[Snyk] Fix for 15 vulnerabilities

[kopax]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • examples/webpack/package.json
  • examples/webpack/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTMLMINIFIER-3091181	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Open Redirect SNYK-JS-NODEFORGE-2330875	Yes	Proof of Concept
	529/1000 Why? Has a fix available, CVSS 6.3	Prototype Pollution SNYK-JS-NODEFORGE-2331908	Yes	No Known Exploit
	494/1000 Why? Has a fix available, CVSS 5.6	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430337	Yes	No Known Exploit
	579/1000 Why? Has a fix available, CVSS 7.3	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430339	Yes	No Known Exploit
	494/1000 Why? Has a fix available, CVSS 5.6	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430341	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Improper Input Validation SNYK-JS-POSTCSS-5926692	Yes	No Known Exploit
	619/1000 Why? Has a fix available, CVSS 8.1	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-536840	Yes	No Known Exploit
	706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7	Arbitrary Code Injection SNYK-JS-SERIALIZEJAVASCRIPT-570062	Yes	Proof of Concept
	619/1000 Why? Has a fix available, CVSS 8.1	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6056521	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: css-loader

The new version differs by 80 commits.

• 634ab49 chore(release): 2.0.0
• 6ade2d0 refactor: remove unused file (No trace or debug information on fatal errors styleguidist/react-styleguidist#860)
• e7525c9 test: nested url (feat: change template container id to prevent clashes styleguidist/react-styleguidist#859)
• 7259faa test: css hacks (fix order for components and sections styleguidist/react-styleguidist#858)
• 5e6034c feat: allow to filter import at-rules (Chore: update to webpack 4 styleguidist/react-styleguidist#857)
• 5e702e7 feat: allow filtering urls (Snyk test fails due to old webpack-dev-server styleguidist/react-styleguidist#856)
• 9642aa5 test: css stuff (fix(package.json): Updating html-webpack-plugin, fixing compilation.m… styleguidist/react-styleguidist#855)
• 3338656 fix: reduce number of require for url (order for sections and components if they are in the same section styleguidist/react-styleguidist#854)
• 533abbe test: issue 636 (Use .babelrc for markdown generated examples styleguidist/react-styleguidist#853)
• 08c551c refactor: better warning on invalid url resolution (Use hr component in markdown styleguidist/react-styleguidist#852)
• b0aa159 test: issue Support for flow 53 styleguidist/react-styleguidist#589 (Build doesn't work styleguidist/react-styleguidist#851)
• f599c70 fix: broken unucode characters (can't get basic styled components with @component annotation jsdoc working styleguidist/react-styleguidist#850)
• 1e551f3 test: issue 286 (fix: configure webpack 4 styleguidist/react-styleguidist#849)
• 419d27b docs: improve readme (Is it possible to not document some components styleguidist/react-styleguidist#848)
• d94a698 refactor: webpack-default (Replace webpack with Parcel-Bundler? styleguidist/react-styleguidist#847)
• b97d997 feat: schema options
• 453248f fix: support module resolution in composes (StencilJs support with react renderer styleguidist/react-styleguidist#845)
• 8a6ea10 refactor: postcss plugins (refactor: introduce Table components for use in Markdown #613 styleguidist/react-styleguidist#844)
• fdcf687 fix: url resolving logic (Issue #774: Adding support to location array styleguidist/react-styleguidist#843)
• 889dc7f feat: allow to disable css modules and disable their by default (Wrap Examples in Fragment styleguidist/react-styleguidist#842)
• ee2d253 test: importLoaders option (Modifier to add whitespace between example components styleguidist/react-styleguidist#841)
• 1dad1fb feat: reuse postcss ast from other loaders (i.e `postcss-loader`) (Wrap examples in React.Fragment styleguidist/react-styleguidist#840)
• fe94ebc test: icss reserved keywords (Drop Node 4 support #744 styleguidist/react-styleguidist#839)
• 9eaba66 refactor: migrate on message api for postcss-icss-plugin (Fix broken link on the docs styleguidist/react-styleguidist#838)

See the full diff

Package name: dog-names

The new version differs by 15 commits.

• e946235 2.1.0
• b95fce5 Upgrade dependencies
• 27a44c8 Move to GitHub Actions ([Snyk] Fix for 1 vulnerabilities #7)
• 8adfbdf Avoid using `Array#reduce` ([Snyk] Fix for 1 vulnerabilities #6)
• 004c4e1 2.0.0
• a43619a Meta tweaks
• 0493e02 Require Node.js 8, add TypeScript definition ([Snyk] Upgrade prop-types from 15.6.2 to 15.7.2 #3)
• b07d62a add related project to readme
• 213433c upgrade to latest AVA
• 3ee5bc0 update tests for latest AVA version
• a97dc1c tweaks
• 1d430a4 simplify cli help creation
• 49a7090 minor package.json tweaks
• 1b4b37a Update readme.md
• 740e353 more related modules

See the full diff

Package name: react-styleguidist

The new version differs by 250 commits.

• a460fcc feat: Upgrade to Webpack 5 (WIP: Webpack 5 upgrade styleguidist/react-styleguidist#1996)
• 4c55077 Build(deps): Bump ua-parser-js in /examples/webpack (Build(deps): Bump ua-parser-js from 0.7.17 to 0.7.31 in /examples/webpack styleguidist/react-styleguidist#1928)
• e630725 Build(deps): Bump browserslist in /examples/webpack (Build(deps): Bump browserslist from 4.14.5 to 4.19.1 in /examples/webpack styleguidist/react-styleguidist#1927)
• 2c855fa Build(deps): Bump follow-redirects in /examples/react-native (Build(deps): Bump follow-redirects from 1.9.0 to 1.14.7 in /examples/react-native styleguidist/react-styleguidist#1924)
• 7f4d1fa Build(deps): Bump follow-redirects in /examples/preact (Build(deps): Bump follow-redirects from 1.9.0 to 1.14.7 in /examples/preact styleguidist/react-styleguidist#1921)
• d486074 Build(deps): Bump follow-redirects in /examples/customised (Build(deps): Bump follow-redirects from 1.9.0 to 1.14.7 in /examples/customised styleguidist/react-styleguidist#1920)
• 4861363 Build(deps): Bump follow-redirects in /examples/express (Build(deps): Bump follow-redirects from 1.9.0 to 1.14.7 in /examples/express styleguidist/react-styleguidist#1919)
• abfc18e Build(deps): Bump follow-redirects in /examples/sections (Build(deps): Bump follow-redirects from 1.9.0 to 1.14.7 in /examples/sections styleguidist/react-styleguidist#1917)
• 6d4c1e7 Build(deps): Bump follow-redirects in /examples/basic (Build(deps): Bump follow-redirects from 1.10.0 to 1.14.7 in /examples/basic styleguidist/react-styleguidist#1916)
• c66b152 Build(deps): Bump prismjs in /examples/styled-components (Build(deps): Bump prismjs from 1.16.0 to 1.26.0 in /examples/styled-components styleguidist/react-styleguidist#1913)
• 92518df feat: Webpack 5 support (Webpack 5 support styleguidist/react-styleguidist#1903)
• 6415cb6 Build(deps): Bump url-parse from 1.4.7 to 1.5.3 (Build(deps): Bump url-parse from 1.4.7 to 1.5.3 styleguidist/react-styleguidist#1896)
• 6ca3c4c chore: Add npm 'cache' to 'release' workflow (ci(release): add npm 'cache' to 'release' workflow styleguidist/react-styleguidist#1899)
• 7d62618 chore: Add npm 'cache' to 'danger' workflow (ci(danger): add npm 'cache' to 'danger' workflow styleguidist/react-styleguidist#1900)
• 9114b4a docs: Fix code block formatting in Maintenance.md (docs: Fix code block formatting in Maintenance.md styleguidist/react-styleguidist#1908)
• 54be33b chore: Add npm 'cache' to 'release' workflow (ci(coverage): add npm 'cache' to 'coverage' workflow styleguidist/react-styleguidist#1901)
• 48e98b8 chore: Add npm 'cache' to Node.js workflow (ci(node.js): add npm 'cache' to node.js workflow styleguidist/react-styleguidist#1898)
• 77a2a2e fix: Remove `is-directory`, use `fs` module directly (Remove is-directory, use fs module directly styleguidist/react-styleguidist#1897)
• 0a477a6 docs: Add more funding options
• 33b6796 Build(deps): Bump prismjs from 1.24.0 to 1.25.0 in /examples/webpack (Build(deps): Bump prismjs from 1.24.0 to 1.25.0 in /examples/webpack styleguidist/react-styleguidist#1892)
• 0ebf18b Build(deps): Bump prismjs from 1.24.0 to 1.25.0 in /examples/sections (Build(deps): Bump prismjs from 1.24.0 to 1.25.0 in /examples/sections styleguidist/react-styleguidist#1891)
• e2ee4a9 Build(deps): Bump prismjs from 1.24.0 to 1.25.0 in /examples/customised (Build(deps): Bump prismjs from 1.24.0 to 1.25.0 in /examples/customised styleguidist/react-styleguidist#1890)
• e97872a Build(deps): Bump prismjs from 1.24.0 to 1.25.0 in /examples/express (Build(deps): Bump prismjs from 1.24.0 to 1.25.0 in /examples/express styleguidist/react-styleguidist#1889)
• 4290c03 Build(deps): Bump tmpl from 1.0.4 to 1.0.5 (Build(deps): Bump tmpl from 1.0.4 to 1.0.5 styleguidist/react-styleguidist#1885)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Open Redirect
🦉 Prototype Pollution
🦉 More lessons are available in Snyk Learn