[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Directory Traversal SNYK-JS-MOMENT-2440688	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: convict

The new version differs by 239 commits.

• 7f974da v6.0.0
• 203657b Setup Lerna strategy (#368)
• 9f2aec3 Revert "v6.0.0"
• 6162366 v6.0.0
• 8ef51ae More details about Lerna management
• 9bb5bb2 Better do requires at the root of modules
• 29548d2 Cleanup+CHANGELOG update for convict@6.0.0 release
• 7c4087c Use standard ESLint disablings everywhere
• 903638f Fix forgotten Mocha test, to switch to Jest
• 63e2716 Remove useless similar .eslintrc.js files because
• 4a5c90e Clearer source file names (#366)
• 291cb01 Feat switch to jest (#365)
• 0638485 Drop unused Travis sudo: false directive
• 4181329 Explain how to work/contribute with Lerna on
• baed83d Document that this is a Lerna monorepo
• 4114ce1 Feat stricter eslint config (#364)
• 5a16dd1 Fix "Dependency cycles detected"
• bc9f944 Remove use of assert_changelog_ready script
• cf1663e Update lerna devDep to latest
• 3f2df5a Update to eslint@6.8.0
• a6dcebd Switch ESLint config files to JavaScript format
• f76cc78 Use `^x.y.z` range versions for deps
• 7bdd8e1 Improve markdown formatting
• 3ce8352 Add notice about convict@5 and convict@6

See the full diff

Package name: good-console

The new version differs by 33 commits.

• 7c9a73d Update README.md
• 9de8c84 8.0.0
• dc7295d Update node requirements. Closes Add files created at CI to ignore reindexio/reindex-api#114
• b22bbf3 Update moment (Fix social login in prod reindexio/reindex-api#112)
• 9aca297 Add changelog.md (Require https in production reindexio/reindex-api#111)
• a69df28 Update README.md
• c996499 v7.1.0
• da92807 format as error when data.error is populated (Add changedXEdge to payload reindexio/reindex-api#104)
• 388b0fa Use SafeStringify when serializing the query
• fd44bf5 v7.0.1
• c8823c0 Revert addition of responseSentTime
• 3f07b60 v7.0.0
• 0ab557d pass event.id for every format
• eb54cd1 Add responseSentTime to response format (Make create-app script insert User type reindexio/reindex-api#95)
• 26b1fc2 v6.4.1
• f1b1a5b Upgrade Moment to 2.19.x (Add wildcard permission (permission for all types) reindexio/reindex-api#98)
• c4fb48f version 6.4.0
• 729155b separated message and stack with a comma (Add description and fix deprecation reindexio/reindex-api#85)
• e32cec6 leveraged the error formatter when data is an Error (Add permission validation reindexio/reindex-api#86)
• f0f83c9 version 6.2.0
• c8d0de9 log event.id when available (Refactor then to async functions reindexio/reindex-api#80)
• e91d381 version 6.3.1
• 95f4762 Bump moment to 2.15.x branch to resolve Regex DOS (Rewrite eslintrc reindexio/reindex-api#78)
• 9f1d35e version 6.1.2

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Directory Traversal