[Snyk] Fix for 5 vulnerabilities

[aliscco]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • node_modules/arrgv/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	679/1000 Why? Has a fix available, CVSS 9.3	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962463	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	Proof of Concept
	641/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.4	Prototype Pollution SNYK-JS-JSON5-3182856	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: ava

The new version differs by 250 commits.

• e1572d9 2.0.0
• 2daf6a9 Bump dependencies
• b1e54b1 By default, select test and helpers inside 'tests' directories
• 677578f Replace individual lodash packages with the main package
• a53ea15 Define environment variables to be injected in the test file processes
• 626e58c 2.0.0-rc.1
• 51433be Implement helper for our ESLint plugin
• c10e38c Remove underline from Babel configuration validation errors
• 928ed14 Bump dependencies
• 98034fb Make the object printing depth configurable (Treat status reports as non-critical github/codeql-action#2121)
• f26634b 2.0.0-beta.2
• 80d72ff Bump dependencies
• 5f4c96f Further helper selection improvements
• ba5cd80 Fix TypeScript definition allowing macro-without-title-using-tests to be skipped
• 13a89e1 Reduce size of logo in readme
• 799eb91 Update domain name
• cb4c809 Make watch mode dependency tracking work with custom require hooks
• 08e99e5 Treat .spec.js files as test files
• 91b7641 Use underscore-prefixed helpers in documentation
• c2d8218 Improve the TypeScript definition `ObservableLike` type
• 5bae97c Fix sample test in Flow recipe
• 2762d3c Fix require path in Babel recipe
• 05f925f Fix sample test in TypeScript recipe
• 8a3f6ca Remove mention of the obsolete `devtool` package

See the full diff

Package name: nyc

The new version differs by 87 commits.

• e21721a chore(release): 14.0.0
• 8cf8a89 docs: update issue template [skip ci] ([Snyk] Security upgrade eslint from 4.19.1 to 5.5.0 #1008)
• d7a9d6a chore: Update package-lock.json
• 189bae8 chore: Update dependencies for 14.0.0-rc.1
• 2eb13c6 feat: instrument `--complete-copy` implementation ([Snyk] Fix for 1 vulnerabilities #1056)
• c88a852 docs: `nyc instrument` and `--exclude-node-modules` ([Snyk] Fix for 1 vulnerabilities #1039)
• c213469 feat: always build the processinfo temp dir ([Snyk] Fix for 1 vulnerabilities #1061)
• e597c46 feat: Add support for --exclude-node-modules to subcommands. ([Snyk] Fix for 1 vulnerabilities #1053)
• 8dcf180 feat: add processinfo index, add externalId ([Snyk] Fix for 1 vulnerabilities #1055)
• 32f75b0 fix: set processinfo pid/ppid to actual numbers ([Snyk] Fix for 2 vulnerabilities #1057)
• 16d4315 chore: Stop excluding `bin` from coverage results. ([Snyk] Security upgrade mocha from 3.2.0 to 4.0.0 #1060)
• b909575 fix: Use a single instance of nyc for all actions of main command. ([Snyk] Fix for 2 vulnerabilities #1059)
• 997ed29 chore: Remove arrify dependency. ([Snyk] Fix for 13 vulnerabilities #1058)
• 68d6333 docs: move setup docs out of the readme [skip ci] ([Snyk] Security upgrade jest from 27.5.1 to 29.0.0 #1052)
• 8da097e feat: add `include` and `exclude` options to instrument command ([Snyk] Fix for 7 vulnerabilities #1007)
• 31817de chore: Update dependencies ([Snyk] Fix for 1 vulnerabilities #1050)
• 18e04ba fix: make --all work for transpiled code ([Snyk] Fix for 1 vulnerabilities #1047)
• b7e16cd feat: Support turning off node_modules default exclude via flag ([Snyk] Fix for 1 vulnerabilities #912)
• 3eb0e37 docs: A bunch of docs fix-ups ([Snyk] Fix for 6 vulnerabilities #1038)
• 5c1eb38 test(instrument): should return unmodified source if no transform found ([Snyk] Fix for 1 vulnerabilities #1036)
• 1f6c3d4 docs: project root directory and `--cwd` doc ([Snyk] Security upgrade tap from 10.7.3 to 16.0.0 #1032)
• 051d95a fix: Add `cwd` option to instrument command ([Snyk] Fix for 1 vulnerabilities #1024)
• 91e02c6 chore: A few code cleanups ([Snyk] Fix for 4 vulnerabilities #1033)
• 2867538 feat: Rename `plugins` option to `parser-plugins`. ([Snyk] Security upgrade tap from 14.11.0 to 16.0.0 #1031)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution