[Snyk] Fix for 1 vulnerabilities

[abhijitkane]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: istanbul

The new version differs by 47 commits.

• 89e338f 0.4.5
• 7efe4dc update changelog, contributors
• da79378 Merge pull request #673 from popomore/swap-fileset-for-glob
• 58f4c90 swap fileset for glob
• fef889b Merge pull request #657 from djorg83/master
• 91bb666 log filename when file fails to parse using esprima
• 5dbd62c 0.4.4
• 5642fb4 Update changelog, contributors
• f4195bb Merge pull request #507 from Victorystick/es-modules-support
• c521035 Merge pull request #628 from inversion/use-tmp-dir
• 66fffdc Merge pull request #597 from JamesMGreene/patch-1
• dfcab10 Merge pull request #627 from a0viedo/patch-1
• abec3ae Merge pull request #625 from ChALkeR/tmpdir
• a9aaf53 tmp dir setting was being ignored in TmpStore
• 522f465 link build badge to master branch
• 0b5e80d use os.tmpdir() instead of os.tmpDir()
• 5069661 Set "medium" coverage CSS color scheme to yellow
• 0e8c350 Merge pull request #587 from clickthisnick/chore-remove-trailing-spaces
• fc3ba35 0.4.3
• b3de106 Update changelog, contributors
• bb5b6e1 Merge pull request #579 from jtangelder/fix-colors
• 0411600 return plain string when an invalid clazz is given
• a556a5e Merge pull request #552 from abejfehr/patch-1
• 369ed49 Merge pull request #545 from pra85/patch-1

See the full diff

Package name: jscs

The new version differs by 23 commits.

• 4d420d3 2.8.0
• 1dcc96d Misc: add 2.8.0 changelog
• d0fd51a Revert "New rule: requireObjectShorthand"
• 0e269c5 New rule: requireObjectShorthand
• defc537 maximumLineLength: improve `functionSignature` option
• 12a2206 `maximumLineLenght` - rewrite `allowFunctionSignature` handling
• 66f3f47 `maximumLineLength`: abstract common boilerplate into local `removeLoc` function
• a8517fe maximumLineLength spec: functions in variables should test all variations
• a2827a2 maximumLineLength spec: add `should report functions within comments`
• 4f12ed3 maximumLineLength spec change: should *not* report functions stored in variables
• d2d3bfe maximumLineLength spec: add `should not report functions within IIFE blocks`
• 04b3274 Internal: inline visitor-keys temporarily
• 1afee41 disallowNewlineBeforeBlockStatements: add `allExcept` option
• c1afd2e disallowAnonymousFunctions: Added explanations about the rule
• 1b693db Preset: Update airbnb preset braces/bracket spacing
• 95dc04b requirePaddingNewLinesAfterBlocks: Improve jsx logic
• b6dc5a3 Tests: make linters happy
• 15c2484 string-checker: clean max-error logic and tests
• bf6c882 Tests: do not break in .10 node
• 4158f1a disallowDanglingUnderscores: do not rewrite `__proto__` property
• 89b0440 Docs: add npm version badge
• 39f84cb requireCamelCaseOrUpperCaseIdentifiers: improve `ignoreProperties` opt
• f601bf5 Docs: move maxErrors example to the correct place

See the full diff

Package name: jshint

The new version differs by 197 commits.

• f00091c v2.9.3
• 0325f86 [[CHORE]] Update dependency: cli (#3010)
• ae9ae5b [[DOCS]] Fixed spelling of my name
• 179a9d6 [[FIX]] Support semicolons within arrow fn params (#3003)
• 56c95d0 [[FIX]] Allow Expression within for-in head
• a801433 [[FIX]] Support `y` RegExp flag in ES2015 code (#2999)
• 17b71b5 Correct parsing of YieldExpression (#2978)
• ee0acab [[FIX]] Add TypedArray globals for ES2015
• d1638bc [[CHORE]] Refactor directive parsing logic (#2992)
• 330d429 [[FIX]] Avoid crash when peeking past end of prog (#2937)
• d800e44 [[FIX]] Disallow Import declarations below top lvl
• 039ee2e [[FIX]] Correctly recognize asi after directives
• f34428e Run CI in "latest" and "LTS" releases of Node.js (#2945)
• 3ef7a03 [[FIX]] Correct interpretation of ASI (#2977)
• 97fefb7 [[FIX]] Correct behavior of singleGroups (#2951)
• 05d7a31 [[CHORE]] Update minimatch
• e3e745b [[FEAT]] Error for literals on rhs of `instanceof`
• 78cf7c1 [[DOCS]] Add thanks for former maintainers
• b554ffe v2.9.2
• 47daf76 [[FIX]] Correct CLI's indentation offset logic
• 2f127ef [[TEST]] Update expected warning message
• 29dd071 [[DOCS]] Correct URL
• b1c8d5b [[FIX]] Reserve `await` keyword in ES6 module code
• 4a43fb9 [[FIX]] Emit correct token value from "module" API

See the full diff

Package name: sails

The new version differs by 250 commits.

• 51b1037 0.12.4
• f6c842c Bump captains-log dependency and mocha devDep + update changelog accordingly.
• a4d963b Fix typo in ROADMAP ("affect"=>"effect")
• fba3d17 Merge branch 'master' of github.com:balderdashy/sails
• c962fae 0.12.4-rc3
• 5b3f175 Summarized the rest of the mostly-final v1 roadmap notes
• 358b6e5 Add some of the more recent decisions to the v1 ROADMAP
• a551270 add entry re captains-log fix for extra quotes around logged data in certain scenarios
• ca22ba6 Bump captains-log to prerelease version to pick up the recent updates. Bump mocha to 3.0 prerelease to get rid of deprecation msgs. Also loosen semver ranges on mp-fs/mp-process devDeps.
• 2fb022a Fixes tests by switching back to using == in RPS tests for consistency (although we should change these over for clarity down the road).
• cb5619a Improve robustness of pubsub/context test to explicitly call out race conditions and identify issues w/ tests on Travis.
• a27513e 0.12.4-rc2
• 5f1d3ed Update changelog
• 14424b3 Merge branch 'update-grunt'
• a5ab134 Use `.read()` to get response body instead of accessing internal buffer directly
• 21faae4 Upgrade grunt-sync dependency
• 5f6be05 Update Grunt dependencies
• d42d598 Update mocha dependency
• 2a3f5b0 Move fs-extra to a devDependency
• f606da5 Merge pull request #3770 from treehouseaustin/tests/remove-wrench
• 5068d48 Merge branch 'mmcev106-master'
• 119fc7f Further copy edits to test/README.md
• 51a66c4 Merge branch 'master' of https://github.com/mmcev106/sails into mmcev106-master
• 1a06d9f Clean up changelog

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)