[Snyk] Fix for 1 vulnerabilities

[lholmquist]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: electron-rebuild

The new version differs by 56 commits.

• dd7a356 1.5.0
• 7ef89d9 Merge pull request #127 from electron/new-rebuild
• 54c771c Add prebuilt workaround for some weird packages
• 36f4c03 Use spawn-rx for win32 wizardry
• e874126 Support dum dum old NPM
• 5f5bbdd fix travis v2
• dbba253 fix travis
• 73738c1 Add missing babel dep
• ed651be debug test
• 483def2 Fix silly test
• ee64a19 fix locate tests
• 58d0617 Import expect
• b4c7876 Fix travis
• 98d490a Set up tests
• c1c37c8 Add noop functions for the old method syntax
• bd12df8 Parse the types param correctly
• 20c630f Initial port from forge
• 27fd311 1.4.0
• f326a4f Merge pull request #123 from electron/export-locator
• 822a1d6 Export more methods and make an index.js file
• 4718ea5 Version bump to 1.3.0
• 92e82d2 Merge pull request #98 from electron/only-dev-deps
• e15f208 Merge pull request #116 from reconbot/always-rebuild-binaries
• 7426c6d Always update the binary on rebuild

See the full diff

Package name: ember-cli-htmlbars

The new version differs by 8 commits.

• a78983f release v2.0.0 🎉
• b6317d9 Merge pull request #111 from ember-cli/bump
• ccf5e88 feedback from @ rwjblue
• a2aee3c add appveyor
• 69218d0 add minimum engine
• 7663f85 update travis
• e012435 es6ify and cleanup
• 2a7f4fd bump deps (will require v2.x.x release)

See the full diff

Package name: ember-cli-htmlbars-inline-precompile

The new version differs by 30 commits.

• ae552eb 0.4.0
• 133cd0a Release 0.4.0 final.
• 705f173 0.4.0-beta.2
• 335e4c5 Update CHANGELOG.
• 62e44bd Update minimum version of babel plugin.
• d86edac 0.4.0-beta.1
• 74fd184 Merge pull request #69 from rwjblue/babel-6
• ffafb16 Remove welcome page.
• 99aad43 Add ember-cli-shims back to ember-source scenario.
• 3ae7891 Update min engine version.
• d8cb4a1 Make function properly for babel@6 version.
• f68e8b6 Update minimum versions of deps and devDeps.
• c18f6d3 fixup! Add babel@6 to devDeps for test harness.
• 8f92b23 Remove unused directories.
• 1e9f66e Set ember-cli to 2.11.1.
• edeceaa Add babel@6 to devDeps for test harness.
• c113ff3 fixup! Update minimum node version.
• 06f4fc7 ES6ify
• 1f9d121 Update for babel@6.
• e157867 Update minimum node version.
• a8e851b Merge pull request #68 from samselikoff/patch-1
• d1763d7 Ensure super call is bounded
• 083ae62 Merge pull request #67 from Turbo87/ci-deploy
• 5fa9b15 CI: Enable automatic NPM deployment for tags

See the full diff

Package name: ember-cli-qunit

The new version differs by 120 commits.

• b183280 v4.1.0
• a897fa0 Update CHANGELOG for v4.1.0.
• 4196761 Upgrade to [email protected].
• cff4ea9 v4.1.0-beta.3
• 9880275 Update to [email protected].
• 64aed0c Merge pull request #193 from ember-cli/y-u-silly
• 41abf96 Remove `setTestGenerator` shenanigans.
• f86ead6 v4.1.0-beta.2
• 6c5ea3f Add 4.1.0-beta.2 to CHANGELOG.
• b9e4df0 Merge pull request #192 from rwjblue/properly-forward-to-ember-qunit
• 5a07eba Ensure contentFor and setTestGenerator are forwarded to ember-qunit.
• c605300 v4.1.0-beta.1
• 5ed7123 Update CHANGELOG.md for 4.1.0-beta.1.
• 4ab1f87 Merge pull request #191 from rwjblue/reduce-to-shim
• 486d7cd Remove functionality to defer to ember-qunit API.
• 38d8901 Merge pull request #189 from trentmwillis/release-notes
• 8066a88 Add RELEASE.md documentation
• a15252f Merge pull request #188 from tony2n2/master
• 27704c8 simplify condition logic
• 2887bf9 v4.0.1
• c959b9a Update CHANGELOG for v4.0.1.
• 6b172bf Update dependencies.
• 0379d7a Merge pull request #187 from ember-cli/ef4-patch-1
• afd1f4b docked testContainer should stick to the bottom of the window.

See the full diff

Package name: ember-electron

The new version differs by 250 commits.

• 159415a 2.9.0
• 5550e08 📦 Add a package-lock
• d47826b Merge pull request #355 from jacobq/support-ember-cli-3.2
• 938d1bd Update testem-electron.js (run headless in CI)
• 9ee0f93 Clean-up and use ember-cli v3.3.0
• 77fc9f1 Ensure temp package tarball busts npm cache
• 2b2047b Appease eslint
• 873731c Set testem-electron.js in TestTask::run
• 9ed83e5 Generate & add yarn.lock
• a38cb4d Remove unused dependency socket.io
• 784ce9b Use tarball to install to avoid symlink ember-electron in node_modules
• 63b1920 ember-cli-update (--to 3.2)
• 35b4354 ember-cli-update --to 3.1
• 63e1f32 ember-qunit-codemod
• 9e69b5a ember-cli-update --to 3.0
• 6b26014 ember-cli-update --to 2.18
• c156e29 ember-cli-update --to 2.16
• 8549142 Travis: use system's yarn & node 6,8,10
• dd9227a Merge branch 'master' of https://github.com/felixrieseberg/ember-electron
• 3af91eb Merge pull request #339 from jacobq/patch-3
• dd09655 🚀 Kick the build machine
• 3693346 2.8.0
• 8831174 Merge pull request #342 from jacobq/doc/faq-security
• 36becf4 Add content-security-policy.com link to references

See the full diff

Package name: ember-resolver

The new version differs by 250 commits.

• 6aae859 Release 8.0.0
• a7c14df Merge pull request #542 from ember-cli/modifier-dasherization
• 8362044 Merge branch 'release-setup-updates'
• edc8377 Remove automatic dasherization of modifiers.
• 217bce9 Bump eslint-plugin-node from 10.0.0 to 11.1.0
• 90c8139 Update automated release settings.
• 076a93e Bump qunit-dom from 0.9.2 to 1.2.0
• f142698 Merge pull request #531 from buschtoens/scoped-namespaces
• fb50521 Bump release-it from 12.4.3 to 13.5.2
• 489a258 Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/broccoli-merge-trees-4.2.0'
• 33a68a2 Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/ember-cli-version-checker-5.0.2'
• 8f09a59 Merge branch 'remove-resolutions'
• fddbff8 Bump broccoli-merge-trees from 3.0.2 to 4.2.0
• 8dd60a6 Bump ember-cli-version-checker from 3.1.3 to 5.0.2
• c83039b Bump broccoli-funnel from 2.0.2 to 3.0.2
• 7a7530c Remove yarn resolutions.
• 490289f fix: resolve `@ scope/package` namespaces
• 2516502 test: add `@ scope/name` namespaces
• 4f88462 Merge pull request #532 from buschtoens/drop-node-8
• 7994bb5 chore(deps-dev): upgrade to `ember-source@~3.16.5`
• 7e8575c [BREAKING] chore: drop support for Node 8
• 59d6e19 Bump eslint-plugin-ember from 7.7.2 to 7.8.1
• 0df9d7e Bump resolve from 1.15.0 to 1.15.1
• 261e3ef Bump ember-cli-babel from 7.14.1 to 7.18.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)