[Snyk] Fix for 2 vulnerabilities

[aliscco]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • dependencies/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	Yes	No Known Exploit
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @typescript-eslint/eslint-plugin

The new version differs by 250 commits.

• 8894106 chore: publish v5.10.0
• 5046882 fix(type-utils): intersection types involving readonly arrays are now handled in most cases (Bump rubocop from 1.52.1 to 1.54.0 in /dependencies super-linter/super-linter#4429)
• 39a6806 fix(type-utils): isTypeReadonly now handles conditional types (Failed to deploy release to production super-linter/super-linter#4421)
• f4016c2 fix(eslint-plugin): [no-extra-semi] false negatives when used with eslint 8.3.0 (Bump @typescript-eslint/parser from 5.60.1 to 5.61.0 in /dependencies super-linter/super-linter#4458)
• 99ab193 fix(type-utils): union types always being marked as readonly (Don't hardcode major version in release builds super-linter/super-linter#4419)
• ef3147c fix(type-utils): check IndexSignature internals when checking isTypeReadonly (Failed to deploy release to production super-linter/super-linter#4417)
• 3061ea9 chore: bump @ babel/types from 7.16.7 to 7.16.8 (Bump astroid from 2.15.4 to 2.15.6 in /dependencies/python super-linter/super-linter#4454)
• e56f1e5 fix(eslint-plugin): [no-invalid-this] crash when used with eslint 8.7.0 (Theme software  super-linter/super-linter#4448)
• ba3d3a3 chore: bump eslint-plugin-jest from 25.3.4 to 25.7.0 (Bump prettier from 2.8.8 to 3.0.0 in /dependencies super-linter/super-linter#4456)
• 04cb5d8 chore: bump ts-jest from 27.1.2 to 27.1.3 (Bump @typescript-eslint/eslint-plugin from 5.60.0 to 5.61.0 in /dependencies super-linter/super-linter#4457)
• d8e296d chore: bump webpack from 5.65.0 to 5.66.0 (Bump stylelint from 15.10.0 to 15.10.1 in /dependencies super-linter/super-linter#4455)
• d053cde fix(eslint-plugin): [explicit-function-return-type] support AllowTypedFunctionExpression within AllowHigherOrderFunction (Failed to deploy to production super-linter/super-linter#4250)
• 8a30108 chore: bump eslint-visitor-keys from 3.1.0 to 3.2.0 (Bump boto3 from 1.26.138 to 1.28.1 in /dependencies/python super-linter/super-linter#4452)
• 377cbcf chore: bump rollup from 2.63.0 to 2.64.0 (update npm deps super-linter/super-linter#4450)
• daf7990 chore: bump @ types/prettier from 2.4.2 to 2.4.3 (Handle tflint deprecations super-linter/super-linter#4451)
• 4cb46ff chore: bump downlevel-dts from 0.7.0 to 0.8.0 (Bump scalameta/scalafmt from v3.7.3 to v3.7.7 super-linter/super-linter#4447)
• ff05dd8 test(type-utils): fix incorrect utils import (Bump rubocop from 1.52.1 to 1.54.1 in /dependencies super-linter/super-linter#4453)
• 95aea18 refactor(eslint-plugin): [restrict-plus-operands] add better error messages (Bump stylelint-config-recommended-scss from 11.0.0 to 12.0.0 in /dependencies super-linter/super-linter#4332)
• ea85dda test(type-utils): add basic tests for isTypeReadonly (v5.1.0 super-linter/super-linter#4416)
• c8e650f fix(eslint-plugin): [no-magic-numbers] handle bigint in class props (Bump snakemake from 7.28.3 to 7.30.1 in /dependencies/python super-linter/super-linter#4411)
• 253bfa3 docs: fix typo in comment (Typescript Standard linting broken in v5.0.0 super-linter/super-linter#4445)
• 4bda6ec chore: bump shelljs from 0.8.4 to 0.8.5 (Bump scalameta/scalafmt from v3.7.3 to v3.7.6 super-linter/super-linter#4442)
• 9eb0a5b chore: bump follow-redirects from 1.14.5 to 1.14.7 (Failed to deploy release to production super-linter/super-linter#4437)
• 1d55a75 feat: rename `experimental-utils` to `utils` and make `experimental-utils` an alias to the new package (Bump yoheimuta/protolint from 0.43.1 to 0.44.0 super-linter/super-linter#4172)

See the full diff

Package name: eslint-plugin-jest

The new version differs by 120 commits.

• 8befa12 chore(release): 25.0.4 [skip ci]
• afad49a fix: update `@ typescript-eslint/experimental-utils` to v5 ([Snyk] Security upgrade alpine from 3.14.0 to 3.16.7 #941)
• b2ed605 chore(release): 25.0.3 [skip ci]
• bd2c33c fix(valid-expect-in-promise): support awaited promises in arguments (Bump cljkondo/clj-kondo from 2021.06.01-alpine to 2023.10.20-alpine #936)
• d90a5dc chore(release): 25.0.2 [skip ci]
• 07d2137 fix(valid-expect-in-promise): support out of order awaits (Bump @typescript-eslint/eslint-plugin from 4.26.1 to 6.8.0 in /dependencies #939)
• e731bce chore: add patches to git
• cbea1d6 refactor(valid-expect-in-promise): remove duplicate check (Bump eslint from 7.28.0 to 8.52.0 in /dependencies #938)
• c171942 chore(deps): lock file maintenance
• d47fd25 chore(deps): lock file maintenance
• 4a3caa4 chore(deps): lock file maintenance
• 1748063 chore(release): 25.0.1 [skip ci]
• cb87458 fix: specify peer dependency ranges correctly
• 3a12aec chore(release): 25.0.0 [skip ci]
• 2dce752 Merge pull request Bump docker/setup-buildx-action from 1.3.0 to 3.0.0 #905 from jest-community/next
• 1ef8586 chore(release): 25.0.0-next.7 [skip ci]
• f3e9e9a feat(valid-describe): rename to `valid-describe-callback`
• b860084 feat(lowercase-name): rename to `prefer-lowercase-title`
• 3434d9b feat(prefer-to-be-undefined): remove rule
• 809bcda feat(prefer-to-be-null): remove rule
• 2a3376f feat: add `prefer-to-be` to style ruleset
• c5ccdca chore(release): 25.0.0-next.6 [skip ci]
• 6708bb8 Merge branch 'main' into next
• e277f79 chore(release): 24.7.0 [skip ci]

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncontrolled resource consumption

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.