[Snyk] Fix for 7 vulnerabilities

[aliscco]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • node_modules/propagate/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	484/1000 Why? Has a fix available, CVSS 5.4	Open Redirect SNYK-JS-GOT-2932019	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASHSET-1320032	Yes	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	Yes	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: semantic-release

The new version differs by 212 commits.

• 45695b9 fix(package): update @ semantic-release/commit-analyzer to version 8.0.0
• 3c7b114 fix(package): update @ semantic-release/release-notes-generator to version 9.0.0
• f2b5826 fix(package): update @ semantic-release/npm to version 7.0.0
• c48bd3a fix(package): update @ semantic-release/github to version 7.0.0
• bc97537 test: fix copy/paste typo in test titles
• c7e461d docs: add `@ saithodev/semantic-release-gitea` to community plugins
• ef1b8a0 chore(package): update ava to version 3.1.0
• bec57cd chore: require Node.js >=10.18
• c6b1076 fix: correct error when remote repository has no branches
• b54b20d fix: use `--no-verify` when testing the Git permissions
• 88fe819 docs: fix typo
• 559c152 docs(README): update minimal required Node version / FAQ link ([Snyk] Security upgrade jest from 25.5.4 to 27.0.0 #1422)
• 31e7876 docs(travis): build on all branches by default
• 8c0490d docs: replacing firefox plugin in the list ([Snyk] Security upgrade jest from 25.5.4 to 27.0.0 #1416)
• 6b5b02e fix: fetch tags on repo cached by the CI
• 28b5480 docs: correct plugin execution order
• 3739ab5 fix(package): update env-ci to version 5.0.0
• 11665b2 chore(package): update dependencies
• 0785a84 fix: update plugin versions
• 152bf45 Merge remote-tracking branch 'origin/beta'
• 3ba8f2a Merge remote-tracking branch 'origin/master' into beta
• a8c747d feat: pass `envi-ci` values to plugins context
• fc70726 chore: add Mockserver generated file to gitignore
• fc7205d fix: correctly display command that errored out in logs

See the full diff

Package name: tap

The new version differs by 250 commits.

• 8f2baa7 16.0.0
• 65e599e drop support for node v10
• 84fc6df docs: changelog for v16
• e6acf7b update coveralls documentation to say to install it
• 3c7b3ef document coveralls removal in the cli help output
• 43bf1df undocument synonyms
• 1ff75a4 make coveralls an optional peer dep
• 3f1ae47 Add eslint for linting
• 162c1a8 Support Typescript for --before and --after
• 28d2d03 Fix script on using node-tap with codecov
• 3a0e81c docs: fix broken link
• 1b636b2 Add jsonpath-faster
• c4bdeef fix typo `than` to `that`
• 20fbd40 Update Node.js min version to 10.x in CONTRIBUTING
• 90dda0b update cli doc
• 636ab18 15.2.3
• e609d8f docs: changelog for 15.2
• c182328 tap-parser@11.0.1
• f576a60 docs: setting t.snapshotFile
• d9fa241 libtap@1.3.0
• a02f33e update cli doc
• d1500b6 15.2.2
• b784d77 tap-parser@11
• 567384e update cli doc

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Open Redirect
🦉 Prototype Pollution
🦉 More lessons are available in Snyk Learn