[Snyk] Fix for 14 vulnerabilities

[aliscco]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • node_modules/path-to-regexp/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	679/1000 Why? Has a fix available, CVSS 9.3	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962463	Yes	No Known Exploit
	641/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.4	Prototype Pollution SNYK-JS-JSON5-3182856	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	Yes	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASH-1040724	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-450202	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-608086	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-73638	Yes	Proof of Concept
	541/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-73639	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-MOUT-1014544	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-MOUT-2342654	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution npm:lodash:20180130	Yes	Proof of Concept
	414/1000 Why? Has a fix available, CVSS 4	Insecure use of Tmp files npm:sync-exec:20160124	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: standard

The new version differs by 250 commits.

• 39a54d3 6.0.0
• 3afcc2c CHANGELOG.md for 6.0.0
• 0b71b07 eslint-plugin-promise@1.0.8
• 4b725bd lock to latest deps
• 0a9a77b eslint-config-standard@5.0.0
• 48fb60c add eslint-config-standard-jsx
• 8802ea7 run standard on ourselves
• 6fbd66d test: add --disabled flag to run disabled tests
• 910eaa5 depend on eslint-plugin-promise
• f0d1983 Remove React-specific rules (fixes [Snyk] Fix for 3 vulnerabilities #351)
• 8a095f1 readme: add one more gotcha
• fbb66c4 package.json
• 44b551a remove one more usage of `win-spawn`
• f1ad085 eslint@^2.0.0-rc.0
• 1cdd9f5 clone test: ignore git output
• 22971ce use cross-spawn-async
• 3e2001d add standard-format instructions to --format
• 60d4a87 install babel in dev-deps for test repos that need it
• 134de73 use standard-packages@3
• f149307 cleanup
• 3c86923 remove standard-format. fixes [Snyk] Fix for 5 vulnerabilities #340
• 9b3a14d test: add --quiet option
• c59a55c test: test 500+ standard packages
• cb625b4 test: add command line --help test

See the full diff

Package name: typings

The new version differs by 23 commits.

• ce773a3 2.1.1
• 2dfd06b Avoid printing "no dependencies", print uninstall
• 657bd4a chore(package): update tslint-config-standard to version 5.0.0 ([Snyk] Security upgrade jest from 25.5.4 to 27.0.0 #788)
• 60aa87a chore(package): update tslint to version 5.0.0 ([Snyk] Security upgrade karma from 1.7.1 to 5.0.8 #786)
• 6afabc9 chore(package): update ts-node to version 3.0.0 ([Snyk] Security upgrade browserify from 9.0.3 to 12.0.0 #783)
• aba62db Update `typings-core` to latest build
• 04ff2fb Update TSLint
• 46d6ab3 fix(package): update update-notifier to version 2.0.0 ([Snyk] Security upgrade requests from 1.2.3 to 2.20 #770)
• 74a60d9 chore(package): update tslint-config-standard to version 3.0.0 ([Snyk] Fix for 1 vulnerabilities #761)
• 25309fd fix(package): update cli-truncate to version 1.0.0 ([Snyk] Fix for 1 vulnerabilities #758)
• a7e34df chore(package): update ts-node to version 2.0.0 ([Snyk] Fix for 1 vulnerabilities #752)
• afc99a2 v2.1.0
• fed00bf Update generated documentation
• 454fd1f Update bin-install.ts ([Snyk] Security upgrade nyc from 13.3.0 to 15.0.0 #744)
• ebecc13 Update README.md ([Snyk] Fix for 1 vulnerabilities #742)
• c67bd61 Update build to use native promises
• 23e4906 Document supported node versions in FAQ ([Snyk] Fix for 1 vulnerabilities #737)
• e42ec68 Update TSLint
• 68c9af7 chore(package): update tslint-config-standard to version 2.0.0 ([Snyk] Fix for 1 vulnerabilities #731)
• ffc6497 v2.0.0
• f36b453 fix(package): update typings-core to version 2.0.0 ([Snyk] Fix for 1 vulnerabilities #725)
• 4d76d44 Document effect of `NODE_ENV=production` on the `typings install` command ([Snyk] Fix for 1 vulnerabilities #721)
• af50263 chore: drop support for Node.js 0.10 ([Snyk] Security upgrade nyc from 13.3.0 to 15.0.0 #722)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution
🦉 Insecure use of Tmp files