[Snyk] Fix for 1 vulnerabilities

[F1LT3R]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: npm

The new version differs by 250 commits.

• 30a9844 7.21.0
• 0b2cd9d update AUTHORS
• 06461ec docs: changelog for v7.21.0
• 771a1cb chore(tests): fix snapshots
• 71cdfd8 spdx-license-ids@3.0.10
• 94f92de make-fetch-happen@9.0.5
• 7ac621c smart-buffer@4.2.0
• 218caca is-core-module@2.6.0
• ff6626a fix(docs): update npm-publish access flag info
• b6f40b5 tar@6.1.10
• e9e5ee5 @ npmcli/arborist@2.8.2
• 991a3bd read-package-json@4.0.0
• f077724 init-package-json@2.0.4
• 68a19bb fix(error-message): look for er.path not er.file
• ff34d6c feat(cache): initial implementation of ls and rm
• 8183976 normalize-package-data@3.0.3
• df57f0d @ npmcli/run-script@1.8.6
• 487731c fix(logging): sanitize logged argv
• 7a58264 chore(ci): check that docs are up to date in ci
• 22f3bbb chore(docs): add more 'autogenerated' comments
• 4314490 fix(docs): revert auto-generated portion of docs
• 32e88c9 fix(did-you-mean): switch levenshtein libraries
• 59b9851 7.20.6
• 2591e67 update AUTHORS

See the full diff

Package name: yargs

The new version differs by 100 commits.

• a6e67f1 chore(release): 13.2.4
• fc13476 chore: update standard-verison dependency
• bf46813 fix(i18n): rename unclear 'implication failed' to 'missing dependent arguments' (nyc does not work in ReactNative .js which has <View> istanbuljs/nyc#1317)
• a3a5d05 docs: fix a broken link to MS Terminology Search (New to test coverage and confused about how NYC determines what code is covered istanbuljs/nyc#1341)
• b4f8018 build: add .versionrc that hides test/build
• 0c39183 chore(release): 13.2.3
• 08e0746 chore: update deps (Can nyc convert/generate custom test output (LCOV to HTML)? istanbuljs/nyc#1340)
• 843e939 docs: make `--no-` boolean prefix easier to find in the docs (Unexpected token / in JSON at position 58 istanbuljs/nyc#1338)
• 84cac07 docs: restore removed changelog of v13.2.0 (nyc report not working in certain circumstances on Windows. istanbuljs/nyc#1337)
• b20db65 fix(deps): upgrade cliui for compatibility with latest chalk. (chore(deps-dev): bump standard-version from 8.0.0 to 8.0.1 istanbuljs/nyc#1330)
• c294d1b test: accept differently formatted output (ReferenceError: cov_vyj5vtdds is not defined istanbuljs/nyc#1327)
• ac3f10c chore: move .hbs templates into .js to facilitate webpacking (feat(experimental): Support using --all with node.js ES modules istanbuljs/nyc#1320)
• 0295132 fix: address issues with dutch translation (WIP: Fix npm security warnings istanbuljs/nyc#1316)
• 9f2468e doc: clarify parserConfiguration object structure (Node running out of memory when running on 72-core machines istanbuljs/nyc#1309)
• e7f2937 chore(release): 13.2.2
• edd0bb5 test: correct test description
• 03a9523 chore: forgoing dropping Node 6 until yargs@14 (nyc 15 gives no coverage without the useSpawnWrap option when using pnpm istanbuljs/nyc#1308)
• 14920d1 docs: remove --save option as it isn't required anymore (nyc does not work with symlinks istanbuljs/nyc#1301)
• 545c7f1 test: slightly reworded one test
• 4375680 chore(release): 13.2.1
• dfcaa68 test: slight edit to test wording
• 3180224 fix: add zsh script to files array
• 0a96394 fix: support options/sub-commands in zsh completion
• 48249a2 chore(release): 13.2.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.