[Snyk] Fix for 1 vulnerabilities

[aliscco]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @typescript-eslint/parser

The new version differs by 246 commits.

• c51e3f0 chore: publish v4.0.0
• 4ff8c43 chore: regen yarn.lock and fix lint issues
• c3a6c2a chore: add downlevel-dts to all packages with type declarations
• ac0defc chore: update dependencies
• cd84549 fix(scope-manager): correct analysis of abstract class properties (#2420)
• 3a7ec9b feat(typescript-estree): switch to globby (#2418)
• 9273441 feat(eslint-plugin): [no-unnecessary-condition][strict-boolean-expressions] add option to make the rules error on files without `strictNullChecks` turned on (#2345)
• 58b1c2d feat(eslint-plugin): add `consistent-type-imports` rule (#2367)
• 762bc99 fix(typescript-estree): correct ChainExpression interaction with parentheses and non-nulls (#2380)
• d738fa4 fix: correct decorator traversal for AssignmentPattern (#2375)
• 9de669f fix(eslint-plugin): [no-shadow] fix false-positive on enum declaration (#2374)
• a9cd6fb feat(eslint-plugin): [typedef] remove all defaults (#2352)
• a3f163a feat(eslint-plugin): [ban-ts-comment] change default for `ts-expect-error` to `allow-with-description` (#2351)
• c70f54f fix(eslint-plugin): [no-unused-vars] handle TSCallSignature (#2336)
• 3be125d feat: consume new scope analysis package (#2039)
• e9d2ab6 feat: support ESTree optional chaining representation (#2308)
• 3854d6c chore: setup automatic RC release for v4 branch
• a10d671 docs: adjust prettier snippet (#2427)
• 43b1201 chore: publish v3.10.1
• d1f0887 fix(eslint-plugin): [no-unnecessary-condition] correct regression with unary negations (#2422)
• 797a133 chore: update ISSUE_TEMPLATE.md
• 50f9c4a chore: publish v3.10.0
• 32fe2bb fix(eslint-plugin): [no-unnecessary-condition] better handling for unary negation (#2382)
• e6be621 feat(typescript-estree): update allowed TS version range (#2419)

See the full diff

Package name: del

The new version differs by 8 commits.

• cd0543e 6.0.0
• 6c99805 Require Node.js 10
• 1df5280 Readme tweaks
• 4acd962 Add tip about deleting subdirectories (fix: close browser tree forcefully on exit microsoft/vscode-js-debug#116)
• 1a0c36c Add mention of GitHub Sponsors
• 1e0d705 Tidelift tasks
• 892ce2a Make it clear that it recursively deletes directories (logPoints don't interpolate { } microsoft/vscode-js-debug#113)
• 728cb7c Fix benchmark

See the full diff

Package name: glob

The new version differs by 121 commits.

• a68703e 9.0.0
• 58159ca test: cwd can be a url
• a547a9c more docs
• 42a3ac7 link to bash manual for Pattern Matching
• 474172d update readme with cwd URL support
• ad3904d update readme with posix class support
• b22fc7d minimatch@7.3.0
• cdd1627 update all the things, remove unused mkdirp types
• 75c6416 Merge branch 'v9'
• fa0cd77 cwd can be a file:// url
• d03ed0a typedoc github action
• 9a5a45a put bench results in readme
• 20b2f88 docs, fix benchmark script
• 4829c88 upgrade ci actions
• 5cbacdd minimatch@7.2.0
• 210310b omit symlinks on windows
• d34c8d5 full test coverage, clean up signals and remove extranous code
• 5f21b46 adding lots of tests, clean up types
• b12e6ba slashes on nodir test
• 75f74b0 more windows test slashes
• 3aa1abd more windows test affordances
• 3e68a7b some windows test affordances
• 8c2e082 feature complete and tests passing
• c3be35a correct ** vs ./** behavior

See the full diff

Package name: glob-stream

The new version differs by 16 commits.

• d8eace3 chore: Release 8.0.0 (fix: close browser tree forcefully on exit microsoft/vscode-js-debug#116)
• 8d6b35c feat!: Switch to streamx (Fix smartStep in ignored sourcemaps, add test microsoft/vscode-js-debug#119)
• 5097aed chore: Remove the order negation wording in docs
• c92aa14 chore: Update CI badge
• ef7f1d3 chore: Remove node-glob from references
• 6aad264 feat!: Replace glob with anymatch & custom directory walk (Fix/test fixes 1 microsoft/vscode-js-debug#118)
• 872a957 fix: Properly handle glob-like characters in paths (Fix pause reason for debugger statement microsoft/vscode-js-debug#117)
• f37bccc chore!: Drop support for ordered globs (Can not debug VSCode project microsoft/vscode-js-debug#115)
• 156f801 chore: Remove extend dependency and use Object.assign (fix: proper treatment of path tree across platforms, fix tests microsoft/vscode-js-debug#114)
• 37cc385 chore: Release 7.0.0 (smartStep incorrectly steps through "ignored" files microsoft/vscode-js-debug#109)
• bd9216e chore: Remove some old cruft
• daa4182 chore: Run prettier
• c110ed1 chore!: Normalize repository, dropping node <10.13 support (Ignore telemetry events in tests microsoft/vscode-js-debug#101)
• 95fdea5 chore: Tidelift tasks
• 4e6984d chore: Add support-bot template
• 8dd405f chore: Enforce consistent line endings

See the full diff

Package name: webpack

The new version differs by 250 commits.

• f2f998b 5.1.1
• bcd6190 Merge pull request #11704 from webpack/bugfix/delete-asset
• 11935a9 Merge pull request #11703 from webpack/bugfix/11678
• 63ba54c update chunk to files mapping when deleting assets
• 4669600 Merge pull request #11690 from webpack/bugfix/11673
• 234373e Merge pull request #11702 from webpack/deps/terser
• b6bc273 fix infinite loop in inner graph optimization
• 50c3a83 fix unused modules in chunk when optimizing runtime-specific
• 5d9d9b9 fix runtime-specific handling in concatenated modules
• 250e37c add test case
• 7925652 upgrade terser-webpack-plugin
• 27796db Merge pull request #11669 from webpack/dependabot/npm_and_yarn/ts-loader-8.0.5
• bd5aab8 Merge pull request #11692 from webpack/dependabot/npm_and_yarn/babel/core-7.12.0
• 886bbd5 Merge pull request #11693 from webpack/dependabot/npm_and_yarn/react-dom-16.14.0
• 3a14b3d Merge pull request #11694 from webpack/dependabot/npm_and_yarn/react-16.14.0
• ddf9936 chore(deps-dev): bump react from 16.13.1 to 16.14.0
• dc6e69a chore(deps-dev): bump react-dom from 16.13.1 to 16.14.0
• 8f18de9 chore(deps-dev): bump @ babel/core from 7.11.6 to 7.12.0
• c0410e8 Merge pull request #11686 from webpack/bugfix/11677
• 4504046 order runtime chunks correctly when they depend on each other
• 74a44cd add comment to help tagging for the bot
• e97efb7 chore(deps-dev): bump ts-loader from 8.0.4 to 8.0.5
• 77329b4 5.1.0
• 48c10f3 Merge pull request #11653 from log2-hwan/fix-moduletemplate-deprecation

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.