[Snyk] Fix for 92 vulnerabilities

[Omrisnyk]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • large-file/package.json
  • large-file/package-lock.json
  • large-file/.snyk

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-AWSSDK-1059424	No	Proof of Concept
	616/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.9	Server-Side Request Forgery (SSRF) SNYK-JS-AXIOS-1038255	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-1579269	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Denial of Service (DoS) SNYK-JS-AXIOS-174505	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-CACHEDPATHRELATIVE-2342653	No	Proof of Concept
	641/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.4	Prototype Pollution SNYK-JS-JSON5-3182856	Yes	Proof of Concept
	644/1000 Why? Has a fix available, CVSS 8.6	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	No	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Denial of Service (DoS) SNYK-JS-JSZIP-1251497	No	Proof of Concept
	591/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.4	Cross-site Scripting (XSS) SNYK-JS-KARMA-2395349	Yes	Proof of Concept
	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-608086	Yes	Proof of Concept
	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-73638	Yes	Proof of Concept
	327/1000 Why? Proof of Concept exploit, CVSS 4.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-73639	Yes	Proof of Concept
	731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2	Prototype Pollution SNYK-JS-LODASHES-2434283	No	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASHES-2434284	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASHES-2434285	No	Proof of Concept
	541/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASHES-2434286	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASHES-2434287	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASHES-2434289	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASHES-2434290	No	Proof of Concept
	489/1000 Why? Has a fix available, CVSS 5.5	Information Exposure SNYK-JS-LOG4JS-2348757	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-MERGE-1040469	Yes	No Known Exploit
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-MERGE-1042987	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	Yes	No Known Exploit
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Prototype Pollution SNYK-JS-MINIMIST-2429795	No	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-MINIMIST-559764	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOCHA-2863123	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Directory Traversal SNYK-JS-MOMENT-2440688	No	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOMENT-2944238	No	Proof of Concept
	414/1000 Why? Has a fix available, CVSS 4	Privilege Escalation SNYK-JS-MONGODBJSMETRICS-1243685	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-MOUT-1014544	No	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-MOUT-2342654	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-NCONF-2395478	No	Proof of Concept
	706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7	Server-side Request Forgery (SSRF) SNYK-JS-NETMASK-1089716	No	Proof of Concept
	539/1000 Why? Has a fix available, CVSS 6.5	Information Exposure SNYK-JS-NODEFETCH-2342118	Yes	No Known Exploit
	520/1000 Why? Has a fix available, CVSS 5.9	Denial of Service SNYK-JS-NODEFETCH-674311	Yes	No Known Exploit
	751/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.6	Command Injection SNYK-JS-NODEMAILER-1038834	Yes	Proof of Concept
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	HTTP Header Injection SNYK-JS-NODEMAILER-1296415	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-NTHCHECK-1586032	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-OBJECTPATH-1017036	Yes	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-OBJECTPATH-1569453	Yes	Proof of Concept
	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Remote Code Execution (RCE) SNYK-JS-PACRESOLVER-1564857	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	No	Proof of Concept
	621/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6	Prototype Pollution SNYK-JS-PATHVAL-596926	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-PROMPTS-1729737	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Prototype Poisoning SNYK-JS-QS-3153490	No	Proof of Concept
	490/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-RAMDA-1582370	Yes	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-REDIS-1255645	Yes	No Known Exploit
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Validation Bypass SNYK-JS-SANITIZEHTML-1070780	No	Proof of Concept
	539/1000 Why? Has a fix available, CVSS 6.5	Access Restriction Bypass SNYK-JS-SANITIZEHTML-1070786	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SANITIZEHTML-2957526	No	No Known Exploit
	684/1000 Why? Has a fix available, CVSS 9.4	Arbitrary Code Execution SNYK-JS-SANITIZEHTML-585892	No	No Known Exploit
	619/1000 Why? Has a fix available, CVSS 8.1	Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	No	No Known Exploit
	641/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.4	Command Injection SNYK-JS-SNYK-3037342	No	Proof of Concept
	571/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5	Command Injection SNYK-JS-SNYK-3038622	No	Proof of Concept
	504/1000 Why? Has a fix available, CVSS 5.8	Code Injection SNYK-JS-SNYK-3111871	No	No Known Exploit
	571/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5	Command Injection SNYK-JS-SNYKDOCKERPLUGIN-3039679	No	Proof of Concept
	641/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.4	Command Injection SNYK-JS-SNYKGOPLUGIN-3037316	No	Proof of Concept
	571/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5	Command Injection SNYK-JS-SNYKGRADLEPLUGIN-3038624	No	Proof of Concept
	571/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5	Command Injection SNYK-JS-SNYKMVNPLUGIN-3038623	No	Proof of Concept
	571/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5	Command Injection SNYK-JS-SNYKPYTHONPLUGIN-3039677	No	Proof of Concept
	571/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5	Command Injection SNYK-JS-SNYKSBTPLUGIN-3038626	No	Proof of Concept
	571/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5	Command Injection SNYK-JS-SNYKSNYKCOCOAPODSPLUGIN-3038625	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Insecure Defaults SNYK-JS-SOCKETIO-1024859	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-SOCKETIOPARSER-1056752	Yes	Proof of Concept
	704/1000 Why? Has a fix available, CVSS 9.8	Improper Input Validation SNYK-JS-SOCKETIOPARSER-3091012	Yes	No Known Exploit
	/1000 Why?	Command Injection SNYK-JS-SSH2-1656673	No	No Known Exploit
	/1000 Why?	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-TRIM-1017038	No	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1023599	No	Proof of Concept
	/1000 Why?	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1072471	No	Proof of Concept
	/1000 Why?	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-610226	No	Proof of Concept
	/1000 Why?	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	Yes	No Known Exploit
	/1000 Why?	Arbitrary Code Injection SNYK-JS-UNDERSCORE-1080984	No	Proof of Concept
	/1000 Why?	Improper Input Validation SNYK-JS-URLPARSE-1078283	Yes	No Known Exploit
	/1000 Why?	Open Redirect SNYK-JS-URLPARSE-1533425	Yes	Proof of Concept
	/1000 Why?	Access Restriction Bypass SNYK-JS-URLPARSE-2401205	Yes	Proof of Concept
	/1000 Why?	Authorization Bypass SNYK-JS-URLPARSE-2407759	Yes	Proof of Concept
	/1000 Why?	Improper Input Validation SNYK-JS-URLPARSE-2407770	Yes	Proof of Concept
	/1000 Why?	Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697	Yes	Proof of Concept
	/1000 Why?	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	Yes	Proof of Concept
	/1000 Why?	Arbitrary Code Injection SNYK-JS-XMLHTTPREQUESTSSL-1082936	Yes	Proof of Concept
	/1000 Why?	Access Restriction Bypass SNYK-JS-XMLHTTPREQUESTSSL-1255647	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-Y18N-1021887	No	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:braces:20180219	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	Yes	Proof of Concept
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution npm:lodash:20180130	Yes	Proof of Concept
	/1000 Why?	Regular Expression Denial of Service (ReDoS) npm:ms:20170412	Yes	No Known Exploit
	/1000 Why?	Denial of Service (DoS) npm:ws:20171108	No	Mature

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: adjust-sourcemap-loader

The new version differs by 21 commits.

• 59b4c45 publish 3.0.0
• b9d9a5f update nvmrc to match package.json
• 677dc1a minor code reformat, update deps
• 871d0f9 Merge pull request [Snyk] Fix for 1 vulnerabilities #17 from TrySound/drop-object-path
• 95a5b84 Merge branch 'master' into drop-object-path
• 401b707 Merge pull request [Snyk] Security upgrade tap from 5.8.0 to 11.1.3 #14 from TrySound/tidy-up-deps
• 4b12ee3 Drop object-path
• 143a72c Tidy up dependencies
• 8557f80 Merge pull request [Snyk] Security upgrade tap from 5.8.0 to 11.1.3 #15 from TrySound/drop-camelcase
• 03910d7 Drop camelcase
• 72f9df1 Merge pull request [Snyk] Security upgrade karma from 2.0.3 to 3.0.0 #10 from KenjiBito/patch-1
• 6085e0c Merge pull request [Snyk] Security upgrade karma from 2.0.3 to 3.0.0 #12 from znarf/patch-1
• e1e9f35 remove 'assert' as dependency
• 223ffdd Create LICENSE
• b5781ce publish 2.0.0
• e7c59a9 Merge pull request [Snyk] Fix for 2 vulnerabilities #7 from bholloway/remove-lodash-dependency
• d1180e9 remove lodash, update deps
• 179d8be Merge pull request [Snyk] Fix for 1 vulnerabilities #6 from bholloway/remove-overzealous-decode-check
• 080db0e 2.0.0-alpha.1
• 0319bb2 BREAKING (maybe) remove additional check that decoded source file exists
• ea71b04 stick to var rather than const for consistency

See the full diff

Package name: aws-sdk

The new version differs by 250 commits.

• 8875a35 Updates SDK to v2.814.0
• dd83d67 throw at invalid profile name in shared ini file ([Snyk(Unlimited)] Upgrade express-fileupload from 0.0.5 to 0.4.0 snyk-fixtures/npm-lockfiles#3585)
• ee0c5a3 Updates SDK to v2.813.0
• 468d15b Updates SDK to v2.812.0
• c50132f Update README.md with references to JS SDK V3 ([Snyk(Unlimited)] Upgrade errorhandler from 1.2.0 to 1.5.1 snyk-fixtures/npm-lockfiles#3582)
• 3e19b08 Updates SDK to v2.811.0
• f26c00d Updates SDK to v2.810.0
• b393a6e Adds automatic PreSignedUrl generation to RDS.StartDBInstanceAutomatedBackupsReplication ([Snyk(Unlimited)] Upgrade verbosity from 0.9.2 to 0.10.1 snyk-fixtures/npm-lockfiles#3566)
• fa57967 Updates SDK to v2.809.0
• 9a52018 Updates SDK to v2.808.0
• 1958076 Updates SDK to v2.807.0
• ffcad20 Updates SDK to v2.806.0
• 2f37893 chore: remove cognitoidentity customizations to disable auth ([Snyk(Unlimited)] Upgrade mongoose from 4.2.4 to 4.13.19 snyk-fixtures/npm-lockfiles#3543)
• c6fe3c0 Updates SDK to v2.805.0
• 71d6fa9 Fix dual-callback case ([Snyk(Unlimited)] Upgrade dustjs-helpers from 1.5.0 to 1.7.4 snyk-fixtures/npm-lockfiles#3537)
• b981971 Updates SDK to v2.804.0
• 332573f Updates SDK to v2.803.0
• deb7bc7 Updates SDK to v2.802.0
• b6401d0 Remove incorrectly named service named 'Profile' ([Snyk(Unlimited)] Upgrade lodash from 4.17.10 to 4.17.15 snyk-fixtures/npm-lockfiles#3562)
• 3364d4b Updates SDK to v2.801.0
• d400577 Updates SDK to v2.800.0
• 21c7dc0 Updates SDK to v2.799.0
• d2b8964 Updates SDK to v2.798.0
• 44ded82 fix: test IAM.getUser instead of listUsers ([Snyk(Unlimited)] Upgrade consolidate from 0.14.5 to 0.15.1 snyk-fixtures/npm-lockfiles#3542)

See the full diff

Package name: body-parser

The new version differs by 177 commits.

• 424dadd 1.19.2
• 11248a2 deps: raw-body@2.4.3
• 7a088eb build: Node.js@14.19
• ecedf31 build: Node.js@16.14
• b6bfabd build: Node.js@17.5
• badd6b2 build: fix code coverage aggregate upload
• 96b448a build: Node.js@17.4
• 70560b1 build: mocha@9.2.0
• 548a06f build: supertest@6.2.2
• 3b00678 deps: bytes@3.1.2
• d5acb61 build: mocha@9.1.4
• 82c8a7c tests: add limit + inflate tests
• b356758 deps: qs@6.9.7
• c631b58 build: supertest@6.2.1
• c81a8e2 build: eslint-plugin-import@2.25.4
• 3c4dcb8 build: Node.js@17.3
• d0a214b 1.19.1
• fb172d4 build: eslint-plugin-promise@5.2.0
• c5e63cb build: Node.js@17.2
• c6d43bd build: eslint-plugin-import@2.25.3
• 313ed6d build: eslint-plugin-promise@5.1.1
• 8389b51 deps: bytes@3.1.1
• aae94b2 deps: http-errors@1.8.1
• 7f84d4f deps: raw-body@2.4.2

See the full diff

Package name: cacache

The new version differs by 9 commits.

• 41e12c1 chore(release): 11.0.1
• 208b7bd deps: bump ssri
• aa59d82 chore(release): 11.0.0
• 33d4eed feat(opts): use figgy-pudding for opts ([Snyk] Fix for 1 vulnerabilities #128)
• 529f347 meta: drop support for node@4
• 4446327 test: use nyc through tap
• 109ff93 standard: --fix for standard@11
• 3817b7a deps: bump devDeps
• a7d25b4 deps: bump deps

See the full diff

Package name: cached-path-relative

The new version differs by 2 commits.

• 07947c4 1.1.0
• 40c73bf Fix other instances of prototype pollution vulnerability

See the full diff

Package name: caniuse-api

The new version differs by 14 commits.

• 1b74c10 3.0.0
• 3ab3a83 updating browserslist to v4
• 11c9091 preparing for 2.1.0
• fb40d95 use yarn and bump dependencies
• 5e41118 remove footnotes related stuff
• 54457e2 add yarn.lock
• ceb721c add tests to isSupported for multiple browsers and throw
• f0c5d88 Change X to lowercase for getSupport
• eaac367 Merge pull request [Snyk] Security upgrade mout from 1.1.0 to 1.2.4 #71 from le0nik/update_browserslist_3
• 7e57b2d Update browserslist to v3
• 851c1a3 2.0.0
• 9211b85 Merge pull request [Snyk] Security upgrade moment from 2.22.1 to 2.29.4 #59 from ben-eb/caniuse-lite
• b9bb0ac Upgrade Browserslist to 2.0.0.
• 1f10589 Migrate from caniuse-db to caniuse-lite. Closes [Snyk] Security upgrade tap from 5.8.0 to 11.1.3 #57.

See the full diff

Package name: create-react-context

The new version differs by 4 commits.

• 81e8d50 0.3.0
• b04abbb Use the warning package instead of fbjs
• 98efab9 Update package.json
• f31c9ed Update LICENSE

See the full diff

Package name: css-loader

The new version differs by 71 commits.

• 634ab49 chore(release): 2.0.0
• 6ade2d0 refactor: remove unused file ([Snyk(Unlimited)] Upgrade term-ng from 0.8.1 to 0.8.5 snyk-fixtures/npm-lockfiles#860)
• e7525c9 test: nested url ([Snyk(Unlimited)] Upgrade lodash from 4.17.10 to 4.17.15 snyk-fixtures/npm-lockfiles#859)
• 7259faa test: css hacks ([Snyk(Unlimited)] Upgrade @thebespokepixel/string from 0.5.2 to 0.5.9 snyk-fixtures/npm-lockfiles#858)
• 5e6034c feat: allow to filter import at-rules ([Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#857)
• 5e702e7 feat: allow filtering urls ([Snyk(Unlimited)] Upgrade qs from 0.0.6 to 0.6.6 snyk-fixtures/npm-lockfiles#856)
• 9642aa5 test: css stuff ([Snyk(Unlimited)] Upgrade adm-zip from 0.4.7 to 0.4.13 snyk-fixtures/npm-lockfiles#855)
• 3338656 fix: reduce number of require for url ([Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#854)
• 533abbe test: issue 636 ([Snyk(Unlimited)] Upgrade qs from 0.0.6 to 0.6.6 snyk-fixtures/npm-lockfiles#853)
• 08c551c refactor: better warning on invalid url resolution ([Snyk(Unlimited)] Upgrade debug from 2.0.0 to 2.6.9 snyk-fixtures/npm-lockfiles#852)
• b0aa159 test: issue [Snyk(Unlimited)] Upgrade @thebespokepixel/meta from 0.2.3 to 0.2.5 snyk-fixtures/npm-lockfiles#589 ([Snyk(Unlimited)] Upgrade color-convert from 1.9.2 to 1.9.3 snyk-fixtures/npm-lockfiles#851)
• f599c70 fix: broken unucode characters ([Snyk(Unlimited)] Upgrade @thebespokepixel/es-tinycolor from 0.3.1 to 0.3.2 snyk-fixtures/npm-lockfiles#850)
• 1e551f3 test: issue 286 ([Snyk(Unlimited)] Upgrade verbosity from 0.9.2 to 0.10.1 snyk-fixtures/npm-lockfiles#849)
• 419d27b docs: improve readme ([Snyk(Unlimited)] Upgrade @thebespokepixel/meta from 0.2.3 to 0.2.5 snyk-fixtures/npm-lockfiles#848)
• d94a698 refactor: webpack-default ([Snyk(Unlimited)] Upgrade truwrap from 0.8.1 to 0.8.4 snyk-fixtures/npm-lockfiles#847)
• b97d997 feat: schema options
• 453248f fix: support module resolution in composes ([Snyk(Unlimited)] Upgrade term-ng from 0.8.1 to 0.8.5 snyk-fixtures/npm-lockfiles#845)
• 8a6ea10 refactor: postcss plugins ([Snyk(Unlimited)] Upgrade lodash from 4.17.10 to 4.17.15 snyk-fixtures/npm-lockfiles#844)
• fdcf687 fix: url resolving logic ([Snyk(Unlimited)] Upgrade @thebespokepixel/string from 0.5.2 to 0.5.9 snyk-fixtures/npm-lockfiles#843)
• 889dc7f feat: allow to disable css modules and disable their by default ([Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#842)
• ee2d253 test: importLoaders option ([Snyk(Unlimited)] Upgrade qs from 0.0.6 to 0.6.6 snyk-fixtures/npm-lockfiles#841)
• 1dad1fb feat: reuse postcss ast from other loaders (i.e `postcss-loader`) ([Snyk(Unlimited)] Upgrade adm-zip from 0.4.7 to 0.4.13 snyk-fixtures/npm-lockfiles#840)
• fe94ebc test: icss reserved keywords ([Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#839)
• 9eaba66 refactor: migrate on message api for postcss-icss-plugin ([Snyk(Unlimited)] Upgrade qs from 0.0.6 to 0.6.6 snyk-fixtures/npm-lockfiles#838)

See the full diff

Package name: detective-less

The new version differs by 11 commits.

• cb391fd chore: Version bump.
• fbd5ef9 Update debug to version 4
• 3055a20 Make use of some ES2015 features
• af801e2 Update to node-source-walk@4
• baba3e7 Update to gonzales-pe@4
• 4c72a91 Update to Mocha@5
• 04e472d Require Node.js 6
• c4bdaa2 1.0.1
• 1f23fa4 Merge pull request [Snyk] Security upgrade nyc from 14.0.0 to 15.0.0 #1 from danez/patch-2
• 9ee5b72 Update package.json
• f244e64 deps: Update debug to fix security issue

See the full diff

Package name: engine.io

The new version differs by 45 commits.

• ecfcc69 [chore] Release 3.4.0
• 7bf7581 [chore] Bump engine.io-parser to version 2.2.0
• c471e03 [chore] Bump `ws` to latest version ([Snyk(Unlimited)] Upgrade sgr-composer from 0.5.0 to 0.5.3 snyk-fixtures/npm-lockfiles#587)
• c144895 [feat] add additional debug messages ([Snyk(Unlimited)] Upgrade term-ng from 0.8.1 to 0.8.5 snyk-fixtures/npm-lockfiles#586)
• a967626 [chore] Bump debug to version 4.1.0 ([Snyk(Unlimited)] Upgrade adm-zip from 0.4.7 to 0.4.13 snyk-fixtures/npm-lockfiles#581)
• 5bbbfe2 [ci] remove Node.js 4 and 6 from the build matrix
• ad844f4 [fix] Deprecated Buffer usage in dependency ([Snyk(Unlimited)] Upgrade lodash from 4.17.10 to 4.17.15 snyk-fixtures/npm-lockfiles#585)
• cb0ac6f [chore] Release 3.3.2
• ec4e12a [revert] Allow configuration of `Access-Control-Allow-Origin` value ([Snyk(Unlimited)] Upgrade term-ng from 0.8.1 to 0.8.5 snyk-fixtures/npm-lockfiles#511)
• 64d6044 [chore] Release 3.3.1
• 9956445 [fix] Replace deprecated Buffer usage ([Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#565)
• e081616 [chore] Point towards branch 'develop' of engine.io-client
• 2c856ca [chore] Release 3.3.0
• 3e2f415 [chore] Bump ws to version 6.1.0 ([Snyk(Unlimited)] Upgrade qs from 0.0.6 to 0.6.6 snyk-fixtures/npm-lockfiles#564)
• ebf1a96 [feat] Allow configuration of `Access-Control-Allow-Origin` value ([Snyk(Unlimited)] Upgrade term-ng from 0.8.1 to 0.8.5 snyk-fixtures/npm-lockfiles#511)
• 0151c6a [chore] Release 3.2.1
• bc7b239 [fix] Processing error code on abort connection ([Snyk(Unlimited)] Upgrade color-convert from 1.9.2 to 1.9.3 snyk-fixtures/npm-lockfiles#562)
• 6a16ea1 [test] Remove unnecessary assertion in test case ([Snyk(Unlimited)] Upgrade term-ng from 0.8.1 to 0.8.5 snyk-fixtures/npm-lockfiles#556)
• d93ef6a [docs] Add some initialization examples in the README
• 52ebe41 [chore] Release 3.2.0
• c624751 [revert] Make generateId method async ([Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#535)
• be3833b [refactor] Use Buffer.concat([]) to construct an empty buffer ([Snyk(Unlimited)] Upgrade lodash from 4.17.10 to 4.17.15 snyk-fixtures/npm-lockfiles#555)
• 65b1ad1 [chore] Update default values for pingTimeout ([Snyk(Unlimited)] Upgrade adm-zip from 0.4.7 to 0.4.13 snyk-fixtures/npm-lockfiles#551)
• 63e2528 [chore] Release 3.1.5

See the full diff

Package name: engine.io-client

The new version differs by 56 commits.

• b1630ba chore(release): 3.5.0
• 8750356 fix: check the type of the initial packet
• 0b254ce chore: bump ws version
• f764bf6 ci: migrate to GitHub Actions
• 4d2f277 chore: release 3.4.4
• bbcc3fe chore: bump parseqs and parseuri dependencies
• 4db8691 chore: downgrade the debug dependency
• 5a5313e chore: release 3.4.3
• e5bc106 fix(react-native): restrict the list of options for the WebSocket object
• f19a9e3 chore: release 3.4.2
• d2daa28 chore: bump component-emitter dependency
• 81dc10d chore: release 3.4.1
• 357f01d fix: use globalThis polyfill instead of self/global
• ccc9337 [chore] Release 3.4.0
• 1e29b0c [chore] Bump engine.io-parser to version 2.2.0
• e8cd8c0 build: transpile the debug dependency with Babel
• fd7fff2 [fix] Ensure valid status is passed to error handler ([Snyk(Unlimited)] Upgrade color-convert from 1.9.2 to 1.9.3 snyk-fixtures/npm-lockfiles#622)
• 2266269 [feat] Support extra charset info in Content-Type header ([Snyk(Unlimited)] Upgrade @thebespokepixel/meta from 0.2.3 to 0.2.5 snyk-fixtures/npm-lockfiles#619)
• 2847411 [feat] Add withCredentials option ([Snyk(Unlimited)] Upgrade @thebespokepixel/string from 0.5.2 to 0.5.7 snyk-fixtures/npm-lockfiles#614)
• 0eeaa7a [fix] fix NodeWebSocket declaration ([Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#613)
• 242ea9e [chore] Bump debug to version 4.1.0 ([Snyk(Unlimited)] Upgrade qs from 0.0.6 to 0.6.6 snyk-fixtures/npm-lockfiles#612)
• bc8c497 [ci] use Node.js 10 for compatibility with Gulp v3
• 57f9d45 [chore] Release 3.3.2
• e157aac [test] IE8 is no longer supported by Saucelabs

See the full diff

Package name: eslint-plugin-mocha

The new version differs by 164 commits.

• b2d8c9e 6.3.0
• b91a2f8 Update dependencies
• c470a3d Merge pull request [Snyk(Unlimited)] Upgrade qs from 0.0.6 to 0.6.6 snyk-fixtures/npm-lockfiles#238 from lo1tuma/fix-nested
• a18680d Merge pull request [Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#239 from lo1tuma/fix-top-level
• 2633908 Fix max-top-level-suites to ignore generated suites
• 46f716d no-hooks-for-single-case: fix false postive in nested suites
• 1c3a545 Merge pull request [Snyk(Unlimited)] Upgrade adm-zip from 0.4.7 to 0.4.13 snyk-fixtures/npm-lockfiles#237 from lo1tuma/template-strings
• 6255546 Check static template strings in valid-test-description and valid-suite-description
• 7eea93d Merge pull request [Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#236 from lo1tuma/no-hooks-option
• 8778d96 no-hooks: add option to allow certain kind of hooks
• 36c9e67 Merge pull request [Snyk(Unlimited)] Upgrade qs from 0.0.6 to 0.6.6 snyk-fixtures/npm-lockfiles#235 from brettz9/nondeprecated-rule-format
• 471e354 Switch to nondeprecated eslint rule format
• 8cf8640 Merge pull request [Snyk(Unlimited)] Upgrade debug from 2.0.0 to 2.6.9 snyk-fixtures/npm-lockfiles#234 from brettz9/schemas-for-options
• c1f8049 Merge pull request [Snyk(Unlimited)] Upgrade from thebespokepixel/meta to thebespokepixel/meta snyk-fixtures/npm-lockfiles#229 from brettz9/recommended-rules
• <...