[Snyk] Fix for 1 vulnerabilities

[Apetree100122]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • app-shell-demo/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	125/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.01055, Social Trends: No, Days since published: 0, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.08, Score Version: V5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: del

The new version differs by 47 commits.

• cd0543e 6.0.0
• 6c99805 Require Node.js 10
• 1df5280 Readme tweaks
• 4acd962 Add tip about deleting subdirectories (Update links for runtimeCaching documentation GoogleChromeLabs/sw-precache#116)
• 1a0c36c Add mention of GitHub Sponsors
• 1e0d705 Tidelift tasks
• 892ce2a Make it clear that it recursively deletes directories (chore(cli): add "maximumFileSizeToCacheInBytes" GoogleChromeLabs/sw-precache#113)
• 728cb7c Fix benchmark
• 557c1fa 5.1.0
• 12c443d Meta tweaks
• 01da91f Allow non-glob patterns with backslash on Windows (urlWithCacheBusting and CDN problematic GoogleChromeLabs/sw-precache#100)
• 9c72270 Add benchmarks (Exclude output file from list to be precached GoogleChromeLabs/sw-precache#101)
• 1299747 Use graceful-fs (Require the RegExp request-matching syntax (without options.origin) in runtimeCaching GoogleChromeLabs/sw-precache#108)
• f509a89 Update dependencies (runtimeCaching options do not get read from external JSON config file GoogleChromeLabs/sw-precache#109)
• ca05c65 Sort removed files (Consider erroring/warning when static file paths are specified but not found GoogleChromeLabs/sw-precache#102)
• 51662ac Reverse order back for the returned paths (WebKit url.search adds an extra '?' GoogleChromeLabs/sw-precache#99)
• 902b594 Meta tweaks
• ffbf4c4 Fix the `cwd` option (Remove the sourcemap comment when inlining sw-toolbox GoogleChromeLabs/sw-precache#96)
• 8efdbcd Prevent race condition on macOS when deleting files (Unminified sw-toolbox code for debugging GoogleChromeLabs/sw-precache#95)
• 9e7550b Add note about backward-slashes
• c071180 5.0.0
• a73462c Meta tweaks
• 6f96d2d Update globby to version 10 (Removes console.log()s from the generated SW GoogleChromeLabs/sw-precache#64)
• 6e23f6a Tidelift tasks

See the full diff

Package name: eslint

The new version differs by 250 commits.

• a7985a6 6.0.0
• be74dd9 Build: changelog update for 6.0.0
• 81aa06b Upgrade: espree@6.0.0 (#11869)
• 5f022bc Fix: no-else-return autofix produces name collisions (fixes #11069) (#11867)
• ded9548 Fix: multiline-comment-style incorrect message (#11864)
• cad074d Docs: Add JSHint W047 compat to no-floating-decimal (#11861)
• 41f6304 Upgrade: sinon (#11855)
• 167ce87 Chore: remove unuseable profile command (#11854)
• c844c6f Fix: max-len properly ignore trailing comments (fixes #11838) (#11841)
• 1b5661a Fix: no-var should not fix variables named 'let' (fixes #11830) (#11832)
• 4d75956 Build: CI with Azure Pipelines (#11845)
• 1db3462 Chore: rm superfluous argument & fix perf-multifiles-targets (#11834)
• c57a4a4 Upgrade: @ babel/polyfill => core-js v3 (#11833)
• 65faa04 Docs: Clarify prefer-destructuring array/object difference (fixes #9970) (#11851)
• 81c3823 Fix: require-atomic-updates reports parameters (fixes #11723) (#11774)
• aef8ea1 Sponsors: Sync README with website
• 4f48f5a 6.0.0-rc.0
• 6bad650 Build: changelog update for 6.0.0-rc.0
• f403b07 Update: introduce minKeys option to sort-keys rule (fixes #11624) (#11625)
• 87451f4 Fix: no-octal should report NonOctalDecimalIntegerLiteral (fixes #11794) (#11805)
• e4ab053 Update: support "bigint" in valid-typeof rule (#11802)
• e0fafc8 Chore: removes unnecessary assignment in loop (#11780)
• 20908a3 Docs: removed '>' prefix from from docs/working-with-rules (#11818)
• 1c43eef Sponsors: Sync README with website

See the full diff

Package name: express-handlebars

The new version differs by 250 commits.

• 1e169fe chore(release): 7.0.0 [skip ci]
• 86da3b2 fix: minimum Node v16 (#516)
• 3b08bbb fix(deps): update dependency glob to v9 (#514)
• 8917c9f chore(deps): update devdependency semantic-release to ^20.1.1
• 069c579 chore(deps): update typescript-eslint monorepo to ^5.54.0
• 790869d chore(deps): update devdependency eslint to ^8.35.0
• 4766eed chore(deps): update devdependency @ types/glob to ^8.1.0
• e88c951 chore(deps): update typescript-eslint monorepo to ^5.53.0
• c9d47e9 chore(deps): update devdependency jest-cli to ^29.4.3
• 62d5841 chore(deps): update typescript-eslint monorepo to ^5.52.0
• 16980b5 chore(deps): update devdependency eslint to ^8.34.0
• 2b1be56 chore(deps): update devdependency jest-cli to ^29.4.2
• 2e8c9df chore(deps): update typescript-eslint monorepo to ^5.51.0
• 7b6f9a0 chore(deps): update typescript-eslint monorepo to ^5.50.0
• 1538fbf chore(deps): update devdependency typescript to ^4.9.5
• 0898df3 chore(deps): update devdependency jest-cli to ^29.4.1
• 70539de chore(deps): update devdependency eslint to ^8.33.0
• e83940a chore(release): 6.0.7 [skip ci]
• 1bb2a2f fix(deps): update dependency glob to ^8.1.0 (#489)
• 5dffb89 chore(deps): update devdependency @ types/jest to ^29.4.0
• a983d2d chore(deps): update devdependency semantic-release to ^20.1.0
• 0c5eb2a chore(deps): update devdependency jest-cli to ^29.4.0
• c9986c8 chore(deps): update devdependency semantic-release to ^20.0.4
• 855b6d1 chore(deps): update typescript-eslint monorepo to ^5.49.0

See the full diff

Package name: glob

The new version differs by 114 commits.

• a68703e 9.0.0
• 58159ca test: cwd can be a url
• a547a9c more docs
• 42a3ac7 link to bash manual for Pattern Matching
• 474172d update readme with cwd URL support
• ad3904d update readme with posix class support
• b22fc7d minimatch@7.3.0
• cdd1627 update all the things, remove unused mkdirp types
• 75c6416 Merge branch 'v9'
• fa0cd77 cwd can be a file:// url
• d03ed0a typedoc github action
• 9a5a45a put bench results in readme
• 20b2f88 docs, fix benchmark script
• 4829c88 upgrade ci actions
• 5cbacdd minimatch@7.2.0
• 210310b omit symlinks on windows
• d34c8d5 full test coverage, clean up signals and remove extranous code
• 5f21b46 adding lots of tests, clean up types
• b12e6ba slashes on nodir test
• 75f74b0 more windows test slashes
• 3aa1abd more windows test affordances
• 3e68a7b some windows test affordances
• 8c2e082 feature complete and tests passing
• c3be35a correct ** vs ./** behavior

See the full diff

Package name: gulp-eslint

The new version differs by 32 commits.

• 5dd78fa 6.0.0
• a35a203 Upgrade to ESLint 6 (How to implement "cache first then network" and "network first then cache" strategies GoogleChromeLabs/sw-precache#235)
• 40d004f 5.0.0
• 72c3599 use destructuring assignment to simplify the code
• aed571b update dependencies and devDependencies (Trouble with SW updates GoogleChromeLabs/sw-precache#224)
• a58a58d 4.0.2
• 0880d1a update plugin-error and mocha
• 1d79ed0 4.0.1
• 8f7e966 replace all HTTP protocols with HTTPS
• b48a04a remove deprecated gulp-util dependency (Cli : set defaults : field stripPrefixMulti GoogleChromeLabs/sw-precache#213)
• 35eae57 update devDependencies (Update README. GoogleChromeLabs/sw-precache#207)
• 47bd269 use npx to simplify after_script
• 29dbab5 inherit autofix-related props even if `quiet` option is enabled
• a398838 4.0.0
• 18a4299 emit an error when it fails to load an ESLint plugin
• b8bf261 update ESLint from v3 to v4 (Promote the use of module.exports for external configuration GoogleChromeLabs/sw-precache#198)
• c0e82ce use `Buffer.from` instead of `new Buffer`
• e6c67a2 drop support for linting `Stream` contents
• 132d5cc Fix formatting issues in README.md (app-shell-demo does not work GoogleChromeLabs/sw-precache#194)
• 7f65378 remove link to config file `globals` doc
• 8ddfb84 correct the type of `globals` option in README
• 6059c22 3.0.1
• b0c2816 ensure sharable config works
• 08b9212 test the case where babel-eslint is actually useful

See the full diff

Package name: gulp-sass

The new version differs by 42 commits.

• 5775044 Update CHANGELOG.md
• 978b8f6 Update to major version 5 (#802)
• 10eae93 Update changelog for 4.1.1
• 947b26c Upgrade lodash to fix a security issue (#776)
• 8d6ac29 Update changelog
• 43c0547 4.1.0
• ebe3ec6 Set appropriate file stat times (#763)
• 7ab018e Migrate to the lodash package
• fa670c6 4.0.2
• fefa00e Revert package.json version bump
• 98254d2 Fix README typos
• 8a14419 Continue loading Node Sass by default
• 938afbe Add a note about synchronous versus asynchronous speed
• 7cc2db1 Make this package implementation-agnostic
• 643f73b Add documentation for synchronous code options
• 0b3c7e7 4.0.1
• daca90d Merge pull request #681 from DKvistgaard/master
• 71471c2 Declaring logError as function instead of arrow function.
• 450a7b8 4.0.0
• e9b1fe8 Fix node versions in appveyor.yml
• 44be409 Merge pull request #667 from dlmanning/next
• 7656eff Adopt airbnb eslint preset
• 1293169 Bump autoprefixer@^8.1.0, gulp-postcss@^7.0.1
• 9fa817b Bump gulp-sourcemaps@^2.6.4

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.