[Snyk] Fix for 5 vulnerabilities

[rohag-equinor]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	265/1000 Why? CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-HIGHLIGHTJS-1048676	No	No Known Exploit
	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342073	No	Proof of Concept
	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342082	No	Proof of Concept
	306/1000 Why? CVSS 5.9	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-584281	No	No Known Exploit
	444/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: eslint

The new version differs by 210 commits.

• 3dd6741 7.0.0
• 9a722f9 Build: changelog update for 7.0.0
• b98d8bd Upgrade: eslint-release@2.0.0 (#13271)
• 4c0b028 Fix: remove Node.js and CommonJS category from build process (#13242)
• 401a687 Chore: fix rules list for prereleases (#13230)
• 4ef6158 Breaking: espree@7.0.0 (#13270)
• b5c8d73 Docs: update 7.0.0 migration guide for consistency (#13267)
• 356fdb4 Docs: add migration guide (#12692)
• 015edf6 Sponsors: Sync README with website
• fdfa364 7.0.0-rc.0
• 8d1b4db Build: changelog update for 7.0.0-rc.0
• 0b1d65a Update: Improve report location for array-callback-return (refs #12334) (#13109)
• d85e291 Fix: yoda left string fix for exceptRange (fixes #12883) (#13052)
• 2ce6bed Chore: added tests for nested arrays (#13145)
• d3aac53 Update: report backtick loc in no-unexpected-multiline (refs #12334) (#13142)
• 8e7a2d9 Fix: func-call-spacing "never" reports wrong message (fixes #13190) (#13193)
• bcafd0f Update: Add ESLint API (refs New: ESLint Class Replacing CLIEngine eslint/rfcs#40) (#12939)
• 3eeae56 Upgrade: some (dev) deps (#13155)
• 6b7030b Chore: Run tests on Node.js v14 (#13210)
• ebc28d7 Fix: Remove default .js from --ext CLI option (#13176)
• 5c1bdeb Update: Improve report location for getter-return (refs #12334) (#13164)
• 56d2bee Docs: fix typos (#13204)
• e13256e Chore: use espree.latestEcmaVersion in config-initializer (#13157)
• e4f57b7 Chore: add nested array tests for array-element-newline (#13161)

See the full diff

Package name: eslint-plugin-import

The new version differs by 250 commits.

• b0131d2 Bump to v2.25.0
• 7463de2 utils: v2.7.0
• 900ac9a [resolvers/webpack] [deps] update `is-core-module`
• c117be5 [Dev Deps] update `array.prototype.flatmap`, `glob`; remove `babel-preset-es2015-argon`
• 0e857b6 [Deps] update `array-includes`, `array.prototype.flat`, `is-core-module`, `is-glob`, `object.values`
• 62e2d88 [New] Support `eslint` v8
• 9a744f7 [Fix] `default`, `ExportMap`: Resolve extended TypeScript configuration files
• dd81424 [Refactor] `no-unresolved`, `no-extraneous-dependencies`: moduleVisitor usage
• 4f0f560 [Docs] `no-namespace`: fix a typo
• 430d16c [Tests] eslint-import-resolver-typescript@1.0.2 doesn't resolve .js
• 47e9c89 [Tests] type-only imports were added in TypeScript ESTree 2.23.0
• 28669b9 [Tests] `no-extraneous-dependencies` ignores unresolved imports
• 471790f [Tests] fix skip usage
• fd85369 [Tests] skip failing test on eslint < 6 + node < 8
• 64423e9 [Tests] add passing test for export-star
• 58fe766 [Tests] ignore resolver tests, scripts, and unused memo-parser
• 47ea669 [Fix] `order`: Fix import ordering in TypeScript module declarations
• 4ed7867 [Fix] `no-unresolved`: ignore type-only imports
• 4d15e26 [patch] TypeScript config: remove `.d.ts` from `import/parsers` setting and `import/extensions` setting
• 9ccdcb7 [Refactor] switch to an internal replacement for `pkg-up` and `read-pkg-up`
• 1571913 [utils] [new] create internal replacement for `pkg-up` and `read-pkg-up`
• 7c382f0 [New] `no-unused-modules`: support dynamic imports
• 7579748 [utils] [new] add `visit`, to support dynamic imports
• 35bd977 [New] `no-unresolved`: add `caseSensitiveStrict` option

See the full diff

Package name: jest

The new version differs by 250 commits.

• be16e47 v27.0.0
• 63102ec chore: update changelog for release
• 564694a docs(blog): Jest 27 blog post (#11131)
• b68d91b feat(pretty-print): add option `printBasicPrototype` (#11441)
• 2226742 chore: minor simplify format results error (#11432)
• 78eb25d chore: remove needless assign (#11433)
• 696c455 chore: update lockfile after publish
• e2eb9ae v27.0.0-next.11
• 3b253f8 Wait for closed resources to actually close before detecting open handles (#11429)
• 27bee72 fix: run GC before collecting open handles (#11278)
• 50451df feat: use fallback if prettier not found (#11400)
• 150dbd8 chore: update lockfile after publish
• 6f44529 v27.0.0-next.10
• cbcec7d Upgrade fsevents in jest-haste-map (#11428)
• 9633a26 feat: support reporters written in ESM (#11427)
• 59f42d8 fix: do not cache modules that throw during evaluation (#11263)
• 57e32e9 Detect open handles with done callbacks (#11382)
• a397607 Document and test dontThrow for custom inline snapshot matchers (#10995)
• 4fa3a0b feat: custom haste (#11107)
• 2047a36 chore: bump deps (#11419)
• a4358d6 chore: run prettier on changelog
• bdd6282 Move all default values into `jest-config` (#9924)
• db643a1 Link to Jest config (#11106)
• b16082c Fix locale issue #10014 (#11412)

See the full diff

Package name: ts-jest

The new version differs by 34 commits.

• bcf2697 Merge pull request #1649 from kulshekhar/dependabot/npm_and_yarn/types/fs-extra-9.0.0
• 497f5c9 build(deps-dev): bump @ types/fs-extra from 8.1.0 to 9.0.0
• 35001a2 Merge pull request #1646 from ahnpnl/v26.0.0
• 1db8be5 chore(release): 26.0.0
• 47007f1 build(deps-dev): bump @ types/js-yaml from 3.12.3 to 3.12.4 (#1644)
• 9741de4 build(deps-dev): bump @ types/cross-spawn from 6.0.1 to 6.0.2 (#1643)
• 6851b8e fix(compiler): return `undefined` for `getScriptVersion` when a file doesn't exist in memory cache (#1641)
• 6b22e08 build(deps-dev): bump @ types/yargs from 15.0.4 to 15.0.5 (#1638)
• b58064c Merge pull request #1637 from kulshekhar/dependabot/npm_and_yarn/types/jest-25.2.2
• 5fc19c0 build(deps-dev): bump @ types/jest from 25.2.1 to 25.2.2
• ea56715 build(deps-dev): bump eslint-plugin-jsdoc from 25.4.0 to 25.4.1 (#1640)
• b5dc7cb build(deps-dev): bump @ types/semver from 7.1.0 to 7.2.0 (#1636)
• eab413e Merge pull request #1634 from kulshekhar/dependabot/npm_and_yarn/eslint-plugin-jsdoc-25.4.0
• 01cb6e2 build(deps-dev): bump eslint-plugin-jsdoc from 25.3.0 to 25.4.0
• db084be build(deps-dev): bump @ typescript-eslint/eslint-plugin (#1632)
• d203a54 build(deps-dev): bump @ typescript-eslint/parser from 2.32.0 to 2.33.0 (#1631)
• 1eafa67 build(deps-dev): bump eslint-plugin-jsdoc from 25.2.1 to 25.3.0 (#1629)
• e31656d build(deps-dev): bump eslint-plugin-jest from 23.10.0 to 23.11.0 (#1628)
• c2b230f build(deps-dev): bump eslint-plugin-jsdoc from 25.2.0 to 25.2.1 (#1627)
• c0265a4 build(deps-dev): bump @ typescript-eslint/parser from 2.31.0 to 2.32.0 (#1625)
• 3c95725 build(deps-dev): bump @ typescript-eslint/eslint-plugin (#1626)
• d90c034 build(deps-dev): bump eslint-plugin-jsdoc from 25.0.1 to 25.2.0 (#1623)
• c402ee3 build(deps-dev): bump @ types/react from 16.9.34 to 16.9.35 (#1622)
• bec1a0e docs: correct spelling mistake in index.md (#1612)

See the full diff

Package name: typedoc

The new version differs by 250 commits.

• 28bca92 Disable tests before publish for lts
• 710c724 Create security policy, publish script for lts
• adb53e4 Bump marked from 3.0.2 to 4.0.10
• 7132fee chore: Bump version to 0.21.9
• 3c2f3fa fix: Support highlighting language aliases (#1673)
• 56f371c chore: Bump version to 0.21.8
• 7ad5689 chore: Upgrade dependencies
• 1aee313 chore: Bump version to 0.21.7
• da04509 feat: Support for TypeScript 4.4
• 77552ff chore: Bump version to 0.21.6
• 313a4f5 fix: Handle undefined symbols in query types
• 0df9e6c feat: Add support for NO_COLOR environment variable (#1650)
• 9d84e2e chore:Bump version to 0.21.5
• 71ceaaa fix: Implicitly set noEmit unless --emit is provided
• 8f6992a feat: Support Node v12.10 (#1632)
• 8ff7d32 chore: Bump version to 0.21.4
• 5dfe9de fix: Constructors did not have source information set
• 030cb1e chore: Fix changelog generation for release
• de32c1c chore: Bump version to 0.21.3
• 98331b5 fix: Improve detection for "property methods" to convert as methods
• 5fd7f87 refactor: seal -> freeze
• 8e097ef refactor: Turn on noImplicitOverride compiler option
• f3294cd BREAKING CHANGE: Options may not be set once conversion starts. Enables a small perf improvement.
• b04b3b0 chore: Remove lodash

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)