[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: bookshelf

The new version differs by 250 commits.

• bad8157 Fix wrong model being saved in PostgreSQL test
• f0d7d63 Fix empty previousAttributes in collection models
• ebe3c5c Reword some test cases
• 00b0f93 Add tests for previousAttributes in collections
• 3cdfa6e Add event related tests for previousAttributes()
• 54554b7 Create previous attributes using deepClone
• aef8244 Merge branch 'master' into rg-previous-attributes
• 75492e7 Add new events guide
• fc66733 Rename test case to make it more obvious
• 32add1b Merge pull request #1876 from okuyiga/feature/fix-nested-json-bug
• 8259d71 Create CNAME
• 5b5b7f9 Merge pull request #1909 from bookshelf/rg-new-docs
• 7b33289 Remove link from project title
• e5fb28e Replace gh-pages with docs directory in master
• 6551c02 Update plugin doc
• 2694023 Update the structure of tutorials and add index
• a9c41fc Update jsdoc theme package version
• 7d91423 Refactor changelog format so it's more consistent
• 55d0c30 Merge pull request #1903 from bookshelf/greenkeeper/lint-staged-8.0.0
• 85e831a Merge pull request #1907 from chentsulin/husky-v1
• 7831afb Merge pull request #1900 from chentsulin/patch-2
• 7b61c04 upgrade husky to v1
• dabce4e refactor: model.save using computed property name
• 12bff36 Merge pull request #1904 from travnels/Turbocolor-to-Colorette

See the full diff

Package name: chalk

The new version differs by 53 commits.

• 3fca615 2.0.0
• f66271e Add tagged template literal (#163)
• 23ef1c7 fix linter errors
• c015568 add rainbow example
• 09fb2d8 Re-implement `chalk.enabled` (#160)
• 608242a spoof supports-color
• 18f2e7c add host information output
• 523b998 Revert "TEMPORARY: emergency travis CI fix (see comments)"
• 54975fb TEMPORARY: emergency travis CI fix (see comments)
• 1d73b21 Improve readme
• 6f4d6b3 Bump dependencies
• 8702496 Remove `chalk.styles`
• 0412cdf Minor code improvements
• 249b9ac ES2015ify the codebase
• cb3f230 Add RGB (256/Truecolor) support (#140)
• dbae68d Update dependent package count in the readme (#154)
• 9b60021 Drop support for Node.js 0.10 and 0.12
• 0d21449 check parent builder object for enabled status (#142)
• 5a69476 add XO badge
• 492f11f add example file
• 4ce73b6 make XO happy
• 7c02cf4 Add log statement to chalk examples (#129)
• 835ca3d You've just reached 10,000 dependent modules. (#122)
• 74c087d minor doc improvements (#120)

See the full diff

Package name: del-cli

The new version differs by 9 commits.

• b41c687 2.0.0
• 9e7c4eb Require Node.js 8 and upgrade to `del` 4
• ac49906 Create funding.yml
• 2a63a03 1.1.0
• 1dbc7e2 Meta tweaks
• d798ad1 Bump `del`
• f36cc2c 1.0.0
• 3ad9a2c ES2015ify and require Node.js 4
• 9ff3d3a Add related package to the readme

See the full diff

Package name: eslint

The new version differs by 250 commits.

• b7d79b1 7.3.0
• bf98627 Build: changelog update for 7.3.0
• 638a6d6 Update: add missing `additionalProperties: false` to some rules' schema (#13198)
• 949a5cd Update: fix operator-linebreak overrides schema (#13199)
• 9e1414e New: Add no-promise-executor-return rule (fixes #12640) (#12648)
• 09cc0a2 Update: max-lines reporting loc improvement (refs #12334) (#13318)
• ee2fc2e Update: object-property-newline end location (refs #12334) (#13399)
• d98152a Update: added empty error array check for false negative (#13200)
• 7fb45cf Fix: clone config before validating (fixes #12592) (#13034)
• aed46f6 Sponsors: Sync README with website
• 7686d7f Update: semi-spacing should check do-while statements (#13358)
• cbd0d00 Update: disallow multiple options in comma-dangle schema (fixes #13165) (#13166)
• b550330 New: Add no-unreachable-loop rule (fixes #12381) (#12660)
• 13999d2 Update: curly should check consequent `if` statements (#12947)
• c42e548 Chore: enable exceptRange option in the yoda rule (#12857)
• 6cfbd03 Update: Drop @ typescript-eslint/eslint-recommended from `eslint --init` (#13340)
• 796f269 Chore: update eslint-config-eslint's required node version (#13379)
• 9d0186e Docs: Fix changelog versions (#13410)
• 1ee3c42 Docs: On maxEOF with eol-last (fixes #12742) (#13374)
• 2a21049 Update: key-spacing loc changes for extra space (refs #12334) (#13362)
• 7ce7988 Chore: Replace the inquirer dependency with enquirer (#13254)
• 0f1f5ed Docs: Add security policy link to README (#13403)
• 9e9ba89 Sponsors: Sync README with website
• ca59fb9 Sponsors: Sync README with website

See the full diff

Package name: knex

The new version differs by 250 commits.

• eb136f1 Merge branch 'master' of https://github.com/tgriesser/knex
• 2072163 Update version in changelog (#3138)
• f28ae7a Merge branch 'master' of https://github.com/tgriesser/knex
• f757e36 Bump version to 0.16.4 (#3137)
• 18532b2 Bump version to 0.16.4
• 286d84b Prepare for 0.16.4-next3 release (#3136)
• 1948c3d Add boolean as a column name in join (#3121)
• fe6083e Support nullable timestamps on MySQL (#3100)
• b15ee3d make unionAll()'s call signature match union() (#3055)
• e7ed005 Fix queryContext not being passed to raw queries (#3111)
• 11fdc0c Add missing clearOrder & clearCounters types (#3109)
• 7ecbcd5 Update changelog and version number (#3108)
• 5fea86e Update dependencies (#3107)
• 19926d8 [#3033] fix: sqlite3 drop/renameColumn() breaks with postProcessResponse (#3040)
• 24fcf27 Fix transaction support for migrations (#3084)
• de1c934 Include 'string' as accepted Knex constructor type definition (#3105)
• 0aacab5 Fix for #2998 - Migrator & TypeScript (#3041)
• fcd21d9 Add command for executing tests on SQLite (#3101)
• 1da56a3 Update mssql dev dep to v5 stable (#3096)
• b9a648c Format code (#3088)
• 0db7859 add test that clearing offset (#2954)
• f3f0750 Make TS stubs modern (#3080)
• 68723e0 Update changelog (#3086)
• 1b39d67 Tests for drop-and-recreate with async/await (#3083)

See the full diff

Package name: webpack

The new version differs by 250 commits.

• 213226e 4.0.0
• fde0183 Merge pull request #6081 from webpack/formating/prettier
• b6396e7 update stats
• f32bd41 fix linting
• 5238159 run prettier on existing code
• 518d1e0 replace js-beautify with prettier
• 4c25bfb 4.0.0-beta.3
• dd93716 Merge pull request #6296 from shellscape/fix/hmr-before-node-stuff
• 7a07901 Merge pull request #6563 from webpack/performance/assign-depth
• c7eb895 Merge pull request #6452 from webpack/update_acorn
• 9179980 Merge pull request #6551 from nveenjain/fix/templatemd
• e52f323 optimize performance of assignDepth
• 6bf5df5 Fixed template.md
• 90ab23a Merge branch 'master' into fix/hmr-before-node-stuff
• b0949cb add integration test for spread operator
• 39438c7 unittest now also walks the ast
• 15ab027 Merge pull request #6536 from jevan0307/sideEffects-selectors
• 1611ce1 Merge pull request #6561 from joshunger/patch-1
• 6e175bc Merge pull request #6549 from webpack/md4_hash
• 0637531 Add a hyperlink to create a new issue
• 0e1f9c6 Merge pull request #6554 from webpack/deps/end-of-beta
• 72477f4 upgrade versions to stable versions
• ed30285 Merge pull request #6546 from webpack/bot/review-permission
• 40ee8c7 Use MD4 for hashing

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic