[Snyk] Fix for 1 vulnerabilities

[jeremy001181]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: os-name

The new version differs by 3 commits.

• 238cb59 3.0.0
• 41930d4 Meta tweaks
• c716329 Require Node.js 6 and upgrade dependencies ([Snyk] Fix for 1 vulnerabilities #5)

See the full diff

Package name: semver

The new version differs by 168 commits.

• e7b78de chore: release 7.5.2
• 58c791f fix: diff when detecting major change from prerelease (fix: fix broken snyk help snyk/cli#566)
• 5c8efbc fix: preserve build in raw after inc (fix: temporarily remove new Gradle configuration options from help snyk/cli#565)
• 717534e fix: better handling of whitespace (#564)
• 2f738e9 chore: bump @ npmcli/template-oss from 4.14.1 to 4.15.1 (feat: preparation for go modules support snyk/cli#558)
• aa016a6 chore: release 7.5.1
• d30d25a fix: show type on invalid semver error (fix: Improve dockerfile instruction parser snyk/cli#559)
• 09c69e2 chore: bump @ npmcli/template-oss from 4.13.0 to 4.14.1 (#555)
• 5b02ad7 chore: release 7.5.0
• e219bb4 fix: throw on bad version with correct error message (Revert "chore: refactor auth to async await" snyk/cli#552)
• 503a4e5 feat: allow identifierBase to be false (chore: refactor auth to async await snyk/cli#548)
• fc2f3df fix: incorrect results from diff sometimes with prerelease versions (#546)
• 2781767 fix: avoid re-instantiating SemVer during diff compare (chore: Convert help command handling to typescript snyk/cli#547)
• 82aa7f6 chore: release 7.4.0
• 731d896 chore: enable CD (refactor: add types to args parser, simplify the code snyk/cli#545)
• 940723d fix: intersects with v0.0.0 and v0.0.0-0 (#538)
• aa516b5 fix: faster parse options (chore: convert config to ts snyk/cli#535)
• 61e6ea1 fix: faster cache key factory for range (fix: oracle linux version detection snyk/cli#536)
• f8b8b61 fix: optimistic parse (fix: remove incorrect Gradle logging snyk/cli#541)
• 796cbe2 fix: semver.diff prerelease to release recognition (chore: drop console.logs snyk/cli#533)
• 3f222b1 fix: reuse comparators on subset (fix: Use actual package manager on test runs snyk/cli#537)
• 113f513 feat: identifierBase parameter for .inc (fix: bump python plugin to fix bug with urls in req.txt snyk/cli#532)
• ea689bc chore: basic type test for RELEASE_TYPES
• c5d29df docs: Add "Constants" section to README

See the full diff

Package name: snyk-policy

The new version differs by 37 commits.

• cc835cc Merge pull request #48 from snyk/feat/semver-7
• 5a70662 feat: upgrade semver to 7
• 76b7ffc Merge pull request #44 from snyk/feat/drop-then-fs-2
• 74df76d feat: bump snyk deps to pick up then-fs drops
• 14b204a Merge pull request #45 from snyk/feat/update_node+_version
• 3303d2a feat: move policy to node 8
• a4aead4 Merge pull request #43 from snyk/feat/drop-then-fs
• 43d6ec1 feat: swap out then-fs for promise-fs
• dec6970 Merge pull request #41 from snyk/feat/prettier-dev
• 371ffc4 feat: prettier is a dev dependency
• 5a50d0e Merge pull request chore: 'npm run build' in appveyor snyk/cli#40 from snyk/feat/module
• 290a166 feat: bump snyk-module (no more node 6)
• 19ec76a Merge pull request #37 from snyk/chore/prettier
• 1e7f331 chore: prettier
• 997351c chore: intellij's var2const
• b143a76 Merge pull request #36 from snyk/chore/update_patch_fixture_urls
• eef4096 chore: Update fixtures to correct patch urls
• 8ca0f2f Merge pull request #35 from snyk/chore/debug
• 1ee77b9 fix: upgrade debug and skip some logging
• d261c06 Merge pull request #34 from snyk/feat/upgrade-module
• b5c1020 feat: remove @* logic so we hit the fast path
• f1bd932 feat: upgrade snyk-module
• 6f3b8ff Merge pull request #32 from snyk/chore/add-codeowners
• 286c556 chore: add codeowners file

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)