[Snyk] Fix for 26 vulnerabilities

[MaxMood96]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7	Remote Memory Exposure SNYK-JS-BL-608877	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	Proof of Concept
	584/1000 Why? Has a fix available, CVSS 7.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-HAWK-2808852	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTMLMINIFIER-3091181	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Prototype Pollution SNYK-JS-MINIMIST-2429795	Yes	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-MINIMIST-559764	Yes	Proof of Concept
	706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7	Server-side Request Forgery (SSRF) SNYK-JS-NETMASK-1089716	Yes	Proof of Concept
	706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7	Server-side Request Forgery (SSRF) SNYK-JS-NETMASK-6056519	Yes	Proof of Concept
	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Remote Code Execution (RCE) SNYK-JS-PACRESOLVER-1564857	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Improper Input Validation SNYK-JS-POSTCSS-5926692	Yes	No Known Exploit
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	Yes	Proof of Concept
	676/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.1	Information Exposure SNYK-JS-REQUESTRETRY-2411026	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	Yes	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	Yes	Proof of Concept
	596/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.5	Arbitrary Code Injection SNYK-JS-UNDERSCORE-1080984	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-USERAGENT-174737	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Prototype Pollution SNYK-JS-XML2JS-5414874	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:braces:20180219	Yes	Proof of Concept
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution npm:hoek:20180212	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:timespan:20170907	Yes	No Known Exploit
	576/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.1	Uninitialized Memory Exposure npm:tunnel-agent:20170305	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: add-asset-html-webpack-plugin

The new version differs by 61 commits.

• da0dea5 docs: remove `david` from readme
• 7265aba fix: update globby to v11 (feat(sourcemap): Proper source maps for 3rd party packages PatrickJS/PatrickJS-starter#248)
• b9bacc2 docs: update readme withcorrect version ranges
• 4073291 fix: update micromatch to v4 (Adding a UI framework PatrickJS/PatrickJS-starter#199)
• 8387886 fix: remove the hash calculation if hash exists (Include vendor chunk when creating common chunk PatrickJS/PatrickJS-starter#159)
• e84e7d5 fix: fix "compilation.emitAsset" with more than 1 HtmlWebpackPlugins (Get rid of require() in vendor.ts PatrickJS/PatrickJS-starter#236)
• 87590ef chore(ci): cancel in progress builds
• d37deb4 chore(deps): lock file maintenance (Testing - imported module - not exists PatrickJS/PatrickJS-starter#224)
• 0a123f9 chore: lock down stack-utils
• c949ee0 chore: lock down anymatch dependency
• 49eaf2e chore(deps): bump hosted-git-info from 2.8.8 to 2.8.9 ({%= o.webpackConfig.metadata.title %},what this is? PatrickJS/PatrickJS-starter#225)
• 75bf092 chore(deps): bump path-parse from 1.0.6 to 1.0.7 (Add CompressionPlugin PatrickJS/PatrickJS-starter#234)
• 316c03a chore(deps): update codecov/codecov-action action to v2 (Serving assets in npm start PatrickJS/PatrickJS-starter#232)
• ed9e132 chore(deps): bump tmpl from 1.0.4 to 1.0.5 (feat(webpack): add compression plugin PatrickJS/PatrickJS-starter#237)
• c5cf273 chore(deps): bump ws from 5.2.2 to 5.2.3 (Typings main.d.ts not referenced in tsconfig.json? PatrickJS/PatrickJS-starter#244)
• 6a994ea chore: run tests on node 16 and 17 (how to remove testing files dependency PatrickJS/PatrickJS-starter#243)
• 42a345a chore(deps): bump browserslist from 4.16.3 to 4.16.6 (under windows - ERROR in HtmlWebpackPlugin: template error TypeError: tmpl is not a function PatrickJS/PatrickJS-starter#227)
• 041b842 chore(deps): bump lodash from 4.17.20 to 4.17.21 (Error in phpStorm PatrickJS/PatrickJS-starter#223)
• 77fc7fb chore: lock down merge2
• af3572e chore: automerge lockfile PRs
• 718473c chore(deps): update actions/setup-node action to v2.1.5 (updated readme PatrickJS/PatrickJS-starter#205)
• 0ed36d8 chore: add renovate
• a467638 chore(deps): bump ssri from 6.0.1 to 6.0.2 (chore(angular2 webpack starter): Uncaught TypeError PatrickJS/PatrickJS-starter#203)
• ca2fb77 chore: increase timeout for puppeteer test

See the full diff

Package name: css-loader

The new version differs by 80 commits.

• 634ab49 chore(release): 2.0.0
• 6ade2d0 refactor: remove unused file (zone.js@0.6.14 breaks build 🚨 PatrickJS/PatrickJS-starter#860)
• e7525c9 test: nested url (Update awesome-typescript-loader to version 2.2.1 🚀 PatrickJS/PatrickJS-starter#859)
• 7259faa test: css hacks (Update awesome-typescript-loader to version 2.2.0 🚀 PatrickJS/PatrickJS-starter#858)
• 5e6034c feat: allow to filter import at-rules (Webpack is not watching my changes in a new directory. PatrickJS/PatrickJS-starter#857)
• 5e702e7 feat: allow filtering urls (Github deploy Http.get not working PatrickJS/PatrickJS-starter#856)
• 9642aa5 test: css stuff (url resolution in css files, global css support and sass support at separate branch PatrickJS/PatrickJS-starter#855)
• 3338656 fix: reduce number of require for url (Uncaught reflect-metadata shim is required when using class decorators PatrickJS/PatrickJS-starter#854)
• 533abbe test: issue 636 (ERROR with UglifyJs when building npm start build:prod PatrickJS/PatrickJS-starter#853)
• 08c551c refactor: better warning on invalid url resolution (Link to slack chat broken (404) PatrickJS/PatrickJS-starter#852)
• b0aa159 test: issue How to build app current app using web pack?  PatrickJS/PatrickJS-starter#589 (VS Code Launch.json PatrickJS/PatrickJS-starter#851)
• f599c70 fix: broken unucode characters (Update karma to version 1.2.0 🚀 PatrickJS/PatrickJS-starter#850)
• 1e551f3 test: issue 286 (Material2 alpha.7-2 PatrickJS/PatrickJS-starter#849)
• 419d27b docs: improve readme (SSL setup in webpack PatrickJS/PatrickJS-starter#848)
• d94a698 refactor: webpack-default (Update parse5 to version 2.2.0 🚀 PatrickJS/PatrickJS-starter#847)
• b97d997 feat: schema options
• 453248f fix: support module resolution in composes (Cannot find name 'Promise'. In Visual Studio Code PatrickJS/PatrickJS-starter#845)
• 8a6ea10 refactor: postcss plugins (checkNodeImport is never used! PatrickJS/PatrickJS-starter#844)
• fdcf687 fix: url resolving logic (update to rc.5 PatrickJS/PatrickJS-starter#843)
• 889dc7f feat: allow to disable css modules and disable their by default (chore: update deprecated test functions PatrickJS/PatrickJS-starter#842)
• ee2d253 test: importLoaders option (Update protractor to version 4.0.3 🚀 PatrickJS/PatrickJS-starter#841)
• 1dad1fb feat: reuse postcss ast from other loaders (i.e `postcss-loader`) (npm start fails PatrickJS/PatrickJS-starter#840)
• fe94ebc test: icss reserved keywords (How to include server side code PatrickJS/PatrickJS-starter#839)
• 9eaba66 refactor: migrate on message api for postcss-icss-plugin (Update karma-webpack to version 1.8.0 🚀 PatrickJS/PatrickJS-starter#838)

See the full diff

Package name: html-webpack-plugin

The new version differs by 139 commits.

• eb73905 chore(release): 4.0.0
• 42a6d4a Add typing for getHooks
• a1a37cf Release html-webpack-plugin 4.0.0-beta.14
• 97f9fb9 fix: load script files before style files files in defer script loading mode
• e97ce17 Release html-webpack-plugin 4.0.0-beta.13
• e448b5d Release html-webpack-plugin 4.0.0-beta.12
• de315eb feat: Add defer script loading
• 7df269f feat: Provide a verbose error message if html minification failed
• 1d66e53 feat: merge templateParameters with default template parameters
• dfb98e7 Fix typo in template option docts
• 096a760 Fix broken links in examples
• a195c34 docs: Update template-option documentation
• 40b410e docs: Update example for template parameters
• bf017f3 chore: Release 4.0.0-beta.11
• 2549557 test: Don't use minification for speed measurement
• de22fc2 test: Adjust measurment for node 6 on travis
• 24bf1b5 fix: Update references to html-minifier
• f4eafdc chore: Release 4.0.0-beta.10
• a2ad30a refactor: Use getAssetPath instead of calling the hook directly
• 2595a79 chore: Release 4.0.0-beta.9
• c66766c feat: Add support for minifying inline ES6 inside html templates
• 655cbcd Fix README typo
• 6de319b update lodash dependency for prototype polution vulnerability
• 35a1541 Properly encode file names emitted as part of URLs.

See the full diff

Package name: http-server

The new version differs by 132 commits.

• 46cfd10 0.12.2
• 5867a26 add testing on node 14
• a8f1a15 Merge pull request simplify HtmlWebpackPlugin options PatrickJS/PatrickJS-starter#581 from xxjinwei/master
• 0568097 Merge pull request npm run server - getting errors PatrickJS/PatrickJS-starter#517 from http-party/man_page
• 021e9f5 update license year
• 6e9fc08 update dependencies
• 95119c6 update man page
• 943c609 Merge pull request Error with Node v6.x PatrickJS/PatrickJS-starter#622 from adunkman/fix-security-vulnerability
• 817e11d Upgrade sub-dependency of minimist via mkdirp.
• 454851c Fix security issue by using Minimist directly.
• ed8ff1f clarify auth types
• f5854a6 Merge pull request Issue webpack.common PatrickJS/PatrickJS-starter#584 from zjhmale/basic-auth-options-compliance
• e758f03 Merge pull request Angular2-webpack VS ng-cli PatrickJS/PatrickJS-starter#586 from http-party/logFn-skip-array
• 924567f Merge pull request Feature Request: Webpack Hot Module Replacement to inject external css <link href=> instead of inline <style></style> PatrickJS/PatrickJS-starter#599 from http-party/new-screenshots
• 8de3658 Merge pull request Material remove PatrickJS/PatrickJS-starter#613 from http-party/dependabot/npm_and_yarn/acorn-5.7.4
• b2dbff5 Bump acorn from 5.7.3 to 5.7.4
• 85541e5 ignore macos files
• dfcc224 better start image
• bd36f7b Fix basic auth options type issue
• 7c09c23 remove broken badge
• e5673c5 update badges
• 1572613 Update installation methods
• 61668b3 update README image link
• 91ff74b update start image

See the full diff

Package name: karma

The new version differs by 186 commits.

• 1b48637 chore(release): 5.0.0 [skip ci]
• a5dbe89 Update issue templates (#3460)
• 1074f38 chore(ci): rely on karma-runnre/integration-tests for saucelabs config (#3462)
• 4d45cf0 chore(ci): remove more old connection security stuffs (#3459)
• be76fcc chore(ci): use travis UI for sauce config (#3458)
• a04a542 chore(ci): remove secure encryption var (#3457)
• 1eaf35e fix: install semantic-release as a regular dev dependency (#3455)
• 0647109 docs: Fix simple typo, overriden -> overridden (#3453)
• ec1e69a fix(server): replace optimist on yargs lib (#3451)
• ffad7fa refactor(launcher): use class syntax (#3437)
• 7166ce2 fix(server): detection new MS Edge Chromium (#3440)
• b8b2ed8 fix(ci): echo travis env that gates release after_success (#3446)
• 33a069f refactor: use native Promise instead of Bluebird (#3436)
• 131d154 refactor: drop safe-buffer dependency in favor of native Buffer (#3438)
• cb1bcbf fix(server): cleanup import of the removed method (#3439)
• 5c334f5 fix(server): createPreprocessor was removed (#3435)
• d7128d4 refactor(server): remove PromiseContainer class (#3416)
• 057d527 feat(docs): document `DEFAULT_LISTEN_ADDR` constant (#3443)
• a673aa8 ci: drop node 8, adopt node 12 (#3430)
• 9eb6436 chore(server): Convert PromiseContainer to object and remove (#3401)
• 0856234 chore(travis): release on node 10 success (#3428)
• 708ae13 feat(preprocessor): obey Pattern.isBinary when set (#3422)
• 00d536f chore(test): logLevel debug in proxy test (#3427)
• da9d8bd chore(docs): delete PULL_REQUEST_TEMPLATE.md

See the full diff

Package name: node-sass

The new version differs by 90 commits.

• 3b556c1 7.0.2
• c716359 Bump sass-graph@^4.0.1 (#3292)
• 24741b3 docs(readme): fix docpad plugin link
• 1523330 feat: Drop Node 12
• 365d357 update https://registry.npm.taobao.org to https://registry.npmmirror.com
• 1456114 build(deps): bump actions/upload-artifact from 2 to 3
• b465b69 chore: bump GitHub Actions to Windows 2019 (#3254)
• e6194b1 build(deps): bump make-fetch-happen from 9.1.0 to 10.0.4
• 4edf594 build(deps): bump node-gyp from 8.4.1 to 9.0.0
• 29e2344 build(deps): bump actions/checkout from 2 to 3
• 85b0d22 build(deps): bump actions/setup-node from 2 to 3
• 3bb51da Use make-fetch-happen instead of request (#3193)
• adc2f8b build(deps): bump true-case-path from 1.0.3 to 2.2.1 (#3000)
• 77d12f0 chore: disable Apline for Node 16/17 builds
• 308d533 ci: use Python 3 for Node 12
• c818907 ci: unpin actions/setup-node to v2
• 99242d7 7.0.1
• 77049d1 build(deps): bump sass-graph from 2.2.5 to 4.0.0 (#3224)
• c929f25 build(deps): bump node-gyp from 7.1.2 to 8.4.1 (#3209)
• 918dcb3 Lint fix
• 0a21792 Set rejectUnauthorized to true by default (#3149)
• e80d4af chore: Drop EOL Node 15 (#3122)
• d753397 feat: Add Node 17 support (#3195)
• dcf2e75 build(deps-dev): bump eslint from 7.32.0 to 8.0.0

See the full diff

Package name: protractor

The new version differs by 63 commits.

• 5d8da04 chore(release): version bump to 6.0.0 and update the changelog
• d777738 chore(tests): circleci - chrome 69 requires chromdriver to 2.44 (#5182)
• 3d50b68 chore(deps): update based on npm audit
• e478ba8 chore(release): bump version to 6.0.1-beta
• 7054827 chore(types): fix types to use not @ types/selenium-webdriver (#5127)
• 2e5c2e6 chore(jasmine): prevent random execution order in jasmine 3 (#5126)
• 8afc4e2 chore(release): release 6.0.0-beta and update the changelog
• 5fd711c chore(webdriver-manager): use webdriver-manager@13.0.0-beta
• 96ae17c deps(jasmine): upgrade jasmine 3.3 (#5102)
• 68491dd chore(expectedConditions): update generic Function typings (#5101)
• cf43651 chore(debugprint): convert debugprint to TypeScript (#5074)
• d213aa9 deps(selenium): upgrade to selenium 4 (#5095)
• 4672265 chore(browser): remove timing issues with restart and fork (#5085)
• b4dbcc2 chore(elementexplorer): remove explorer bin file (#5094)
• 7de6d85 docs(api): update examples to use async/await (#5081)
• 1b2036e typings(selenium): try out new version of typings (#5084)
• befb457 chore(bin): update webdriver-manager require to use the cli (#5093)
• 509f1b2 deps(latest): upgrade to the gulp and typescript (#5089)
• 2def202 deps(webdriver-manager): use replacement (#5088)
• 9d510db chore(test): remove jasmine addMatcher test (#5072)
• 6522e40 chore(cleanup): clean up imports and wdpromises (#5073)
• 3b8f263 chore(ignoreSynchornization): clean up to use waitForAngularEnabled (#5071)
• ffa3519 chore(debugger): remove debugger and explore methods (#5070)
• 0f7a38a chore(test): error tests fixed (#5069)

See the full diff

Package name: webpack

The new version differs by 250 commits.

• 610f368 5.0.0
• 5ce65c1 update examples
• bbe1230 Merge pull request #11628 from webpack/bugfix/real-content-hash
• 75ecff2 5.0.0-rc.6
• bfc35d6 Merge pull request #11603 from MayaWolf/master
• 76e8cbd Merge pull request #11622 from webpack/dependabot/npm_and_yarn/types/node-13.13.25
• 9fd1be2 chore(deps-dev): bump @ types/node from 13.13.23 to 13.13.25
• 36bcfaa Merge pull request #11621 from webpack/bugfix/11619
• 9130d10 fix called variables with ProvidePlugin
• 3e42105 Merge pull request #11620 from webpack/bugfix/11617
• 4709719 skip connections copied to concatenated module
• 57b493f 5.0.0-rc.5
• 1658e2f Merge pull request #11618 from webpack/bugfix/11615
• a8fb45d fixes crash in SideEffectsFlagPlugin
• 84b196d emit error instead of crashing when unexpected problem occurs
• 5573fed Merge pull request #11601 from Hornwitser/improve-suggested-polyfill-config
• 9b5cce9 Merge pull request #11609 from snitin315/export-types
• 37c495c export type RuleSetUseItem
• 39faf34 export type RuleSetUse
• e5fd246 export type RuleSetConditionAbsolute
• 660baad export RuleSetCondition types
• 13e3ca5 Merge pull request #11602 from webpack/bugfix/shared-runtime-chunk
• 9c0587e Merge pull request #11606 from webpack/dependabot/npm_and_yarn/simple-git-2.21.0
• 502d166 Merge pull request #11607 from webpack/dependabot/npm_and_yarn/acorn-8.0.4

See the full diff

Package name: webpack-cli

The new version differs by 250 commits.

• fb50f76 chore(release): publish new version
• 2c75aeb chore: new version of the packages
• 0d05c30 chore(release): publish %s
• 3f9e151 chore: fix lerna config
• 2c1e34c tests(generator): enhance init generator tests (chore(deps): Renamed angular2-router-loader package PatrickJS/PatrickJS-starter#1236)
• 6ee61b9 Fix loader-generator and plugin-generator tests ( read property 'exclude' of undefined at applyDefaults (C:\ProjectFiles\docshala\node_modules\awesome-typescript-l oader\src\instance.ts:266:72) PatrickJS/PatrickJS-starter#1250)
• 52956a2 Fixing the typos and grammatical errors in Readme files (Update imports-loader to version 0.7.0 🚀 PatrickJS/PatrickJS-starter#1246)
• 7faaed2 chore: update Bug_report & Feature_request Templates (karma-jasmine@1.1.0 breaks build 🚨 PatrickJS/PatrickJS-starter#1256)
• 7a5b33d feat(webpack-cli): added mode argument (Error: ⨯ Unable to compile TypeScript PatrickJS/PatrickJS-starter#1253)
• 3715756 tests(webpack-cli): add test case for defaults flag (Update webpack-merge to version 1.1.0 🚀 PatrickJS/PatrickJS-starter#1254)
• a7cba2f chore: project maintanance and typescript fix (protractor@4.0.12 breaks build 🚨 PatrickJS/PatrickJS-starter#1247)
• 7748472 chore: ignore package-lock.json and remove its references (chore(package): pins TypeScript version to 2.1.1 PatrickJS/PatrickJS-starter#1252)
• a014aa7 docs: fix supported arguments & commands link in README (typescript@2.1.4 breaks build 🚨 PatrickJS/PatrickJS-starter#1244)
• 06129a1 feat(webpack-cli): add progress bar for progress flag ( Uncaught TypeError: Reflect.getMetadata is not a function PatrickJS/PatrickJS-starter#1238)
• 6cc6a49 chore: post refactor CLI (cannot get postCSS autoprefixer to work PatrickJS/PatrickJS-starter#1237)
• 358651e chore: move cli under lerna package (How to deploy /dist folder to apache web server PatrickJS/PatrickJS-starter#1225)
• 2dc495a fix(init): fix webpack config scaffold (Feature/internationalization PatrickJS/PatrickJS-starter#1231)
• 1ab62d2 tests(generator): add tests for plugin generator (Update tslint-loader to version 3.3.0 🚀 PatrickJS/PatrickJS-starter#1235)
• d2dd0c1 tests(sourcemap): fix flaky stats statement (How to minify CSS in assets? PatrickJS/PatrickJS-starter#1232)
• f6dc680 tests(loader-generator): add tests for loader generator (Why hmr and other are added to dependencies when they are not required in production PatrickJS/PatrickJS-starter#1234)
• 35d1381 tests(generator): enable init generator test (first commit, doesn't work yet PatrickJS/PatrickJS-starter#1233)
• 66cdcb6 chore(generator): remove transpiled tests (Update tslint-loader to version 3.2.1 🚀 PatrickJS/PatrickJS-starter#1229)
• f29a170 fix(init): fix the invalid package name (Feature / help: Change app page from index.html to app.html  PatrickJS/PatrickJS-starter#1228)
• 8c3a66d chore(cli): updated changelog of v3 (webpack.test.js is missing angular2-template-loader PatrickJS/PatrickJS-starter#1224)

See the full diff

Package name: webpack-dev-server

The new version differs by 250 commits.

• c9271b9 chore(release): 4.0.0
• 18bf369 test: fix stability (#3676)
• cdcabb2 fix: respect protocol from browser for manual setup (#3675)
• 1768d6b fix: initial reloading for lazy compilation (#3662)
• 4f5bab1 docs: improve examples (#3672)
• f2d87fb fix: improve https CLI output (#3673)
• 0277c5e chore: remove redundant console statements (#3671)
• 16fcdbc docs: add `ipc` example (#3667)
• 8915fb8 test: add e2e tests for built in routes (#3669)
• 4d1cbe1 docs: ask `version` information in issue template (#3668)
• b6c1881 chore(deps-dev): bump core-js from 3.16.1 to 3.16.2 (#3666)
• ffa8cc5 chore(deps-dev): bump supertest from 6.1.5 to 6.1.6 (#3665)
• f1fdaa7 chore(release): 4.0.0-rc.1
• c4678bc fix: legacy API (#3660)
• d8bdd03 test: fix stability (#3661)
• 22b1414 refactor: remove `killable` (#3657)
• 75bafbf test: add e2e tests for module federation (#3658)
• 493ccbd chore(deps): update `ws` (#3652)
• ae8c523 test: add e2e test for universal compiler (#3656)
• f94b84f chore(deps): update (#3655)
• 1923132 test: fix cli
• 2adfd01 test: fix todo (#3653)
• 6e2cbde fix: proxy logging and allow to pass options without the `target` option (#3651)
• c9ccc96 fix: respect infastructureLogging.level for client.logging (#3613)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution
🦉 Server-side Request Forgery (SSRF)
🦉 More lessons are available in Snyk Learn