[Snyk] Fix for 1 vulnerabilities

[aliscco]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • node_modules/propagate/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: eslint

The new version differs by 250 commits.

• 3dd6741 7.0.0
• 9a722f9 Build: changelog update for 7.0.0
• b98d8bd Upgrade: eslint-release@2.0.0 (#13271)
• 4c0b028 Fix: remove Node.js and CommonJS category from build process (#13242)
• 401a687 Chore: fix rules list for prereleases (#13230)
• 4ef6158 Breaking: espree@7.0.0 (#13270)
• b5c8d73 Docs: update 7.0.0 migration guide for consistency (#13267)
• 356fdb4 Docs: add migration guide (#12692)
• 015edf6 Sponsors: Sync README with website
• fdfa364 7.0.0-rc.0
• 8d1b4db Build: changelog update for 7.0.0-rc.0
• 0b1d65a Update: Improve report location for array-callback-return (refs #12334) (#13109)
• d85e291 Fix: yoda left string fix for exceptRange (fixes #12883) (#13052)
• 2ce6bed Chore: added tests for nested arrays (#13145)
• d3aac53 Update: report backtick loc in no-unexpected-multiline (refs #12334) (#13142)
• 8e7a2d9 Fix: func-call-spacing "never" reports wrong message (fixes #13190) (#13193)
• bcafd0f Update: Add ESLint API (refs New: ESLint Class Replacing CLIEngine eslint/rfcs#40) (#12939)
• 3eeae56 Upgrade: some (dev) deps (#13155)
• 6b7030b Chore: Run tests on Node.js v14 (#13210)
• ebc28d7 Fix: Remove default .js from --ext CLI option (#13176)
• 5c1bdeb Update: Improve report location for getter-return (refs #12334) (#13164)
• 56d2bee Docs: fix typos (#13204)
• e13256e Chore: use espree.latestEcmaVersion in config-initializer (#13157)
• e4f57b7 Chore: add nested array tests for array-element-newline (#13161)

See the full diff

Package name: semantic-release

The new version differs by 250 commits.

• ac40804 fix(deps): update dependency @ semantic-release/release-notes-generator to v11 (#2778)
• e046ece ci(signatures): moved the audit step to the non-matrix stage
• ef998ac ci(dependencies): audited signatures and provenance attestations of installed packages
• 278d8e6 docs(gh-actions): captured details about publishing with provenance from an actions workflow
• ddf4065 chore(deps): update dependency sinon to v15.0.4 (#2769)
• 4bddb37 fix(deps): update dependency env-ci to v9 (#2757)
• aa90774 chore(deps): update dependency testdouble to v3.17.2 (#2751)
• d7e14f6 docs(artifactory): removed details about using artifactory with legacy auth
• 4a943a5 chore(deps): pin dependencies (#2744)
• f47a510 chore(deps): lock file maintenance (#2737)
• 05596bc chore(deps): update dependency prettier to ^2.8.4 (#2746)
• c6e84ef chore(deps): update dependency sinon to v15.0.3 (#2748)
• 0cbe804 chore(deps): update dependency fs-extra to ^11.1.0 (#2745)
• ea32d10 chore(deps): update dependency testdouble to v3.17.1 (#2740)
• deb1b7f Merge pull request #2741 from semantic-release/beta
• 2d7f607 chore(lint): ran prettier against the release workflow file
• 91eae11 ci(release): enabled provenance for publishing to npm
• 050412e Merge branch 'master' of github.com:semantic-release/semantic-release into beta
• d647433 fix(deps): updated to the latest version of the npm plugin
• f1d6e65 chore(deps): update dependency dockerode to v3.3.5
• c38b53a fix(deps): update dependency execa to v7.1.1
• fbede54 fix(deps): update dependency cosmiconfig to v8.1.2
• 6d286cd chore(deps): update dependency sinon to v15.0.2 (#2730)
• bc6d8b4 chore(deps): update dependency testdouble to v3.17.0 (#2731)

See the full diff

Package name: tap

The new version differs by 250 commits.

• bc49fb7 15.0.0
• 4378608 remove publishConfig beta tag
• 2c2e75f provide mkdirRecursive polyfill for old node versions
• 8f4c855 correctly specify 10.0.x versions
• 5e61672 update deps
• c44c418 Support 10.0 and test in CI
• dc5c841 tcompare@5.0.4
• 385b6d2 Add .taprc.yml/yaml handling to change log
• 4f87466 just run regular test script as snap script
• 315a921 delete FORCE_COLOR/NO_COLOR rather than setting to '0'
• 564e96f Add detection for .yaml and .yml
• 75bae93 update cli doc
• c1289bf 15.0.0-3
• d6fe32f Do not CI on node 10
• d2e0428 do not use equals() alias in self-test
• 3f787c4 tell npm to be colorful in CI
• 1512818 run tests with color on github actions
• 4626fa1 Docs: update documentation for tap v15
• 02d536b libtap@1.0.1
• f7c7c58 update cli doc
• 2aa497c 15.0.0-2
• 8d7f62e Add support for overriding libtap's internal settings
• 29eed63 new snapshot folder layout
• 3a28d4d update libtap git ref to isaacs/tap-v15-prep branch

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)