[Snyk] Fix for 1 vulnerabilities

[zuohuadong]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-LODASH-6139239	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @nestjs/graphql

The new version differs by 250 commits.

• 9083765 chore(): release v7.5.2
• 58def40 chore(): update apollo to the latest packages
• 552f602 Merge branch 'leerw4-feature/gql-schema-from-nodemodules'
• d78bff5 refactor(): extract include node modules to a sep function
• 480963a Merge branch 'feature/gql-schema-from-nodemodules' of https://github.com/leerw4/graphql into leerw4-feature/gql-schema-from-nodemodules
• 080670e Merge pull request #1026 from nestjs/renovate/lodash-monorepo
• 5374dc7 Merge pull request #996 from mattleff/transform-autoSchemaFile
• bb9fb6f fix(deps): update dependency lodash to v4.17.19
• 9fc60d2 chore(deps): update nest monorepo to v7.3.2
• b9f3fd8 Merge pull request #1024 from nestjs/renovate/lodash-monorepo
• 52747b0 fix(deps): update dependency lodash to v4.17.17
• 2b5a9e9 chore(deps): update dependency @ types/jest to v26.0.4
• 9691229 chore(deps): update typescript-eslint monorepo to v3.6.0
• 211a088 chore(deps): update dependency graphql to v15.3.0
• dceb871 chore(deps): update dependency eslint to v7.4.0
• 73bca3e feat(): Apply transformSchema to autoSchemaFile
• cf83e1f Merge pull request #1017 from nestjs/renovate/graphql-tools-monorepo
• 61b01a5 chore(): release v7.5.1
• fc50a23 Merge pull request #1006 from dotellie/fix/duplicate-types
• 0e361ee fix(federation): remove duplicate types in schema (#1001)
• f60e51f fix(deps): update graphql-tools monorepo to v6.0.12
• fd52b0c chore(): release v7.5.0
• b4cf611 fix(test): fix sorted schema snapshot
• ad38ca0 Merge pull request #997 from mattleff/sort-schema

See the full diff

Package name: email-templates

The new version differs by 139 commits.

• e8b8cfc 11.1.1
• 44940e2 chore: added note to README
• e03100c 11.1.0
• 45bb875 feat: upgrade to @ ladjs/consolidate (modern fork of consolidate)
• 871a2e8 11.0.5
• d4b46fa chore: bump deps (enhanced preview-email <https://github.com/forwardemail/preview-email\#browser>)
• b5e3c81 11.0.4
• 36789d2 chore: bump deps
• cfc2d41 11.0.3
• 2576f25 fix: fixed xo rule from warn > off
• 11c5c6e fix: switch off node: specific modules (per https://github.com/[fix] preview-email is failing due to require('node:child_process') is not getting processed on mac intel forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript#35)
• 2acb1c3 11.0.2
• ecf5a72 chore: bump deps
• f1f19dc 11.0.1
• 800cec4 docs: updated inline CSS example
• a18debc 11.0.0
• 9c26e5e feat: breaking - drop CSS inlining and `<style>` tag removal by default
• 85b8129 10.0.1
• f9bf71a feat: added iOS Simulator support 🎉
• edac7f4 10.0.0
• 1b0ecdc feat: modernize, require node >= 14, bump deps
• 8a73adc v9.0.0
• 3cd75b4 chore: upgrade web-resource-inliner, support node v10+
• 6ba0098 v8.1.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution