[Snyk] Fix for 1 vulnerabilities

[gregswindle]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	798/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 8.1	Remote Code Execution (RCE) SNYK-JS-EJS-2803307	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: generator-license

The new version differs by 33 commits.

• 86b7afb generator-license v5.5 (#102)
• ff14960 Bump ws from 7.2.1 to 7.4.6 (#101)
• cbbdaaa Bump hosted-git-info from 2.5.0 to 2.8.9 (#100)
• 5d79735 Bump lodash from 4.17.19 to 4.17.21 (#99)
• c616837 Bump y18n from 4.0.0 to 4.0.1 (#98)
• 561c3d9 Bump lodash from 4.17.15 to 4.17.19 (#97)
• 42ce3b5 Update libraries with npm audit fix
• e5b53f3 Bump handlebars from 4.1.2 to 4.5.3 (#96)
• cdb6833 Bump mixin-deep from 1.3.1 to 1.3.2 (#94)
• 7d11095 Bump lodash from 4.17.11 to 4.17.15 (#95)
• 712e105 Update packages to latest version
• 451301b Add nodejs 12 to build matrix
• 4e1438f Update packages to fix security errors
• cc86072 Remove nsp tool and switch to npm audit
• aeb9d17 Remove the old NodeJS 6 from builds
• 674f4dc Update build matrix; Fix #91
• 5a455d4 5.4.0
• 9ec3d42 Add the `publish` option (#82)
• 9959d5a Bump dependencies
• c092604 5.3.0
• a1446b9 Update lock format and travis matrix
• 6b88b27 Undefined or null (#87)
• e694910 Remove redundant dep, git-config, fixes #85 (#86)
• 9009547 Replace `nolicense` with `UNLICENSED` (#83)

See the full diff

Package name: generator-node

The new version differs by 25 commits.

• 39eb3f0 2.7.0
• 4fecfca Bump dependencies and update travis matrix
• b2d1e38 Switch to Travis-ci.com for readmes (#284)
• f0f5ed0 2.6.0
• ef2cfce Bump dependencies
• b2d8a3d Customization nodejs version for travis (#282)
• a8c2b84 2.5.0
• 71925a9 Bump dependencies
• bf99418 Remove nsp Fix #280 (#281)
• 7dc21a6 Bump yarn.lock
• d194028 2.4.1
• 04a71d3 Split prepublishOnly and prepare steps
• ddd83c8 v2.4.0
• d6ad8eb Update Yarn lockfile
• c7c85e3 Update dependencies (#278)
• 129c233 Add support for scoped package (Fix #272) (#275)
• fd50d93 Setup coverage output in the terminal
• 4fec892 Replace deprecated prepublish by prepublishOnly (#271)
• 32f1c96 Correct opencollective badge
• 80e7e9c Update README.md (#270)
• e1260dc Bump dependencies
• a791156 Update the generator/git to ES6 Class (#269)
• ad88f00 Bump dependencies
• ad67e66 2.3.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Remote Code Execution (RCE)