[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: del-cli

The new version differs by 9 commits.

• b41c687 2.0.0
• 9e7c4eb Require Node.js 8 and upgrade to `del` 4
• ac49906 Create funding.yml
• 2a63a03 1.1.0
• 1dbc7e2 Meta tweaks
• d798ad1 Bump `del`
• f36cc2c 1.0.0
• 3ad9a2c ES2015ify and require Node.js 4
• 9ff3d3a Add related package to the readme

See the full diff

Package name: eslint

The new version differs by 250 commits.

• 879c373 6.6.0
• c8ba30a Build: changelog update for 6.6.0
• 39dfe08 Update: false positives in function-call-argument-newline (fixes #12123) (#12280)
• 4d84210 Update: improve report location for no-trailing-spaces (fixes #12315) (#12477)
• c6a7745 Update: no-trailing-spaces false negatives after comments (fixes #12479) (#12480)
• 0bffe95 Fix: no-misleading-character-class crash on invalid regex (fixes #12169) (#12347)
• c6a9a3b Update: Add enforceForIndexOf option to use-isnan (fixes #12207) (#12379)
• 364877b Update: measure plugin loading time and output in debug message (#12395)
• 1744fab Fix: operator-assignment removes and duplicates comments (#12485)
• 52ca11a Fix: operator-assignment invalid autofix with adjacent tokens (#12483)
• 0f6d0dc Fix: CLIEngine#addPlugin reset lastConfigArrays (fixes #12425) (#12468)
• 923a8cb Chore: Fix lint failure in JSDoc comment (#12489)
• aac3be4 Update: Add ignored prop regex no-param-reassign (#11275)
• e5382d6 Chore: Remove unused parameter in dot-location (#12464)
• 49faefb Fix: no-obj-calls false positive (fixes #12437) (#12467)
• b3dbd96 Fix: problematic installation issue (fixes #11018) (#12309)
• cd7c29b Sponsors: Sync README with website
• 8233873 Docs: Add note about Node.js requiring SSL support (fixes #11413) (#12475)
• 89e8aaf Fix: improve report location for no-tabs (#12471)
• 7dffe48 Update: Enable function string option in comma-dangle (fixes #12058) (#12462)
• e15e1f9 Docs: fix doc for no-unneeded-ternary rule (fixes #12098) (#12410)
• b1dc58f Sponsors: Sync README with website
• 61749c9 Chore: Provide debug log for parser errors (#12474)
• 7c8bbe0 Update: enforceForOrderingRelations no-unsafe-negation (fixes #12163) (#12414)

See the full diff

Package name: nyc

The new version differs by 250 commits.

• bebf4d6 chore(release): 15.0.0
• 2931730 chore: Update to final releases of dependencies (Unknown keys in object properties  ajv-validator/ajv#1245)
• d44ff19 chore: Update node-preload and use process-on-spawn (Bugfix should skip extendError if "error" option is "full" for custom keyword validate function ajv-validator/ajv#1243)
• 5258e9f feat: Filenames relative to project cwd in coverage reports (Bump eslint from 6.8.0 to 7.0.0 ajv-validator/ajv#1212)
• 6039f29 chore: Unpin test-exclude, update to latest pre-releases (additionalProperties considers properties with "undefined" value as additional ajv-validator/ajv#1240)
• f3c9e6c chore: Temporarily pin test-exclude (Document pre-compiled schemas for CSP in README ajv-validator/ajv#1239)
• 28ed746 chore: Lazy load modules that are rarely/never needed in test processes. (Switch cache implementation to Map or WeakMap / Performance Best Practices ajv-validator/ajv#1232)
• 7307626 chore: Remove cp-file module (TypeError: ajv_1.default is not a constructor  ajv-validator/ajv#1230)
• dfd629d fix: Better error handling for main execution, reporting (Bump mocha from 7.2.0 to 8.0.1 ajv-validator/ajv#1229)
• 549c953 chore: Update dependencies, pin find-cache-dir (Document creating pre-compiled schemas for CSP with ajv-cli ajv-validator/ajv#1228)
• a1dee03 chore: Update yargs (Bump typescript from 2.9.2 to 3.9.5 ajv-validator/ajv#1224)
• 8078a79 chore: Fix 404 in README.md. (Bump eslint from 6.8.0 to 7.1.0 ajv-validator/ajv#1220)
• 7a02cb7 chore: Add enterprise language (anyOf not running all async sub schemas ajv-validator/ajv#1217)
• ea94c7f chore: Remove unused functions (Bump typescript from 2.9.2 to 3.9.3 ajv-validator/ajv#1218)
• 53c66b9 docs: `npm home nyc` goes to github master branch README (docs: readme, update supported node versions ajv-validator/ajv#1201)
• cf5e5d3 chore: Update dependencies
• 8411a26 fix: Correct handling of source-maps for pre-instrumented files ([ajv.d.ts] Add missing argument for validateSchema function ajv-validator/ajv#1216)
• f890360 docs: Fix URL to default excludes in README.md (how to compare string values of two fileds and also compare value within array ajv-validator/ajv#1214)
• 3726bbb chore: Update to async version of istanbul-lib-source-maps (Can't validate draft-04 and draft-03 schema ajv-validator/ajv#1199)
• 0efc6d1 chore: Tweak arguments for async coverage data readers (JSON Schema 2019-09 and JTD (v8) ajv-validator/ajv#1198)
• cc77e13 chore: Add `use strict` to all except fixtures (Can use in global function that will be run concurrently by billons? ajv-validator/ajv#1197)
• bcbe1df chore: Update dependencies (Pass schema object to processCode function ajv-validator/ajv#1196)
• 2735ee2 chore: 100% coverage (Pass schema object to processCode function ajv-validator/ajv#1195)
• fd40d49 feat: Use @ istanbuljs/schema for yargs setup (Pass schema to processCode ajv-validator/ajv#1194)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic