[Snyk] Fix for 4 vulnerabilities

[aliscco]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • node_modules/json-schema-traverse/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	679/1000 Why? Has a fix available, CVSS 9.3	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962463	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: coveralls

The new version differs by 3 commits.

• 2ed4d09 major version bump for node > 4.x
• 5ebe57f bump version
• 428780c Expand allowed dependency versions to all API compatible versions ([Snyk] Fix for 5 vulnerabilities #172)

See the full diff

Package name: eslint

The new version differs by 250 commits.

• 80b8d5d 5.5.0
• b68e403 Build: changelog update for 5.5.0
• 6e110e6 Fix: camelcase duplicate warning bug (fixes #10801) (#10802)
• 5103ee7 Docs: Add Brackets integration (#10813)
• b61d2cd Update: max-params to only highlight function header (#10815)
• 2b2f11d Upgrade: babel-code-frame to version 7 (#10808)
• 2824d43 Docs: fix comment placement in a code example (#10799)
• 10690b7 Upgrade: devdeps and deps to latest (#10622)
• 80c8598 Docs: gitignore syntax updates (fixes #8139) (#10776)
• cb946af Chore: use meta.messages in some rules (1/4) (#10764)
• a857cd9 5.4.0
• 8dee250 Build: changelog update for 5.4.0
• a70909f Docs: Add jscs-dev.github.io links (#10771)
• 034690f Fix: no-invalid-meta crashes for non Object values (fixes #10750) (#10753)
• 11a462d Docs: Broken jscs.info URLs (fixes #10732) (#10770)
• 985567d Chore: rm unused dep string.prototype.matchall (#10756)
• f3d8454 Update: Improve no-extra-parens error message (#10748)
• 562a03f Fix: consistent-docs-url crashes if meta.docs is empty (fixes #10722) (#10749)
• 6492233 Chore: enable no-prototype-builtins in codebase (fixes #10660) (#10664)
• 137140f Chore: use eslintrc overrides (#10677)
• 2af6f4f 5.3.0
• 11e70c7 Build: changelog update for 5.3.0
• dd6cb19 Docs: Updated no-return-await Rule Documentation (fixes #9695) (#10699)
• 6009239 Chore: rename utils for consistency (#10727)

See the full diff

Package name: nyc

The new version differs by 21 commits.

• 4a6b327 chore(release): 13.0.1
• ae5318b chore: Update istanbul dependencies. ([Snyk] Fix for 1 vulnerabilities #896)
• d0b76e2 fix: Enable es-modules by default. ([Snyk] Fix for 1 vulnerabilities #889)
• 6b6cd5e fix: add flag to allow control of intrumenter esModules option, default to looser parsing ([Snyk] Fix for 4 vulnerabilities #863)
• c325799 docs: reference babel 7 in all places ([Snyk] Fix for 2 vulnerabilities #881)
• 7483ed9 fix: use uuid/v4 to generate unique identifiers. ([Snyk] Fix for 8 vulnerabilities #883)
• 8ab1ae3 chore: update dependencies ([Snyk] Security upgrade jest from 25.5.4 to 27.0.0 #872)
• 52b69ef fix: Update caching-transform options. ([Snyk] Security upgrade ava from 0.0.4 to 0.1.0 #873)
• 624a723 chore: update dependencies ([Snyk] Fix for 1 vulnerabilities #866)
• a5818f5 chore(release): 13.0.0
• f0d98a5 docs: update README.md with babel configuration info ([Snyk] Fix for 1 vulnerabilities #860)
• 893345a feat: allow rows with 100% statement, branch, and function coverage to be skipped in text report ([Snyk] Fix for 1 vulnerabilities #859)
• f09cf02 chore: update dependencies ([Snyk] Security upgrade jest from 25.5.4 to 27.0.0 #855)
• d0f654c fix: source was being instrumented twice, due to upstream fix in ista… ([Snyk] Fix for 3 vulnerabilities #853)
• adb310c chore(release): 12.0.2
• ddc9331 fix: stop bundling istanbul-lib-instrument due to npm issue on Node 6 ([Snyk] Fix for 5 vulnerabilities #854)
• b4c325b fix: don't bundle istanbul-lib-instrument due to Node 6 issues
• 9fc20e4 chore(release): 12.0.1
• 3e087d4 chore: upgrade to version of istanbul with optional catch binding ([Snyk] Security upgrade jest from 24.9.0 to 27.0.0 #851)
• eaf3f70 chore(release): 12.0.0
• 19b7d21 chore: upgrade to newest version of istanbul codebase ([Snyk] Fix for 1 vulnerabilities #848)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution