[Snyk] Fix for 1 vulnerabilities

[Ivajkin]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: eslint

The new version differs by 250 commits.

• 3dd6741 7.0.0
• 9a722f9 Build: changelog update for 7.0.0
• b98d8bd Upgrade: eslint-release@2.0.0 (#13271)
• 4c0b028 Fix: remove Node.js and CommonJS category from build process (#13242)
• 401a687 Chore: fix rules list for prereleases (#13230)
• 4ef6158 Breaking: espree@7.0.0 (#13270)
• b5c8d73 Docs: update 7.0.0 migration guide for consistency (#13267)
• 356fdb4 Docs: add migration guide (#12692)
• 015edf6 Sponsors: Sync README with website
• fdfa364 7.0.0-rc.0
• 8d1b4db Build: changelog update for 7.0.0-rc.0
• 0b1d65a Update: Improve report location for array-callback-return (refs #12334) (#13109)
• d85e291 Fix: yoda left string fix for exceptRange (fixes #12883) (#13052)
• 2ce6bed Chore: added tests for nested arrays (#13145)
• d3aac53 Update: report backtick loc in no-unexpected-multiline (refs #12334) (#13142)
• 8e7a2d9 Fix: func-call-spacing "never" reports wrong message (fixes #13190) (#13193)
• bcafd0f Update: Add ESLint API (refs New: ESLint Class Replacing CLIEngine eslint/rfcs#40) (#12939)
• 3eeae56 Upgrade: some (dev) deps (#13155)
• 6b7030b Chore: Run tests on Node.js v14 (#13210)
• ebc28d7 Fix: Remove default .js from --ext CLI option (#13176)
• 5c1bdeb Update: Improve report location for getter-return (refs #12334) (#13164)
• 56d2bee Docs: fix typos (#13204)
• e13256e Chore: use espree.latestEcmaVersion in config-initializer (#13157)
• e4f57b7 Chore: add nested array tests for array-element-newline (#13161)

See the full diff

Package name: eslint-plugin-import

The new version differs by 250 commits.

• b0131d2 Bump to v2.25.0
• 7463de2 utils: v2.7.0
• 900ac9a [resolvers/webpack] [deps] update `is-core-module`
• c117be5 [Dev Deps] update `array.prototype.flatmap`, `glob`; remove `babel-preset-es2015-argon`
• 0e857b6 [Deps] update `array-includes`, `array.prototype.flat`, `is-core-module`, `is-glob`, `object.values`
• 62e2d88 [New] Support `eslint` v8
• 9a744f7 [Fix] `default`, `ExportMap`: Resolve extended TypeScript configuration files
• dd81424 [Refactor] `no-unresolved`, `no-extraneous-dependencies`: moduleVisitor usage
• 4f0f560 [Docs] `no-namespace`: fix a typo
• 430d16c [Tests] eslint-import-resolver-typescript@1.0.2 doesn't resolve .js
• 47e9c89 [Tests] type-only imports were added in TypeScript ESTree 2.23.0
• 28669b9 [Tests] `no-extraneous-dependencies` ignores unresolved imports
• 471790f [Tests] fix skip usage
• fd85369 [Tests] skip failing test on eslint < 6 + node < 8
• 64423e9 [Tests] add passing test for export-star
• 58fe766 [Tests] ignore resolver tests, scripts, and unused memo-parser
• 47ea669 [Fix] `order`: Fix import ordering in TypeScript module declarations
• 4ed7867 [Fix] `no-unresolved`: ignore type-only imports
• 4d15e26 [patch] TypeScript config: remove `.d.ts` from `import/parsers` setting and `import/extensions` setting
• 9ccdcb7 [Refactor] switch to an internal replacement for `pkg-up` and `read-pkg-up`
• 1571913 [utils] [new] create internal replacement for `pkg-up` and `read-pkg-up`
• 7c382f0 [New] `no-unused-modules`: support dynamic imports
• 7579748 [utils] [new] add `visit`, to support dynamic imports
• 35bd977 [New] `no-unresolved`: add `caseSensitiveStrict` option

See the full diff

Package name: webpack

The new version differs by 250 commits.

• 213226e 4.0.0
• fde0183 Merge pull request #6081 from webpack/formating/prettier
• b6396e7 update stats
• f32bd41 fix linting
• 5238159 run prettier on existing code
• 518d1e0 replace js-beautify with prettier
• 4c25bfb 4.0.0-beta.3
• dd93716 Merge pull request #6296 from shellscape/fix/hmr-before-node-stuff
• 7a07901 Merge pull request #6563 from webpack/performance/assign-depth
• c7eb895 Merge pull request #6452 from webpack/update_acorn
• 9179980 Merge pull request #6551 from nveenjain/fix/templatemd
• e52f323 optimize performance of assignDepth
• 6bf5df5 Fixed template.md
• 90ab23a Merge branch 'master' into fix/hmr-before-node-stuff
• b0949cb add integration test for spread operator
• 39438c7 unittest now also walks the ast
• 15ab027 Merge pull request #6536 from jevan0307/sideEffects-selectors
• 1611ce1 Merge pull request #6561 from joshunger/patch-1
• 6e175bc Merge pull request #6549 from webpack/md4_hash
• 0637531 Add a hyperlink to create a new issue
• 0e1f9c6 Merge pull request #6554 from webpack/deps/end-of-beta
• 72477f4 upgrade versions to stable versions
• ed30285 Merge pull request #6546 from webpack/bot/review-permission
• 40ee8c7 Use MD4 for hashing

See the full diff

Package name: webpack-dev-server

The new version differs by 250 commits.

• c5b9c7e chore(release): 4.6.0
• 1ba9720 fix: reload on warnings (#4056)
• 5026601 feat: allow to pass all `chokidar` options (#4025)
• 7e78bfa chore(deps-dev): bump webpack from 5.64.2 to 5.64.3 (#4054)
• f2a7d16 chore(deps-dev): bump memfs from 3.3.0 to 3.4.0 (#4055)
• d104b58 chore: remove redundant `eslint-disable` comments (#4053)
• e6330f5 chore: remove redundant snapshots (#4052)
• cf26a3f chore(deps): bump ws from 8.2.3 to 8.3.0 (#4051)
• 7823237 chore(deps-dev): bump lint-staged from 12.1.1 to 12.1.2 (#4048)
• 9b32c96 fix: reconnection logic (#4044)
• 5e7c001 chore(deps-dev): bump eslint from 8.2.0 to 8.3.0 (#4045)
• 12d6d52 chore(deps-dev): bump lint-staged from 12.0.2 to 12.1.1 (#4047)
• 7ed2ba3 chore(deps-dev): bump webpack from 5.64.1 to 5.64.2 (#4046)
• b497f68 docs: fix typo (#4042)
• 285487f chore(deps): remove unused (#4036)
• a19ee71 chore(deps-dev): bump acorn from 8.5.0 to 8.6.0 (#4040)
• 497e615 chore(deps): bump webpack-dev-middleware
• ec882db chore(deps-dev): bump typescript from 4.4.4 to 4.5.2 (#4034)
• 7d117de chore: update dependencies (#4033)
• a5b1c70 chore: update `schema-utils` (#4032)
• d3be607 chore(deps): bump @ babel/preset-env from 7.16.0 to 7.16.4 (#4030)
• 25bace8 chore(deps): bump @ babel/plugin-transform-runtime (#4031)
• 6a5b58d docs: fix `--https` option alignment (#4028)
• fd8c54a chore: remove redundant `eslint-disable` comments (#4024)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)