[Snyk] Security upgrade serverless-offline from 3.15.3 to 5.0.0

[bermudez]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • nkc-webapp-admin-backend/package.json
  • nkc-webapp-admin-backend/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	589/1000 Why? Has a fix available, CVSS 7.5	Directory Traversal SNYK-JS-MOMENT-2440688	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOMENT-2944238	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) npm:content:20170908	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:content:20180305	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Insecure Randomness npm:cryptiles:20180710	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: serverless-offline

The new version differs by 250 commits.

• 8937d9a v5.0.0
• ad633d8 Merge pull request #654 from BorjaMacedo/master
• 62486b8 Merge pull request #680 from dnalborczyk/travis
• feeba79 Merge branch 'dnalborczyk-hueniverse'
• 0ebe5ee Remove node.js v11.x (end-of-life) from travis
• 3a8c820 Merge master, fix test cases
• 8ac8df9 cleanup
• 576bc24 Lint
• 7805fbd Update lock file
• a098ff0 Fix permissions
• c5e49cf Upgrade to hapi 18
• c064ae0 Merge pull request #673 from dl748/master
• f3c68f8 - Adding updated package-lock.json
• 85c1484 -- Packages Upgrade --
• 322a6e6 v4.10.6
• e3de153 Merge pull request #669 from leruitga-ss/master
• d4da3ec skip HEAD routes defined in resources
• 6748755 v4.10.5
• 06651cf Merge pull request #666 from dl748/master
• 985c059 #638 Fix for encoding, aws looks to not do encoding anymore
• da88ee3 v4.10.4
• a3e0bc5 Merge pull request #665 from Andorbal/master
• 8581cf5 Call cleanup as part of the callback and error handler instead of in the finally block to address another part of #659
• 91a9a7b v4.10.3

See the full diff

Some vulnerabilities couldn't be fully fixed and so Snyk will still find them when the project is tested again. This may be because the vulnerability existed within more than one direct dependency, but not all of the affected dependencies could be upgraded.

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Directory Traversal
🦉 Regular Expression Denial of Service (ReDoS)
🦉 Insecure Randomness
🦉 More lessons are available in Snyk Learn