feat(cli): error out on unexpected options or parameters (#3589)
• 7a3bd55 feat: remove support for running dart code in the browser (#3592)
• 1b9e1de fix(deps): bump socket-io to v3 (#3586)
• 3fed0bc fix(cve): update yargs to 16.1.1 to fix cve-2020-7774 in y18n (#3578)
• f819fa8 fix(cve): update ua-parser-js to 0.7.23 to fix CVE-2020-7793 (#3584)
• 05dc288 fix(context): do not error when karma is navigating (#3565)
• e5086fc docs: clarify `browser_complete` vs `run_complete`
• ead31cd chore(release): 5.2.3 [skip ci]

See the full diff

Package name: karma-coverage

The new version differs by 36 commits.

• 32acafa chore(release): 2.0.2 [skip ci]
• bb8f9ee chore: add semantic-release for project - fix Remove unnecessary comma and empty line PatrickJS/PatrickJS-starter#408 (Routes in components (navbar) not working in prod PatrickJS/PatrickJS-starter#413)
• 9c37de6 chore: add check commit message (PrimeNG integration PatrickJS/PatrickJS-starter#411)
• 27822c9 ci(test): use eslint as ci command and add all js files to check by eslint (Websockets and proxy PatrickJS/PatrickJS-starter#410)
• 1adb27a ci: drop node 8, adopt node 12 (add whitespace PatrickJS/PatrickJS-starter#409)
• 4962a70 fix(reporter): update calls to match new API in istanbul-lib-report fix IE11 is still broken in Prod with uglify plugin PatrickJS/PatrickJS-starter#398 (Build Configuration Customisation PatrickJS/PatrickJS-starter#403)
• fc6e289 refactor: remove isAbsolute and replace with path.isAbsolute (Set default state of a checkbox PatrickJS/PatrickJS-starter#405)
• 83bafc3 refactor: replace migrate coffee unit tests to modern JS (Update dependencies PatrickJS/PatrickJS-starter#407)
• 49f174d refactor: onRunComplete method to upgrade on new major version of Istanbul (Kendo? Grid? PatrickJS/PatrickJS-starter#406)
• 4cfa697 chore: Update dev Dependencies eslint and load-grunt-tasks (Bump tslint-loader to 2.1.3  PatrickJS/PatrickJS-starter#387)
• 5cf931a fix: remove information about old istanbul lib (update to beta.9 PatrickJS/PatrickJS-starter#404)
• 352254a chore(deps): bump handlebars from 4.1.2 to 4.5.3 (Module parse failed PatrickJS/PatrickJS-starter#399)
• 0ee780c chore(deps): bump lodash.template from 4.4.0 to 4.5.0 (Bootstrap 4 + Sass setup fails on fresh install PatrickJS/PatrickJS-starter#392)
• d18cde4 chore(deps-dev): bump eslint from 2.13.1 to 4.18.2 (Prod build crashes after today's changes PatrickJS/PatrickJS-starter#397)
• 55aeead Update Source Map Handling (reflect-metadata shim is required when dist folder deployed to server PatrickJS/PatrickJS-starter#394)
• b23664e Added debug msg whether coverage is in reporters (Is the development experience supposed to be that slow? PatrickJS/PatrickJS-starter#396)
• d3f53e3 chore(all): Migrate to ES6 (Minify html template PatrickJS/PatrickJS-starter#385)
• 9c8a222 Make travis file simpler (Best way to pass variables through Webpack? PatrickJS/PatrickJS-starter#386)
• b76db9e Remove unused dateformat dependency (developement mode fails in IE11, latest beta.8 PatrickJS/PatrickJS-starter#384)
• 075ece0 Remove unused istanbul dependency (Import with alias PatrickJS/PatrickJS-starter#382)
• 9184fc0 chore: release v2.0.1
• 57d4bd3 chore(deps): npm audit fix --force; update travis.yml (How to deploy with PM2? PatrickJS/PatrickJS-starter#380)
• 0e2800b chore: release v2.0.0
• 99c0c35 chore: update contributors

See the full diff

Package name: node-sass

The new version differs by 57 commits.

• c167004 6.0.1
• 911d4db remove mkdirp dep (#3108)
• 30a52f7 build(deps): bump meow from 3.7.0 to 9.0.0
• 7e08463 build(deps-dev): bump mocha from 8.4.0 to 9.0.1
• cfcbb2c chore: Use default Apline version from docker-node (#3121)
• 886319b chore: Drop Node 10 support
• c908f4f fix: Bump OSX minimum to 10.11
• 8ab02da fix: Remove old compiler gyp settings
• 3d7b9d0 chore: Add Node 16 support
• 4115e9d build(deps): bump actions/setup-node from v2.1.4 to v2.1.5
• 06f3ab4 Update TROUBLESHOOTING.md
• c1cb367 build(deps): bump actions/setup-node from v2.1.3 to v2.1.4
• 769f3a6 build(deps): bump actions/setup-node from v2.1.2 to v2.1.3
• a2a3a78 chore: Bump dependabot limit
• 7105b0a 5.0.0 (#3015)
• 0648b5a chore: Add Node 15 support (#2983)
• e2391c2 Add a deprecation message to the readme (#3011)
• 6a33e53 chore: Don't upload artifacts on PRs
• d763506 chore: Only run coverage on main repo
• d4ebe72 build(deps): update actions/setup-node requirement to v2.1.2
• 2bebe05 build(deps-dev): bump rimraf from 2.7.1 to 3.0.2
• f877689 chore: Don't double build DependaBot PRs
• b48fac4 chore: Add weekly DependaBot updates
• 91c40a0 Remove deprecated process.sass API

See the full diff

Package name: protractor

The new version differs by 63 commits.

• 5d8da04 chore(release): version bump to 6.0.0 and update the changelog
• d777738 chore(tests): circleci - chrome 69 requires chromdriver to 2.44 (#5182)
• 3d50b68 chore(deps): update based on npm audit
• e478ba8 chore(release): bump version to 6.0.1-beta
• 7054827 chore(types): fix types to use not @ types/selenium-webdriver (#5127)
• 2e5c2e6 chore(jasmine): prevent random execution order in jasmine 3 (#5126)
• 8afc4e2 chore(release): release 6.0.0-beta and update the changelog
• 5fd711c chore(webdriver-manager): use webdriver-manager@13.0.0-beta
• 96ae17c deps(jasmine): upgrade jasmine 3.3 (#5102)
• 68491dd chore(expectedConditions): update generic Function typings (#5101)
• cf43651 chore(debugprint): convert debugprint to TypeScript (#5074)
• d213aa9 deps(selenium): upgrade to selenium 4 (#5095)
• 4672265 chore(browser): remove timing issues with restart and fork (#5085)
• b4dbcc2 chore(elementexplorer): remove explorer bin file (#5094)
• 7de6d85 docs(api): update examples to use async/await (#5081)
• 1b2036e typings(selenium): try out new version of typings (#5084)
• befb457 chore(bin): update webdriver-manager require to use the cli (#5093)
• 509f1b2 deps(latest): upgrade to the gulp and typescript (#5089)
• 2def202 deps(webdriver-manager): use replacement (#5088)
• 9d510db chore(test): remove jasmine addMatcher test (#5072)
• 6522e40 chore(cleanup): clean up imports and wdpromises (#5073)
• 3b8f263 chore(ignoreSynchornization): clean up to use waitForAngularEnabled (#5071)
• ffa3519 chore(debugger): remove debugger and explore methods (#5070)
• 0f7a38a chore(test): error tests fixed (#5069)

See the full diff

Package name: typedoc

The new version differs by 250 commits.

• 5b3e56b chore: Bump version to 0.18.0
• 14eb245 chore: Upgrade dependencies
• cce8bf6 Merge remote-tracking branch 'origin/fix/1263'
• 2f8d295 BREAKING CHANGE: Bump minimum node version to 10
• a0a8f14 chore(deps): bump lodash from 4.17.15 to 4.17.19
• 021261c chore: Fix lint
• 23482c5 chore: Rebuild renderer test
• 7fc721c fix: Improve support for type aliases
• f582eb3 fix: Examples don't run (Tons of error in console after npm install and npm start PatrickJS/PatrickJS-starter#1327)
• ea1cdcb chore: Fix invalid renderer test failure
• 82a7e76 chore: Update rendered specs
• 471d36e chore: Bump version to 0.17.8
• 7b54288 Merge branch 'master' of https://github.com/TypeStrong/typedoc
• c7eabf7 fix: Use `baseUrl` to determine file paths ( .. PatrickJS/PatrickJS-starter#1313)
• d704709 fix: Support resolveJsonModule
• e553af2 fix: Do not ignore the properties of object type literals (script-ext-html-webpack-plugin@1.3.5 breaks build 🚨 PatrickJS/PatrickJS-starter#1308)
• 30fab7a fix: GithubPlugin: read correct remote when multiple github repos exist
• 48090b7 chore: Add note about ignoreCompilerErrors
• 9118a5c chore: Bump version to 0.17.7
• 9b586db fix: copy inherited parameter descriptions (All guides deprecated: how to simply load bootstrap 3 and jquery in 5.1.1 PatrickJS/PatrickJS-starter#1303)
• 8edb17c fix: TypeDoc fails to resolve @ types packages outside of cwd
• 935e10a fix: Trim whitespace when parsing links
• 0708fb8 chore: Fix minimatch pattern error in tests on Windows (Generate external stylesheets PatrickJS/PatrickJS-starter#1304)
• 4fed0bd fix: Module declaration parsed as namespace (AOT with @angular/material PatrickJS/PatrickJS-starter#1301)

See the full diff

Package name: uglifyjs-webpack-plugin

The new version differs by 1 commits.

• 266bb1c chore(release): 2.0.0

See the full diff

Package name: webpack-dev-server

The new version differs by 250 commits.

• c9271b9 chore(release): 4.0.0
• 18bf369 test: fix stability (#3676)
• cdcabb2 fix: respect protocol from browser for manual setup (#3675)
• 1768d6b fix: initial reloading for lazy compilation (#3662)
• 4f5bab1 docs: improve examples (#3672)
• f2d87fb fix: improve https CLI output (#3673)
• 0277c5e chore: remove redundant console statements (#3671)
• 16fcdbc docs: add `ipc` example (#3667)
• 8915fb8 test: add e2e tests for built in routes (#3669)
• 4d1cbe1 docs: ask `version` information in issue template (#3668)
• b6c1881 chore(deps-dev): bump core-js from 3.16.1 to 3.16.2 (#3666)
• ffa8cc5 chore(deps-dev): bump supertest from 6.1.5 to 6.1.6 (#3665)
• f1fdaa7 chore(release): 4.0.0-rc.1
• c4678bc fix: legacy API (#3660)
• d8bdd03 test: fix stability (#3661)
• 22b1414 refactor: remove `killable` (#3657)
• 75bafbf test: add e2e tests for module federation (#3658)
• 493ccbd chore(deps): update `ws` (#3652)
• ae8c523 test: add e2e test for universal compiler (#3656)
• f94b84f chore(deps): update (#3655)
• 1923132 test: fix cli
• 2adfd01 test: fix todo (#3653)
• 6e2cbde fix: proxy logging and allow to pass options without the `target` option (#3651)
• c9ccc96 fix: respect infastructureLogging.level for client.logging (#3613)

See the full diff

With a Snyk patch:

Severity	Priority Score (*)	Issue	Exploit Maturity
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution npm:hoek:20180212	Proof of Concept
	576/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.1	Uninitialized Memory Exposure npm:tunnel-agent:20170305	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic