[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: nodemon

The new version differs by 16 commits.

• ee92ee4 test: split require tests
• 33ae6da test: fix failing test when required
• a4490e2 fix: package.json & package-lock.json to reduce vulnerabilities
• 9bd07eb docs: changed verbose logging and CLI documentation to reflect support single file watch functionality
• c279760 test: make sigint test to actually check child pid (#1656)
• cd45d74 test: fix fork test
• 496c335 chore: undo change to spawn code
• 47dfb8b fix: pipe stderr correctly
• ed91703 fix: ubuntu loop waiting for sub processes
• 9a67f36 feat: update chokidar to v3
• 6781b40 docs: add license file
• 0e6ba3c fix: wait for all subprocesses to terminate (fixes issue #1476)
• b58cf7d chore: Merge branch 'master'
• 95a4c09 docs: add to faq
• 3a2eaf7 choe: merge master
• 3d90879 chore: add logo to site

See the full diff

Package name: npm

The new version differs by 250 commits.

• 30a9844 7.21.0
• 0b2cd9d update AUTHORS
• 06461ec docs: changelog for v7.21.0
• 771a1cb chore(tests): fix snapshots
• 71cdfd8 spdx-license-ids@3.0.10
• 94f92de make-fetch-happen@9.0.5
• 7ac621c smart-buffer@4.2.0
• 218caca is-core-module@2.6.0
• ff6626a fix(docs): update npm-publish access flag info
• b6f40b5 tar@6.1.10
• e9e5ee5 @ npmcli/arborist@2.8.2
• 991a3bd read-package-json@4.0.0
• f077724 init-package-json@2.0.4
• 68a19bb fix(error-message): look for er.path not er.file
• ff34d6c feat(cache): initial implementation of ls and rm
• 8183976 normalize-package-data@3.0.3
• df57f0d @ npmcli/run-script@1.8.6
• 487731c fix(logging): sanitize logged argv
• 7a58264 chore(ci): check that docs are up to date in ci
• 22f3bbb chore(docs): add more 'autogenerated' comments
• 4314490 fix(docs): revert auto-generated portion of docs
• 32e88c9 fix(did-you-mean): switch levenshtein libraries
• 59b9851 7.20.6
• 2591e67 update AUTHORS

See the full diff

Package name: postcss-cli

The new version differs by 103 commits.

• 745ad2c 7.0.0
• cf6ea09 Update eslint config
• ea1cec4 Update eslint-config-problems to version 3.1.0 (Update github to version 2.0.0 🚀 alanshaw/david-www#306)
• 1519430 Update globby to version 10.0.1 (?path= no longer working alanshaw/david-www#303)
• 5b47456 Update eslint to version 6.8.0 (npm@3.10.2 breaks build 🚨 alanshaw/david-www#305)
• e241672 Update nyc to version 15.0.0 (npm@3.9.6 breaks build 🚨 alanshaw/david-www#297)
• 4a87ff1 Update chalk to version 3.0.0 (Update github to version 1.1.2 🚀 alanshaw/david-www#294)
• e666505 Update prettier to version 1.19.1 (semver@5.1.1 breaks build 🚨 alanshaw/david-www#304)
• 0d3591a Update ava to version 2.4.0 (Update github to version 1.4.0 🚀 alanshaw/david-www#302)
• cb9f451 Update fs-extra to version 8.1.0 (Update github to version 1.3.0 🚀 alanshaw/david-www#301)
• 4f68a46 Update chokidar to version 3.3.0 (Update github to version 1.2.1 🚀 alanshaw/david-www#300)
• 5c22ddb Update yargs to version 15.0.2 (Update github to version 1.2.0 🚀 alanshaw/david-www#298)
• 79eb0ac Update get-stdin to version 7.0.0 (Update grunt-cli to version 1.1.0 🚀 alanshaw/david-www#273)
• 71384c6 Update Travis config; remove AppVeyor
• 6b92df3 BREAKING: Drop Node 6 & 8; test on new Node versions
• 7091819 6.1.3
• 0de7ccf Fix map file path creation ([WIP] [Question] Add a token to badges for private repos alanshaw/david-www#286)
• f1c7352 Update prettier to version 1.18.0 (ecstatic version 1.4 is classified as insecure alanshaw/david-www#281)
• 035bab8 Update nyc to version 14.0.0 (Upload package.json file to test dependencies alanshaw/david-www#274)
• 541048e Update prettier to version 1.17.0 (Update grunt-cli to version 1.0.1 🚀 alanshaw/david-www#272)
• 8fd79b0 6.1.2
• 72376fc Upgrade prettier to ~1.16.4
• 87a7286 Update globby to v9.0.0 (Bypass cache for logged in status alanshaw/david-www#270)
• c079cff Test Node 10 & 11

See the full diff

Package name: standard

The new version differs by 250 commits.

• 866a666 package metadata
• 34a39d2 update authors
• 5a63a03 15.0.0
• 36cbcd8 changelog
• ab0e7a5 update deps
• 3d0ea44 eslint-config-standard-jsx 9.0.0
• 8c0513a eslint-config-standard 15.0.0
• c8c255c changelog
• 1af9b8a use "Indonesian" since it's the language name
• c0fd567 remove sponsor link
• b926ce2 remove spammy standard user link
• 1cc9df7 changelog
• 8e06e4f hallmark 3
• e4c002a bump deps
• 8bdade1 Merge pull request #1516 from pikadun/patch-1
• 0c27f99 Merge pull request #1544 from yoga1234/master
• 59b03fb Merge pull request #1461 from munierujp/update_japanese_docs
• fd72454 Merge pull request #1545 from logustra/add-jublia-to-users
• 1de7656 Merge pull request #1547 from kidonng/patch-1
• 6558034 add 14.3.4 changelog
• e1fa03e Update eslint to 7.11.0
• 4a0e8b0 changelog
• 4a84e61 remove weird whitespace
• 523f004 Merge pull request #1519 from standard/eslint7

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic