[Snyk] Fix for 1 vulnerabilities

[aliscco]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • node_modules/eslint/node_modules/cross-spawn/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @commitlint/cli

The new version differs by 250 commits.

• ed437d2 v17.0.0
• daeeb49 chore(config-nx-scopes)!: migrate @ nrwl/tao to nx following 13.9.0 release (#3135)
• 8db72f0 fix: update dependency yargs to v17.5.1 (#3183)
• 2f68961 chore: deps (#3182)
• 63ddea8 chore: update chalk (#3181)
• 15e3c37 chore: update typescript (#3180)
• 6653220 chore: update jest monorepo (major) (#3144)
• ea5fa87 chore: update dependency husky to v8 (#3164)
• ac5f9b4 chore!: minimum node version v14 (#3128)
• 6dbc982 docs: remove scope-case rule #3157 (#3178)
• 95f6b7c docs: align subject case rule in readme #3159 (#3179)
• 0f86cbf chore: update dependency eslint-plugin-jest to v26.2.2 (#3177)
• 211f514 v16.3.0
• 522e4eb chore: update dependency eslint-plugin-jest to v26.2.0 (#3176)
• a214de9 chore: update dependency @ types/node to v12.20.52 (#3175)
• 956483b chore: update dependency @ types/node to v12.20.52 (#3174)
• d467f12 docs: fix package name in config-angular README (#3173)
• dd32d39 chore: update dependency @ nrwl/tao to v13.10.4 (#3172)
• e595693 feat: add ability to filter Nx projects in @ commitlint/config-nx-scopes (#3155)
• 4209622 chore: update dependency @ types/jest to v27.5.1 (#3170)
• 0e6542b fix: update dependency yargs to v17.5.0 (#3171)
• 66a9c99 chore: update dependency @ types/node to v12.20.51 (#3167)
• c641e80 chore: update dependency @ types/node to v12.20.51 (#3168)
• 64a9dd3 chore: update typescript-eslint monorepo to v5.23.0 (#3166)

See the full diff

Package name: babel-jest

The new version differs by 209 commits.

• 170eee1 fix: expose vm context directly from test envs (#9428)
• e818dca feat: add support for .mjs config (#9431)
• 8236779 Fix: Prevent maintaining RegExp state between multiple tests (#9289)
• f19adb1 chore: bump babel (#9427)
• 2ece4f9 Do not highlight matched asymmetricMatcher in diffs (#9257)
• 2839036 chore: sort entries in changelog
• 7ee717d Fix pretty-format to respect displayName on forwardRef. (#9422)
• abaea37 Normalize --findRelatedTests paths on win32 platforms (#8961)
• c8c4c4e jest-snapshot: Fix regression in diff for jest-snapshot-seriali… (#9419)
• 17f6c83 jest-reporters: Use global coverage thresholds as high watermarks (#9416)
• 72040d9 Avoid clashes with other globals in type declaration (#9415)
• 5e5db14 Images of snapshot colors for Jest 25 blog (#9410)
• a31fc41 jest-core: optimize collecting collectCoverageFrom (#9399)
• 7f69176 chore: bump deps (#9394)
• 5236155 chore: fix supporter fetching script on node 8
• 282f400 chore: fetch open collective supporters via gql api (#9377)
• 8c20a8d chore: deploy website when website deploy script changes (#9375)
• 4425a1f fix(website): make sure to fetch supporters when deploying the website
• 5014025 chore: bump @ types/micromatch to ^4.0.0 (#9369)
• 9419034 Resolve dynamic dependencies correctly when a mapping exists (#9303)
• a2fcda6 docs: Use `Object.defineProperty()` for stubbing global propert… (#9288)
• acb9c09 chore: fix examples dependencies (#9344)
• bc86f50 Add helpful link to custom transformer in the 'transform' confi… (#9309)
• 75843e3 chore: refresh lockfile (#9338)

See the full diff

Package name: eslint

The new version differs by 250 commits.

• 3dd6741 7.0.0
• 9a722f9 Build: changelog update for 7.0.0
• b98d8bd Upgrade: eslint-release@2.0.0 (#13271)
• 4c0b028 Fix: remove Node.js and CommonJS category from build process (#13242)
• 401a687 Chore: fix rules list for prereleases (#13230)
• 4ef6158 Breaking: espree@7.0.0 (#13270)
• b5c8d73 Docs: update 7.0.0 migration guide for consistency (#13267)
• 356fdb4 Docs: add migration guide (#12692)
• 015edf6 Sponsors: Sync README with website
• fdfa364 7.0.0-rc.0
• 8d1b4db Build: changelog update for 7.0.0-rc.0
• 0b1d65a Update: Improve report location for array-callback-return (refs #12334) (#13109)
• d85e291 Fix: yoda left string fix for exceptRange (fixes #12883) (#13052)
• 2ce6bed Chore: added tests for nested arrays (#13145)
• d3aac53 Update: report backtick loc in no-unexpected-multiline (refs #12334) (#13142)
• 8e7a2d9 Fix: func-call-spacing "never" reports wrong message (fixes #13190) (#13193)
• bcafd0f Update: Add ESLint API (refs New: ESLint Class Replacing CLIEngine eslint/rfcs#40) (#12939)
• 3eeae56 Upgrade: some (dev) deps (#13155)
• 6b7030b Chore: Run tests on Node.js v14 (#13210)
• ebc28d7 Fix: Remove default .js from --ext CLI option (#13176)
• 5c1bdeb Update: Improve report location for getter-return (refs #12334) (#13164)
• 56d2bee Docs: fix typos (#13204)
• e13256e Chore: use espree.latestEcmaVersion in config-initializer (#13157)
• e4f57b7 Chore: add nested array tests for array-element-newline (#13161)

See the full diff

Package name: eslint-config-moxy

The new version differs by 17 commits.

• d3a487d chore(release): 9.1.1
• e7a0c19 Merge pull request [Snyk] Fix for 4 vulnerabilities #76 from moxystudio/fix/babel-parser-rules
• c53cb82 fix: fix babel-parser addon not having new rules configured
• cab6d84 chore: update node version in package.json
• 3ee5af0 chore(release): 9.1.0
• 0ddb47d feat: add ECMA 2019 support (es10)
• 9454966 chore: adjust note about npm version
• bff6b61 chore(release): 9.0.1
• dcd65a9 fix: only override prefer-import for root config files
• 6ebb85b chore(release): 9.0.0
• 5e70b9f feat: update eslint to v6
• 97734e6 chore: standardize postrelease script (screpto)
• b52e035 chore(release): 8.1.0
• a56e79a feat: allow require for configs ([Snyk] Security upgrade mocha from 3.5.3 to 10.1.0 #72)
• b9d6b19 feat: enable jsx-fragment rule ([Snyk] Security upgrade mocha from 5.0.0 to 10.1.0 #71)
• 6b38251 chore(release): 8.0.0
• 7ad0a5c feat: add eslint-plugin-react-hooks ([Snyk] Fix for 3 vulnerabilities #70)

See the full diff

Package name: husky

The new version differs by 5 commits.

• 764a236 Update dependencies
• fe22db2 4.0.0
• d56d341 Update README.md
• e2ad780 Update README.md
• 0ffe785 Merge 4.0 ([Snyk] Security upgrade standard from 12.0.1 to 15.0.0 #625)

See the full diff

Package name: jest

The new version differs by 250 commits.

• 343532a v26.0.0
• 075854a chore: update changelog for release
• 68b65af v26.0.0-alpha.2
• d30a586 fix: disallow hook definitions in tests (#9957)
• 3375ac3 chore: remove unused prettier uninstall step from CI
• 0a63d40 fix: absolute path moduleNameMapper + jest.mock issue (#8727)
• 03dbb2f chore: fix watch mode test with utimes (#9967)
• 68d12d5 chore: skip broken test on windows (#9966)
• e8e8146 align circus with jasmine's top-to-bottom execution order (#9965)
• 968a301 Fix invalid re-run of tests in watch mode (#7347)
• 5d1be03 chore: fix windows CI (#9964)
• 2bac04f v26.0.0-alpha.1
• c665f22 feat: add `createMockFromModule` to replace `genMockFromModule` (#9962)
• 8147af1 chore: improve error on module not found (#9963)
• 71631f6 feat: add new 'modern' implementation of Fake Timers (#7776)
• d7f3427 chore: rename LolexFakeTimers to ModernFakeTimers (#9960)
• 2c7682c Update index.js (#9095)
• 5a16415 docs: Updated Testing Frameworks guide with React; make it generic (#9106)
• 4216b86 updated docs regarding testSequencer (#9174)
• 2e8f8d5 fix: handle `null` being passed to `createTransformer` (#9955)
• 7a3c997 jest-circus: throw if a test / hook is defined asynchronously (#8096)
• 42f920c chore: update ts-eslint (#9953)
• 3078172 Updated config docs with default transform value (#8583)
• b6052e0 Update jest-phabricator documentation (#8662)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)