[Snyk] Fix for 1 vulnerabilities

[civilizador]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: concurrently

The new version differs by 58 commits.

• 105445c 6.2.2
• 875d375 Fix linting
• 7263ffe Remove read-pkg
• 8bcdf7f ci: add missing parallel coverage reporting step
• 24e51ad Add coveralls badge to readme
• b16585f ci: readd coveralls reporting
• 0bc490f 6.2.1
• c295062 Stop reading from stdin after programmatic API finishes (#253)
• 07a7de1 Update links to new GH org and remove travis+appveyor (#285)
• f574848 Fix link to substack blog post in README
• fe5c01c Add GH actions workflow
• 10ff00c Correctly reexport flow controllers
• becac73 6.2.0
• d38ab32 Include `killed` boolean in command result (#250)
• e8f0706 Make --restart-tries restart forever with negative value
• aad79fa 6.1.0
• ecf1c5b Change default text color to reset instead of gray.dim
• 70b92da Run npm audit fix
• ccb6b8d 6.0.2
• 330cf92 Fix input handler when input contains a colon (#269)
• 7710c21 Update lodash package (#271)
• e36e8c1 6.0.1
• 9fa0544 Fix cwd option not overwriting per command if specified in programmatic usage (#266)
• 343d1ab 6.0.0

See the full diff

Package name: passport-local-mongoose

The new version differs by 31 commits.

• 7ae942a chore(release): 6.0.0
• a5cc105 chore: switch to prettier and prettify
• e37894e chore: switch to latest 4x version on fastdl downloads
• 2c5d46d chore: renovate build matrix
• 6e5297e chore: remove cross-env and revert version to last released version
• b76a22e chore: remove default option for npm i
• 09d6c2b chore: bump dependencies in example package-lock.json
• 2e66b35 chore: bump dependencies in example
• feb196a chore: update dependencies
• 63ad94e chore: remove the never released 6.0.0 version from the changelog
• bc3122d chore: move updating from 1.0 to 2.0 near to end of readme
• 10f522a chore: remove codellama badge
• 1b74a3d chore: fix deprecated connect
• e190a3a chore: update drop-mongodb-collections
• c9b0a78 fix: make debug a dev dependency
• 83e5ad3 chore: add error messages to login form of example (#284)
• 40a1fc2 chore: more descriptive customValidator docs in readme (#285)
• aa3d16f chore: Add convenient link to API documentation (#287)
• ff7d718 chore: switch example from jade to pug
• 8215074 chore: update dependencies, npm audit fix (#282)
• 9ff1921 chore: update login example dependencies (#281)
• faa856a chore(release): 6.0.0
• 37375b8 fix: use Buffer.from instead of new Buffer
• 807d9cf fix: update dependencies and specify server port in tests

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)