[Snyk] Security upgrade npm-lifecycle from 2.1.0 to 3.1.5

[bumplzz69]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	619/1000 Why? Has a fix available, CVSS 8.1	Prototype Pollution SNYK-JS-AJV-584908	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	579/1000 Why? Has a fix available, CVSS 7.3	Arbitrary File Overwrite SNYK-JS-FSTREAM-174725	Yes	No Known Exploit
	644/1000 Why? Has a fix available, CVSS 8.6	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	Yes	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	Yes	No Known Exploit
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Prototype Pollution SNYK-JS-MINIMIST-2429795	Yes	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-MINIMIST-559764	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Prototype Poisoning SNYK-JS-QS-3153490	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: npm-lifecycle

The new version differs by 30 commits.

• bfb6f73 chore(release): 3.1.5
• 26586a4 chore: update project settings
• e2270ff chore(release): 3.1.4
• 10c0c08 fix: filter functions and undefined out of makeEnv
• 188414a chore(release): 3.1.3
• e0e1b62 fix: fail properly if uid-number raises an error
• 355ad53 chore(release): 3.1.2
• 53e6318 fix: do not exclude /path/ from process.env copying
• 30ffaa6 3.1.1
• e022d22 fix: Set every path, merge every path
• d84f299 chore: update test snapshots with snap command
• c797bfb test: make snapshots cross-node-version
• d97ded5 chore(release): 3.1.0
• 9986486 test: add test for getting spawn args
• 051cf20 fix switches for alternative shells on Windows
• 3aaf954 fix: set only one PATH env variable for child proc
• d391b04 test: add test for win32 path environ selection
• 5523951 feat(process.env.path): Use platform specific path casing if present
• ea18ed2 fix: remove procInterrupt listener on SIGINT in procError
• ab15975 update deps
• b6260aa chore(release): 3.0.0
• 3c5aae6 node-gyp@5.0.2
• 07809fb revert tap update to test on node 6
• cf5f5ca chore(release): 2.1.1

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution
🦉 Regular Expression Denial of Service (ReDoS)