[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	758/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-Y18N-1021887	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: mocha

The new version differs by 147 commits.

• afe8daa Release v8.2.0
• 20d3d4c update CHANGELOG for v8.2.0 [ci skip]
• 932c09a fix scripts/linkify-changelog to not blast fenced code blocks
• 3b333ec chore(deps): chokidar@3.4.3
• 058b2e7 attempt to force colors in karma config
• 60e3662 replace promise.allsettled with @ungap/promise-all-settled; closes #4474
• f132448 remove duplicated/problem reporter tests; closes #4469
• 31116db fix: remove job count from parallel mode debug log (#4416)
• 478ca6a add "fixture flowchart" to docs (#4440)
• 9c28990 support leading dots in --extension
• 2852505 chore(deps): upgrade to latest stable
• b216fcd Support multipart extensions like ".test.js" (#4442)
• 1aa182b refactor: utils.type() (#4457); closes #4306
• fd9fe95 Change serializer errors to use error codes (#4464)
• 6ceca82 make guarantees about orphaned processes
• f24f190 avoid deprecated add-path in GHA workflow
• ca9bfc7 parallel mode: enable custom worker reporters and object references (#4409); closes #4403
• df8e9e6 run all node.js tests on GHA (#4459)
• 238268d cleanup a little bit of eslint config
• 8f5d6a9 Update eslint version (#4443)
• bb96de1 implement Open Collective categories for extended filtering
• 28f970e ci(win): setup GH actions for windows CI (#4402)
• 738a575 Add speed in -R json option (#4226) (#4434)
• 5bdc208 remove unused interface tests (#4247)

See the full diff

Package name: webpack

The new version differs by 250 commits.

• f2f998b 5.1.1
• bcd6190 Merge pull request #11704 from webpack/bugfix/delete-asset
• 11935a9 Merge pull request #11703 from webpack/bugfix/11678
• 63ba54c update chunk to files mapping when deleting assets
• 4669600 Merge pull request #11690 from webpack/bugfix/11673
• 234373e Merge pull request #11702 from webpack/deps/terser
• b6bc273 fix infinite loop in inner graph optimization
• 50c3a83 fix unused modules in chunk when optimizing runtime-specific
• 5d9d9b9 fix runtime-specific handling in concatenated modules
• 250e37c add test case
• 7925652 upgrade terser-webpack-plugin
• 27796db Merge pull request #11669 from webpack/dependabot/npm_and_yarn/ts-loader-8.0.5
• bd5aab8 Merge pull request #11692 from webpack/dependabot/npm_and_yarn/babel/core-7.12.0
• 886bbd5 Merge pull request #11693 from webpack/dependabot/npm_and_yarn/react-dom-16.14.0
• 3a14b3d Merge pull request #11694 from webpack/dependabot/npm_and_yarn/react-16.14.0
• ddf9936 chore(deps-dev): bump react from 16.13.1 to 16.14.0
• dc6e69a chore(deps-dev): bump react-dom from 16.13.1 to 16.14.0
• 8f18de9 chore(deps-dev): bump @babel/core from 7.11.6 to 7.12.0
• c0410e8 Merge pull request #11686 from webpack/bugfix/11677
• 4504046 order runtime chunks correctly when they depend on each other
• 74a44cd add comment to help tagging for the bot
• e97efb7 chore(deps-dev): bump ts-loader from 8.0.4 to 8.0.5
• 77329b4 5.1.0
• 48c10f3 Merge pull request #11653 from log2-hwan/fix-moduletemplate-deprecation

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic