[Snyk] Fix for 1 vulnerabilities

[nfinlayson]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: del-cli

The new version differs by 9 commits.

• b41c687 2.0.0
• 9e7c4eb Require Node.js 8 and upgrade to `del` 4
• ac49906 Create funding.yml
• 2a63a03 1.1.0
• 1dbc7e2 Meta tweaks
• d798ad1 Bump `del`
• f36cc2c 1.0.0
• 3ad9a2c ES2015ify and require Node.js 4
• 9ff3d3a Add related package to the readme

See the full diff

Package name: eslint

The new version differs by 250 commits.

• c4fffbc 8.0.0
• d51f4cf Build: changelog update for 8.0.0
• 7d3f7f0 Upgrade: unfrozen @ eslint/eslintrc (fixes #15036) (#15146)
• 2174a6f Fix: require-atomic-updates property assignment message (fixes #15076) (#15109)
• f885fe0 Docs: add note and example for extending the range of fix (refs #13706) (#13748)
• 3da1509 Docs: Add jsdoc `type` annotation to sample rule (#15085)
• 68a49a9 Docs: Update Rollup Integrations (#15142)
• d867f81 Docs: Remove a dot from curly link (#15128)
• 9f8b919 Sponsors: Sync README with website
• 4b08f29 Sponsors: Sync README with website
• ebc1ba1 Sponsors: Sync README with website
• 2d654f1 Docs: add example .eslintrc.json (#15087)
• 16034f0 Docs: fix fixable example (#15107)
• 07175b8 8.0.0-rc.0
• 71faa38 Build: changelog update for 8.0.0-rc.0
• 67c0074 Update: Suggest missing rule in flat config (fixes #14027) (#15074)
• cf34e5c Update: space-before-blocks ignore after switch colons (fixes #15082) (#15093)
• c9efb5f Fix: preserve formatting when rules are removed from disable directives (#15081)
• 14a4739 Update: `no-new-func` rule catching eval case of `MemberExpression` (#14860)
• 7f2346b Docs: Update release blog post template (#15094)
• fabdf8a Chore: Remove `target.all` from `Makefile.js` (#15088)
• e3cd141 Sponsors: Sync README with website
• 05d7140 Chore: document target global in Makefile.js (#15084)
• 0a1a850 Update: include `ruleId` in error logs (fixes #15037) (#15053)

See the full diff

Package name: nyc

The new version differs by 182 commits.

• e21721a chore(release): 14.0.0
• 8cf8a89 docs: update issue template [skip ci] (Validation fails for integer field values starting with 0 ajv-validator/ajv#1008)
• d7a9d6a chore: Update package-lock.json
• 189bae8 chore: Update dependencies for 14.0.0-rc.1
• 2eb13c6 feat: instrument `--complete-copy` implementation (An in-range update of js-beautify is breaking the build 🚨 ajv-validator/ajv#1056)
• c88a852 docs: `nyc instrument` and `--exclude-node-modules` (Custom formats for more data types ajv-validator/ajv#1039)
• c213469 feat: always build the processinfo temp dir (More Exhaustive ISO 8601 timezone offset support ajv-validator/ajv#1061)
• e597c46 feat: Add support for --exclude-node-modules to subcommands. (Invalid result of validate function and no errors! ajv-validator/ajv#1053)
• 8dcf180 feat: add processinfo index, add externalId (Update ajv.d.ts ajv-validator/ajv#1055)
• 32f75b0 fix: set processinfo pid/ppid to actual numbers (Error: unknown format "" is used in schema at path  ajv-validator/ajv#1057)
• 16d4315 chore: Stop excluding `bin` from coverage results. (How to use this library? ajv-validator/ajv#1060)
• b909575 fix: Use a single instance of nyc for all actions of main command. (How to generate a schema by an REST-Response? ajv-validator/ajv#1059)
• 997ed29 chore: Remove arrify dependency. (SyntaxError: Unexpected string ajv-validator/ajv#1058)
• 68d6333 docs: move setup docs out of the readme [skip ci] ("if" field always passes even with not existent required fields. ajv-validator/ajv#1052)
• 8da097e feat: add `include` and `exclude` options to instrument command (Validation fails for number field if no value ajv-validator/ajv#1007)
• 31817de chore: Update dependencies (any way to skip validation for a property of an object ajv-validator/ajv#1050)
• 18e04ba fix: make --all work for transpiled code (docs: regexp considerations ajv-validator/ajv#1047)
• b7e16cd feat: Support turning off node_modules default exclude via flag (New option to enhance default functionality ajv-validator/ajv#912)
• 3eb0e37 docs: A bunch of docs fix-ups ([question] Can parentSchema has $ref inside? ajv-validator/ajv#1038)
• 5c1eb38 test(instrument): should return unmodified source if no transform found (Testing ajv-validator/ajv#1036)
• 1f6c3d4 docs: project root directory and `--cwd` doc (Custom. Overload (reuse) present handlers ajv-validator/ajv#1032)
• 051d95a fix: Add `cwd` option to instrument command (Array/enum of allowed strings/values ajv-validator/ajv#1024)
• 91e02c6 chore: A few code cleanups (How I take the keywords value from schema where can not use $data? ajv-validator/ajv#1033)
• 2867538 feat: Rename `plugins` option to `parser-plugins`. (proposal: coerceTypes from strings only ajv-validator/ajv#1031)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.