[Snyk] Fix for 59 vulnerabilities

[snyk-levine]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • large-file/package.json
  • large-file/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	619/1000 Why? Has a fix available, CVSS 8.1	Prototype Pollution SNYK-JS-AJV-584908	No	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	679/1000 Why? Has a fix available, CVSS 9.3	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962463	Yes	No Known Exploit
	706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7	Remote Memory Exposure SNYK-JS-BL-608877	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	Proof of Concept
	584/1000 Why? Has a fix available, CVSS 7.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-HAWK-2808852	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTMLMINIFIER-3091181	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891	No	Proof of Concept
	641/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.4	Prototype Pollution SNYK-JS-JSON5-3182856	Yes	Proof of Concept
	509/1000 Why? Has a fix available, CVSS 5.9	Denial of Service (DoS) SNYK-JS-JSYAML-173999	No	No Known Exploit
	619/1000 Why? Has a fix available, CVSS 8.1	Arbitrary Code Execution SNYK-JS-JSYAML-174129	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-LOADERUTILS-3043105	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	No	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	Yes	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASH-1040724	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-450202	Yes	Proof of Concept
	731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2	Prototype Pollution SNYK-JS-LODASH-567746	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-608086	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-73638	Yes	Proof of Concept
	541/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-73639	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASHSET-1320032	No	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Prototype Pollution SNYK-JS-MINIMIST-2429795	Yes	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-MINIMIST-559764	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-MOUT-1014544	No	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-MOUT-2342654	No	Proof of Concept
	706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7	Server-side Request Forgery (SSRF) SNYK-JS-NETMASK-1089716	Yes	Proof of Concept
	706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7	Server-side Request Forgery (SSRF) SNYK-JS-NETMASK-6056519	Yes	Proof of Concept
	539/1000 Why? Has a fix available, CVSS 6.5	Information Exposure SNYK-JS-NODEFETCH-2342118	No	No Known Exploit
	520/1000 Why? Has a fix available, CVSS 5.9	Denial of Service SNYK-JS-NODEFETCH-674311	No	No Known Exploit
	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Remote Code Execution (RCE) SNYK-JS-PACRESOLVER-1564857	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	No	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Improper Input Validation SNYK-JS-POSTCSS-5926692	Yes	No Known Exploit
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	Yes	Proof of Concept
	676/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.1	Information Exposure SNYK-JS-REQUESTRETRY-2411026	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept
	/1000 Why?	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-536840	No	No Known Exploit
	/1000 Why?	Arbitrary Code Injection SNYK-JS-SERIALIZEJAVASCRIPT-570062	No	Proof of Concept
	/1000 Why?	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6056521	No	No Known Exploit
	/1000 Why?	Prototype Pollution SNYK-JS-SETVALUE-1540541	Yes	Proof of Concept
	/1000 Why?	Prototype Pollution SNYK-JS-SETVALUE-450213	Yes	Proof of Concept
	/1000 Why?	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	Yes	Proof of Concept
	/1000 Why?	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	No	No Known Exploit
	/1000 Why?	Arbitrary Code Injection SNYK-JS-UNDERSCORE-1080984	Yes	Proof of Concept
	/1000 Why?	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	Yes	No Known Exploit
	/1000 Why?	Regular Expression Denial of Service (ReDoS) SNYK-JS-USERAGENT-174737	Yes	No Known Exploit
	/1000 Why?	Prototype Pollution SNYK-JS-YARGSPARSER-560381	No	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:braces:20180219	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution npm:deep-extend:20180409	No	Proof of Concept
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution npm:hoek:20180212	Yes	Proof of Concept
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:mime:20170907	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:parsejson:20170908	No	No Known Exploit
	414/1000 Why? Has a fix available, CVSS 4	Insecure use of Tmp files npm:sync-exec:20160124	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:timespan:20170907	Yes	No Known Exploit
	576/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.1	Uninitialized Memory Exposure npm:tunnel-agent:20170305	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @cypress/browserify-preprocessor

The new version differs by 8 commits.

• d49ec2b fix: restore default export ([Snyk] Fix for 1 vulnerabilities #33)
• f097807 do not generate source maps in e2e test for now
• f9f56cd evaluated bundled code
• bd1724f add imports and exports e2e test
• 593eebd use Circle node orb
• 29e0c36 add circleci badge
• 46ba033 refactor e2e spec a little
• db73743 docs(onBundle): clarify onBundle ([Snyk] Security upgrade moment from 2.22.1 to 2.29.2 #30)

See the full diff

Package name: add-asset-html-webpack-plugin

The new version differs by 53 commits.

• da0dea5 docs: remove `david` from readme
• 7265aba fix: update globby to v11 ([Snyk] Fix for 6 vulnerabilities #248)
• b9bacc2 docs: update readme withcorrect version ranges
• 4073291 fix: update micromatch to v4 ([Snyk] Security upgrade express from 4.12.4 to 4.19.2 #199)
• 8387886 fix: remove the hash calculation if hash exists ([Snyk] Fix for 60 vulnerabilities #159)
• e84e7d5 fix: fix "compilation.emitAsset" with more than 1 HtmlWebpackPlugins ([Snyk] Security upgrade elliptic from 6.5.3 to 6.5.7 #236)
• 87590ef chore(ci): cancel in progress builds
• d37deb4 chore(deps): lock file maintenance ([Snyk] Fix for 1 vulnerabilities #224)
• 0a123f9 chore: lock down stack-utils
• c949ee0 chore: lock down anymatch dependency
• 49eaf2e chore(deps): bump hosted-git-info from 2.8.8 to 2.8.9 ([Snyk] Fix for 1 vulnerabilities #225)
• 75bf092 chore(deps): bump path-parse from 1.0.6 to 1.0.7 ([Snyk] Security upgrade tap from 5.8.0 to 12.0.2 #234)
• 316c03a chore(deps): update codecov/codecov-action action to v2 ([Snyk] Security upgrade bootstrap from 3.4.1 to 5.0.0 #232)
• ed9e132 chore(deps): bump tmpl from 1.0.4 to 1.0.5 ([Snyk] Fix for 1 vulnerabilities #237)
• c5cf273 chore(deps): bump ws from 5.2.2 to 5.2.3 ([Snyk] Security upgrade tap from 5.8.0 to 18.0.0 #244)
• 6a994ea chore: run tests on node 16 and 17 ([Snyk] Security upgrade tap from 5.8.0 to 18.0.0 #243)
• 42a345a chore(deps): bump browserslist from 4.16.3 to 4.16.6 ([Snyk] Security upgrade tap from 5.8.0 to 6.3.0 #227)
• 041b842 chore(deps): bump lodash from 4.17.20 to 4.17.21 ([Snyk] Fix for 1 vulnerabilities #223)
• 77fc7fb chore: lock down merge2
• af3572e chore: automerge lockfile PRs
• 718473c chore(deps): update actions/setup-node action to v2.1.5 ([Snyk] Security upgrade tap from 5.8.0 to 12.0.2 #205)
• 0ed36d8 chore: add renovate
• a467638 chore(deps): bump ssri from 6.0.1 to 6.0.2 ([Snyk] Security upgrade ejs from 1.0.0 to 3.1.10 #203)
• ca2fb77 chore: increase timeout for puppeteer test

See the full diff

Package name: anymatch

The new version differs by 18 commits.

• d474c82 Release 3.0.0.
• dd660f8 Update deps.
• 64ce747 Update types.
• bd27242 Fixes.
• e18de05 Update to picomatch-stable.
• 30fa2c3 Merge pull request [Snyk] Security upgrade moment from 2.15.1 to 2.29.2 #28 from leonardodino/fix-package-name
• 6b01ef6 Fix package name typo in README.md
• b500318 Remove line.
• 57e0193 Bring back arg passing.
• 13343b0 Cache patterns. Performance boost.
• 5ece3fd Switch to picomatch. Update deps.
• cece732 Fix declarations.
• 0065fca Update readme.
• 4518091 Readme.
• 1e69e91 Update.
• 9ef72e8 Changelog.
• cb143fe Improve type matching.
• 02257b9 New version. More strict. Drop returnIndex and startIndex params for now.

See the full diff

Package name: braces

The new version differs by 16 commits.

• abcf341 3.0.0
• 68a3fdf refactor
• bb5b5ba Remove appveyor from readme.
• 086008a travis: Drop sudo: false.
• 4ed704b add unit tests
• 60eb988 ranges
• 7b1abf0 Use proper nodejs versions for appveyor.
• 7b106b6 braces api
• 80eae1f Drop duplicate node v11 for travis.
• 58d868e windows support
• 27f7344 Appveyor: Drop support for nodejs <8 for now.
• 25424ec Drop support for nodejs <8 for now.
• ceef790 cover sets
• f5bf204 clean up examples
• 92ec96d start refactoring
• cd50063 2.3.2

See the full diff

Package name: chokidar

The new version differs by 201 commits.

• 7b8e02a Release 3.0.0.
• e7bfe2f Move stuff.
• df7f22e Remove changelog from npm, move to hidden dir.
• 3df7692 Improve naming.
• 6e94ca2 Clean-up.
• 2de2f9c test: Add testing of Node.js v12 in Travis pipeline. ([Snyk(Unlimited)] Upgrade @thebespokepixel/meta from 0.2.3 to 0.2.5 snyk-fixtures/npm-lockfiles#833)
• 9e0965a Fix Windows tests in Travis CI ([Snyk(Unlimited)] Upgrade truwrap from 0.8.1 to 0.8.4 snyk-fixtures/npm-lockfiles#832)
• c95a98f Update stuff.
• 187ff2b test: Trying to fix blinked tests for Travis CI. ([Snyk(Unlimited)] Upgrade adm-zip from 0.4.7 to 0.4.13 snyk-fixtures/npm-lockfiles#825)
• db99076 fix(Windows): Add converting from windows to unix path for all ignored paths. ([Snyk(Unlimited)] Upgrade debug from 2.0.0 to 2.6.9 snyk-fixtures/npm-lockfiles#824)
• 41f8782 fix(FsEvents): Remove situation with NaN depth. ([Snyk(Unlimited)] Upgrade color-convert from 1.9.2 to 1.9.3 snyk-fixtures/npm-lockfiles#823)
• 7cf3f7e Update readdirp to stable.
• 0927a62 Bump packages.
• 11cd857 Update nyc.
• 99c14d7 Uncomment fsevents.
• cf330a5 Update fsevents.
• 0e4fca5 Fix deps.
• 9c575d4 Fix Windows version ([Snyk(Unlimited)] Upgrade verbosity from 0.9.2 to 0.10.1 snyk-fixtures/npm-lockfiles#821)
• 3323d59 fix(Linux): Make event loop hack for keep testing valid. ([Snyk(Unlimited)] Upgrade @thebespokepixel/meta from 0.2.3 to 0.2.5 snyk-fixtures/npm-lockfiles#820)
• 06214c5 Update to latest readdirp.
• 793639f Rename osxfswatch.
• 078bc2d Refactor and fix freaking tests.
• 2b9bb41 Try node 11.
• 3fe3d4e Test travis.

See the full diff

Package name: css-loader

The new version differs by 71 commits.

• 634ab49 chore(release): 2.0.0
• 6ade2d0 refactor: remove unused file ([Snyk(Unlimited)] Upgrade term-ng from 0.8.1 to 0.8.5 snyk-fixtures/npm-lockfiles#860)
• e7525c9 test: nested url ([Snyk(Unlimited)] Upgrade lodash from 4.17.10 to 4.17.15 snyk-fixtures/npm-lockfiles#859)
• 7259faa test: css hacks ([Snyk(Unlimited)] Upgrade @thebespokepixel/string from 0.5.2 to 0.5.9 snyk-fixtures/npm-lockfiles#858)
• 5e6034c feat: allow to filter import at-rules ([Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#857)
• 5e702e7 feat: allow filtering urls ([Snyk(Unlimited)] Upgrade qs from 0.0.6 to 0.6.6 snyk-fixtures/npm-lockfiles#856)
• 9642aa5 test: css stuff ([Snyk(Unlimited)] Upgrade adm-zip from 0.4.7 to 0.4.13 snyk-fixtures/npm-lockfiles#855)
• 3338656 fix: reduce number of require for url ([Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#854)
• 533abbe test: issue 636 ([Snyk(Unlimited)] Upgrade qs from 0.0.6 to 0.6.6 snyk-fixtures/npm-lockfiles#853)
• 08c551c refactor: better warning on invalid url resolution ([Snyk(Unlimited)] Upgrade debug from 2.0.0 to 2.6.9 snyk-fixtures/npm-lockfiles#852)
• b0aa159 test: issue [Snyk(Unlimited)] Upgrade @thebespokepixel/meta from 0.2.3 to 0.2.5 snyk-fixtures/npm-lockfiles#589 ([Snyk(Unlimited)] Upgrade color-convert from 1.9.2 to 1.9.3 snyk-fixtures/npm-lockfiles#851)
• f599c70 fix: broken unucode characters ([Snyk(Unlimited)] Upgrade @thebespokepixel/es-tinycolor from 0.3.1 to 0.3.2 snyk-fixtures/npm-lockfiles#850)
• 1e551f3 test: issue 286 ([Snyk(Unlimited)] Upgrade verbosity from 0.9.2 to 0.10.1 snyk-fixtures/npm-lockfiles#849)
• 419d27b docs: improve readme ([Snyk(Unlimited)] Upgrade @thebespokepixel/meta from 0.2.3 to 0.2.5 snyk-fixtures/npm-lockfiles#848)
• d94a698 refactor: webpack-default ([Snyk(Unlimited)] Upgrade truwrap from 0.8.1 to 0.8.4 snyk-fixtures/npm-lockfiles#847)
• b97d997 feat: schema options
• 453248f fix: support module resolution in composes ([Snyk(Unlimited)] Upgrade term-ng from 0.8.1 to 0.8.5 snyk-fixtures/npm-lockfiles#845)
• 8a6ea10 refactor: postcss plugins ([Snyk(Unlimited)] Upgrade lodash from 4.17.10 to 4.17.15 snyk-fixtures/npm-lockfiles#844)
• fdcf687 fix: url resolving logic ([Snyk(Unlimited)] Upgrade @thebespokepixel/string from 0.5.2 to 0.5.9 snyk-fixtures/npm-lockfiles#843)
• 889dc7f feat: allow to disable css modules and disable their by default ([Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#842)
• ee2d253 test: importLoaders option ([Snyk(Unlimited)] Upgrade qs from 0.0.6 to 0.6.6 snyk-fixtures/npm-lockfiles#841)
• 1dad1fb feat: reuse postcss ast from other loaders (i.e `postcss-loader`) ([Snyk(Unlimited)] Upgrade adm-zip from 0.4.7 to 0.4.13 snyk-fixtures/npm-lockfiles#840)
• fe94ebc test: icss reserved keywords ([Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#839)
• 9eaba66 refactor: migrate on message api for postcss-icss-plugin ([Snyk(Unlimited)] Upgrade qs from 0.0.6 to 0.6.6 snyk-fixtures/npm-lockfiles#838)

See the full diff

Package name: engine.io-client

The new version differs by 2 commits.

• 1cbab34 [chore] Release 3.1.2
• 0b26bc3 [fix] Remove parsejson dependency ([Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#580)

See the full diff

Package name: esformatter

The new version differs by 53 commits.

• 899edf9 0.11.0
• 50a0d35 Updated tests to use node@12
• 4114fe8 Fixed lint errors
• 2189abb Bumped mockery@2.1.0
• 29304e2 Bumped jshint@2.10.2
• 489227a Bumped chai@4.2.0
• 3e8e190 Bumped strip-json-comments@3.0.1
• a469e34 Bumped supports-color@latest
• e4cf24c Bumped mocha@6.2.0
• 57bb6fb Bumped debug@4.1.1
• 6dc68d3 Bumped npm-run@5.0.1
• 505bb14 Merge branch 'issue-506' of github.com:mcandre/esformatter
• 6bfe5e4 Added package-lock.json
• 66663d2 Fix permission issue on pipe tests
• 7f87223 update npm-run
• 060ad53 update debug
• 29045f0 Merge pull request [Snyk(Unlimited)] Upgrade qs from 0.0.6 to 0.6.6 snyk-fixtures/npm-lockfiles#488 from langdonx/noop-arrowfunctions
• d08012a add prettier to "popular alternatives"
• ef52228 noop support for ArrowFunctionExpression
• 72e4d95 add MethodDefinitionComputedOpening and MethodDefinitionComputedClosing support. fixes [Snyk(Unlimited)] Upgrade truwrap from 0.8.1 to 0.8.4 snyk-fixtures/npm-lockfiles#470
• 3c1c2fa indent return arguments wrapped into parenthesis. fixes [Snyk(Unlimited)] Upgrade node-uuid from 1.4.0 to 1.4.8 snyk-fixtures/npm-lockfiles#465
• de57013 update README to include info about presets
• 4a4a3bb include doc/presets.md
• 2198969 0.10.0

See the full diff

Package name: eslint

The new version differs by 94 commits.

• 80b8d5d 5.5.0
• b68e403 Build: changelog update for 5.5.0
• 6e110e6 Fix: camelcase duplicate warning bug (fixes #10801) (#10802)
• 5103ee7 Docs: Add Brackets integration (#10813)
• b61d2cd Update: max-params to only highlight function header (#10815)
• 2b2f11d Upgrade: babel-code-frame to version 7 (#10808)
• 2824d43 Docs: fix comment placement in a code example (#10799)
• 10690b7 Upgrade: devdeps and deps to latest (#10622)
• 80c8598 Docs: gitignore syntax updates (fixes #8139) (#10776)
• cb946af Chore: use meta.messages in some rules (1/4) (#10764)
• a857cd9 5.4.0
• 8dee250 Build: changelog update for 5.4.0
• a70909f Docs: Add jscs-dev.github.io links (#10771)
• 034690f Fix: no-invalid-meta crashes for non Object values (fixes #10750) (#10753)
• 11a462d Docs: Broken jscs.info URLs (fixes #10732) (#10770)
• 985567d Chore: rm unused dep string.prototype.matchall (#10756)
• f3d8454 Update: Improve no-extra-parens error message (#10748)
• 562a03f Fix: consistent-docs-url crashes if meta.docs is empty (fixes #10722) (#10749)
• 6492233 Chore: enable no-prototype-builtins in codebase (fixes #10660) (#10664)
• 137140f Chore: use eslintrc overrides (#10677)
• 2af6f4f 5.3.0
• 11e70c7 Build: changelog update for 5.3.0
• dd6cb19 Docs: Updated no-return-await Rule Documentation (fixes #9695) (#10699)
• 6009239 Chore: rename utils for consistency (#10727)

See the full diff

Package name: expand-brackets

The new version differs by 9 commits.

• 58f2f1f 3.0.0
• 3060a56 Revert "Fix appveyor link"
• 232670e Fix appveyor link
• 7e996fb Update Readme
• 7c0bdfc Remove debug
• c204656 Merge pull request [Snyk] Fix for 1 vulnerabilities #9 from danez/update-snapdragon
• 8219034 Update snapdragon to 0.11
• cc56339 Merge pull request [Snyk] Security upgrade marked from 0.3.5 to 4.0.10 #7 from mjbvz/patch-1
• ae88242 Update Repository Urls

See the full diff

Package name: extglob

The new version differs by 7 commits.

• 0daa3ed 3.0.0
• dedd109 Merge pull request [Snyk] Security upgrade karma from 2.0.3 to 6.3.14 #12 from micromatch/snap-11
• e90b000 Use let/const
• ff338f9 Fix linting
• 8fdd4e2 Drop support for node <4
• 841c540 Update dependencies
• ed10fb2 Update snapdragon to 0.11

See the full diff

Package name: fast-glob

The new version differs by 200 commits.

• 03201ed fix(settings): set the `concurrency` option to count of CPUs
• d777111 build(package): drop unused dependencies
• e62d2d1 build(package): bump version to 3.0.0
• caeeda9 Merge pull request [Snyk] Security upgrade ejs from 1.0.0 to 3.1.10 #203 from mrmlnc/ISSUE-155_update_documentation
• 27ae4b2 docs(settings): update description of options
• 1f853bc docs(readme): update documentation
• 0ba6dc0 refactor(benchmark): update suites
• c1d686c refactor(index): export some userful types
• d64c24f build(benchmark): add suite for stream API
• 40a1096 Merge pull request [Snyk] Fix for 1 vulnerabilities #202 from mrmlnc/ISSUE-181_async_method_as_default_method
• ccde25e refactor: set async method as default method
• 87ed886 Merge pull request [Snyk] Fix for 1 vulnerabilities #201 from mrmlnc/issue-199_match_base_fix
• 68133f8 fix: the `baseNameMatch` option now work
• f4c443a refactor: `matchBase` → `baseNameMatch`
• c58ba78 test(smoke): add some smoke tests
• f3642dc Merge pull request [Snyk] Security upgrade lodash from 4.17.10 to 4.17.17 #200 from mrmlnc/fix_some_issues
• b32842d fix: support AsyncIterator for stream API
• 9b04800 refactor(settings): simplify the `deep` option
• 2b5bc54 fix(settings): correct default value for `throwErrorOnBrokenSymbolicLink`
• 9ab065b refactor: change some types
• 09f0107 feat: infer type of the output values
• a505273 feat: introduce `objectMode` option
• 111dbf1 refactor: drop `transform` option
• 2af2623 fix(providers): enable "posix" micromatch option

See the full diff

Package name: glob-all

The new version differs by 4 commits.

• b174f55 3.2.1
• 802f341 bump deps again
• 78d6c71 Merge pull request [Snyk] Security upgrade karma from 2.0.3 to 3.0.0 #17 from dfederm/master
• 3dc112c Bump dependencies

See the full diff

Package name: globby

The new version differs by 33 commits.

• 878ef6e 10.0.0
• 3706920 Upgrade `fast-glob` package to v3 ([Snyk] Security upgrade snyk from 1.389.0 to 1.685.0 #126)
• 8aadde8 Add `globby.stream` ([Snyk] Fix for 1 vulnerabilities #113)
• 2dd76d2 Remove `**/bower_components/**` as a default ignore pattern
• 9f781ce Require Node.js 8
• 04d51bf Upgrade `ignore` package ([Snyk] Fix for 1 vulnerabilities #120)
• 2b61484 Readme tweaks
• ff3e1f9 Tidelift tasks
• 31f18ae Create funding.yml
• 33ca01c Fix using the `gitignore` and `stats` options together ([Snyk] Fix for 1 vulnerabilities #121)
• c737820 Minor TypeScript definition improvements
• 82db101 Add Node.js 12 to testing ([Snyk] Fix for 1 vulnerabilities #117)
• 766b728 9.2.0
• dc0a49c Refactor TypeScript definition to CommonJS compatible export ([Snyk] Fix for 1 vulnerabilities #115)
• 89cee24 9.1.0
• 59f4b48 Add check to ensure `cwd` is a directory ([Snyk] Security upgrade qs from 0.0.6 to 6.2.4 #110)
• 9a9cf1e Add TypeScript definition ([Snyk] Fix for 1 vulnerabilities #111)
• eb26c7e Meta tweaks
• d77a623 Add failing test for [Snyk] Security upgrade decode-uri-component from 0.2.0 to 0.2.2 #105 ([Snyk] Security upgrade body-parser from 1.9.0 to 1.19.2 #108)
• 2294618 Deduplicate identical file patterns ([Snyk] Fix for 1 vulnerabilities #102)
• ba9c267 Add failing test for [Snyk] Fix for 3 vulnerabilities #97 ([Snyk] Security upgrade karma from 2.0.3 to 5.0.8 #100)
• 71b9c58 9.0.0
• 39ad0d9 Update dependencies
• d804228 Fix compatibility with latest `dir-glob` release ([Snyk] Fix for 1 vulnerabilities #99)

See the full diff

Package name: html-webpack-plugin

The new version differs by 250 commits.