[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	561/1000 Why? Recently disclosed, CVSS 9.8	Prototype Pollution SNYK-JS-LODASH-590103	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: grunt-contrib-jshint

The new version differs by 9 commits.

• cd26571 v0.12.0
• 3a23c20 Bump JSHint to v2.9.1.
• 333d69f Update copyright to 2016
• 6df2d10 CI: Remove node.js '0.12' and add '5'.
• d4f5023 Update CHANGELOG.
• 789f405 Fix typo's typo.
• 547cf4b Update appveyor.yml.
• 810c393 Fix typos in docs.
• aa19a8d CI: test node.js 4.0.

See the full diff

Package name: grunt-contrib-uglify

The new version differs by 74 commits.

• d7704c4 v0.11.1
• c129bf6 Merge pull request #377 from avdg/fix-screw-ie8-option-crash
• d74556f Merge pull request #387 from joeldenning/patch-1
• 758b7d5 Merge branch 'master' of github.com:gruntjs/grunt-contrib-uglify
• 92c84c8 Point main to task
• 0b00c0b Remove peerDeps. Ref Remove peerDependencies from plugins gruntjs/grunt#1116
• 52cc6ae Merge pull request #388 from swarajgiri/bump-dependencies
• 2ff0283 Update lodash, maxmin and dev dependencies
• 6352022 Improve documentation for conditional compilation
• a6dd1cb Merge pull request #386 from ramswaroop/master
• f3c4592 Update README.md
• ea77dde Merge pull request #375 from jrhite/master
• 63279df Update copyright to 2016
• 71bf6f5 Merge branch 'master' of https://github.com/vibornoff/grunt-contrib-uglify into fix-screw-ie8-option-crash
• be7de43 CI: Remove node.js '0.12' and add '5'.
• 8578547 add handling of mangle_properties regex option in uglifyjs
• 1deb3be v0.11.0
• 13e95a2 Bump uglify-js to v2.6.0.
• 17ee505 Revert "Do not use "^" versions, ever, use ~"
• 2562bb2 v0.10.1
• 326f932 Merge pull request #369 from Rialgar/patch-1
• 7276245 Do not use "^" versions, ever, use ~
• b8bd228 v0.10.0
• e47d9e1 Merge pull request #361 from UltCombo/patch-1

See the full diff

Package name: grunt-karma

The new version differs by 55 commits.

• aab923d chore: release v3.0.0
• 02400ab chore: Update contributors
• b5afebd Merge pull request #263 from karma-runner/data-files
• 01e916c chore(refactor): simplify data.files creation
• 0174ca8 chore: add test for flattened 'files' option and clean up code (#262)
• a5a2fc0 chore: match order between task definition and execution
• 19551fd fix(deps): Update test to use karma 3.0.0
• d7dad1e chore(deps): update eslint to version 5.4.0
• bc53ead chore: Remove unused 'pkgFile' from gruntfile.js
• 26626b7 chore: make travis and local 'npm test' do the same
• b7f3048 chore(package): update mocha to version 3.4.2
• 1182766 fix(deps): update lodash version to address npm audit warning
• 60373bc chore: add a Git .mailmap with my new name
• d33f70e chore(travis): update Node versions tested
• 9314248 fix: ensure proper path format
• 01cf310 chore(deps): fix peerDependency on Grunt to include v1.x.
• 38236eb Merge pull request fix/scopes #194 from gnail/patch-1
• 33386b3 fix: Remove hardcoded useIframe & captureConsole opts
• c7a27c2 Merge pull request Allow configuration of fonts directory #193 from karma-runner/upgrade
• a911ca1 feat: upgrade dependencies
• afb752f chore: release v2.0.0
• 13ffaab chore: Update contributors
• e81dc13 Merge pull request feat(Gruntfile): suppress package.json scripts manipulations #189 from ValentinH/handle-base-path-in-preprocessors
• e31195a Merge pull request [Snyk Update] New fixes for 1 vulnerable dependency path #190 from MikeDimmickMnetics/background-use-client-send

See the full diff

Package name: grunt-scss-lint

The new version differs by 26 commits.

• c7ed6ad bumped
• 3a5a31b Adds option to fail or not fail on lint warning (Workaround to the tslint configuration to be able to read custome rules directory #138)
• 2c41c7d Merge pull request make it possible to use gzip content encoding in proxies #110 from ngeor/feature/108-support-checkstyle
• c0e4e70 Updated Gemfile.lock again
• 99cbbf3 Removing rake from Gemfile.lock also nested dependency
• fce9ca2 Removing rake from Gemfile.lock
• 4b426ec Merge pull request #NGG-42|overcome chrome https issues. #124 from chrisnicotera/master
• 5417ffb Merge branch 'master' of https://github.com/ahmednuaman/grunt-scss-lint
• fb61fc0 Adding .DS_Store in gitignore
• f45441b mocking chalk in tests.
• 0f3e6f8 Trying FORCE_COLOR instead of CLICOLOR_FORCE
• 11f7e0a Typo one -> once.
• 51dad18 Removed accidentally committed test code
• 81f50b5 Removing nock-exec dependency.
• 365bf93 Adding test timeout because sometimes tests take more than 2 seconds. Fixing colorizing output. Fixing assertion regarding errors.
• 3d74de7 Upgraded all node dependencies and increasing version number to 0.4.0. Removing obsolete jscs rule. Adding more recent nodejs environments for appveyor. Upgraded gem dependencies.
• 47d346d Support checkstyle report output feat(test kits): export the typescript files in test/lib #108. Support for the -r and -f parameters of scss-lint.
• 528ec26 Merge pull request feat(NGG-70) : npm-outdated grunt task #129 from nick11703/master
• 46c0d06 Merge branch 'master' of https://github.com/nick11703/grunt-scss-lint
• 8b1ad9b Adds TXT file support + updates tabs to spaces (+1 squashed commit)
• 2f6271d removed appveyor
• fd690ab Updates tabs to spaces
• 283bb04 Enables TXT output option.
• 78616ed Change gem name from scss-lint to scss_lint in README.md

See the full diff

Package name: inquirer

The new version differs by 11 commits.

• a0c2d4d 0.12.0
• d7943fc Merge pull request #334 from ruyadorno/update-cli-width
• 500660d Updates cli-width dep, fixes #285
• 08030e2 Merge pull request #332 from TrySound/upgrade-lodash
• d3871fc Upgrade lodash
• da678e6 Merge pull request #330 from eush77/short-for-expand
• eb213a2 use "short" property in expand prompt
• adb5c81 Merge pull request #328 from dougluce/master
• 6d69138 Add Emacs up/down keybindings
• f9ca663 Merge pull request #327 from bcoe/defend-width-test
• bedf887 add test for #326

See the full diff

Package name: karma

The new version differs by 250 commits.

• db41e8e chore: release v2.0.0
• 0a1a8ef chore: update contributors
• 1afcb09 chore: add yarn.lock
• f64e1e0 Merge pull request #2899 from outsideris/fix-bad-url-in-stacktrace
• 78ad12f refactor(server): move compile step to first run
• 34dc7d3 fix(reporter): show file path correctly when urlRoot specified
• b53929a Merge pull request #2712 from macjohnny/patch-1
• c9e1ca9 feat: better string representation of errors
• 10fac07 Merge pull request #2885 from karma-runner/prep-2
• 00e3f88 chore: remove yarn.lock for now
• 60dfc5c feat: drop core-js and babel where possible
• 0e1907d test: improve linting and fix test on node 4
• af0efda test(e2e): update cucumber step definitions
• c3ccc5d chore(ci): focus on even node versions
• bf25094 chore(deps): update to latest
• d93cc5f docs(config): Document port collision scenario.
• 871d46f feat(launcher): trim whitespace in browser name
• 99fd3f0 fix(config): Call debug log methods after setting the loglevel based upon config/cli-options.
• 7bd54ed Merge pull request #2890 from reda-alaoui/patch-1
• 91e916a docs(config): Document port collision scenario.
• 334f9fb feat(launcher): trim whitespace in browser name
• e23c0d4 Merge pull request #2837 from JakeChampion/logs
• a340dae fix(config): Call debug log methods after setting the loglevel based upon config/cli-options.
• 6d353dc docs: improve comments in config.tpl.*

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic