[Snyk] Fix for 1 vulnerabilities

[MaxMood96]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: css-loader

The new version differs by 80 commits.

• 634ab49 chore(release): 2.0.0
• 6ade2d0 refactor: remove unused file (zone.js@0.6.14 breaks build 🚨 PatrickJS/PatrickJS-starter#860)
• e7525c9 test: nested url (Update awesome-typescript-loader to version 2.2.1 🚀 PatrickJS/PatrickJS-starter#859)
• 7259faa test: css hacks (Update awesome-typescript-loader to version 2.2.0 🚀 PatrickJS/PatrickJS-starter#858)
• 5e6034c feat: allow to filter import at-rules (Webpack is not watching my changes in a new directory. PatrickJS/PatrickJS-starter#857)
• 5e702e7 feat: allow filtering urls (Github deploy Http.get not working PatrickJS/PatrickJS-starter#856)
• 9642aa5 test: css stuff (url resolution in css files, global css support and sass support at separate branch PatrickJS/PatrickJS-starter#855)
• 3338656 fix: reduce number of require for url (Uncaught reflect-metadata shim is required when using class decorators PatrickJS/PatrickJS-starter#854)
• 533abbe test: issue 636 (ERROR with UglifyJs when building npm start build:prod PatrickJS/PatrickJS-starter#853)
• 08c551c refactor: better warning on invalid url resolution (Link to slack chat broken (404) PatrickJS/PatrickJS-starter#852)
• b0aa159 test: issue How to build app current app using web pack?  PatrickJS/PatrickJS-starter#589 (VS Code Launch.json PatrickJS/PatrickJS-starter#851)
• f599c70 fix: broken unucode characters (Update karma to version 1.2.0 🚀 PatrickJS/PatrickJS-starter#850)
• 1e551f3 test: issue 286 (Material2 alpha.7-2 PatrickJS/PatrickJS-starter#849)
• 419d27b docs: improve readme (SSL setup in webpack PatrickJS/PatrickJS-starter#848)
• d94a698 refactor: webpack-default (Update parse5 to version 2.2.0 🚀 PatrickJS/PatrickJS-starter#847)
• b97d997 feat: schema options
• 453248f fix: support module resolution in composes (Cannot find name 'Promise'. In Visual Studio Code PatrickJS/PatrickJS-starter#845)
• 8a6ea10 refactor: postcss plugins (checkNodeImport is never used! PatrickJS/PatrickJS-starter#844)
• fdcf687 fix: url resolving logic (update to rc.5 PatrickJS/PatrickJS-starter#843)
• 889dc7f feat: allow to disable css modules and disable their by default (chore: update deprecated test functions PatrickJS/PatrickJS-starter#842)
• ee2d253 test: importLoaders option (Update protractor to version 4.0.3 🚀 PatrickJS/PatrickJS-starter#841)
• 1dad1fb feat: reuse postcss ast from other loaders (i.e `postcss-loader`) (npm start fails PatrickJS/PatrickJS-starter#840)
• fe94ebc test: icss reserved keywords (How to include server side code PatrickJS/PatrickJS-starter#839)
• 9eaba66 refactor: migrate on message api for postcss-icss-plugin (Update karma-webpack to version 1.8.0 🚀 PatrickJS/PatrickJS-starter#838)

See the full diff

Package name: html-webpack-plugin

The new version differs by 250 commits.

• 873d75b chore(release): 5.5.0
• ddeb774 chore: update examples
• 1e42625 feat: Support type=module via scriptLoading option
• 7d3645b Bump pretty-error to 4.0.0 to fix transitive vuln for ansi-regex CVE-2021-3807
• 79be779 [chore] changes actions to run on pull_requests
• b7e5859 [chore] fixes CI to avoid race conditions
• 48131d3 chore(release): 5.4.0
• 16a841a [chore] rebuild examples
• 3bb7c17 Update index.js
• e38ac97 Update index.js
• f08bd02 [chore] updates fixtures
• d62a10f [chore] upgrades html-minifier-terser@5.0.0 -> 6.0.2
• 2f5de7a Remove archived plugin
• 8f8f7c5 chore(release): 5.3.2
• 053c6e6 chore: update snapshot tests for webpack 5.4.0
• 9c7fba0 Fix security vulnerabilities
• b98fbeb Fix security vulnerabilities
• 25cdfc7 Added inject-body-webpack-plugin to readme
• 0e4c1fb Update README to document actual behavior
• 0a6568d chore(release): 5.3.1
• 82d0ee8 fix: remove loader-utils from plugin core
• 6f39192 chore(release): 5.3.0
• d654f5b feat: allow to modify the interpolation options in webpack config
• 41d7a50 feat: drop loader-utils dependency

See the full diff

Package name: node-sass

The new version differs by 74 commits.

• 99242d7 7.0.1
• 77049d1 build(deps): bump sass-graph from 2.2.5 to 4.0.0 (#3224)
• c929f25 build(deps): bump node-gyp from 7.1.2 to 8.4.1 (#3209)
• 918dcb3 Lint fix
• 0a21792 Set rejectUnauthorized to true by default (#3149)
• e80d4af chore: Drop EOL Node 15 (#3122)
• d753397 feat: Add Node 17 support (#3195)
• dcf2e75 build(deps-dev): bump eslint from 7.32.0 to 8.0.0
• bfa1a3c build(deps): bump actions/setup-node from 2.4.0 to 2.4.1
• 80d6c00 chore: Windows x86 on GitHub Actions (#3041)
• 566dc27 build(deps-dev): bump fs-extra from 0.30.0 to 10.0.0 (#3102)
• 7bb5157 build(deps): bump npmlog from 4.1.2 to 5.0.0 (#3156)
• 2efb38f build(deps): bump chalk from 1.1.3 to 4.1.2 (#3161)
• fca5257 build(deps): bump actions/setup-node from 2.3.0 to 2.4.0
• 6200b21 docs: Double word "support" (#3159)
• eaf791a build(deps): bump actions/setup-node from 2.1.5 to 2.3.0
• 16b8d4b build(deps): bump coverallsapp/github-action from 1.1.2 to 1.1.3
• c167004 6.0.1
• 911d4db remove mkdirp dep (#3108)
• 30a52f7 build(deps): bump meow from 3.7.0 to 9.0.0
• 7e08463 build(deps-dev): bump mocha from 8.4.0 to 9.0.1
• cfcbb2c chore: Use default Apline version from docker-node (#3121)
• 886319b chore: Drop Node 10 support
• c908f4f fix: Bump OSX minimum to 10.11

See the full diff

Package name: protractor

The new version differs by 63 commits.

• 5d8da04 chore(release): version bump to 6.0.0 and update the changelog
• d777738 chore(tests): circleci - chrome 69 requires chromdriver to 2.44 (#5182)
• 3d50b68 chore(deps): update based on npm audit
• e478ba8 chore(release): bump version to 6.0.1-beta
• 7054827 chore(types): fix types to use not @ types/selenium-webdriver (#5127)
• 2e5c2e6 chore(jasmine): prevent random execution order in jasmine 3 (#5126)
• 8afc4e2 chore(release): release 6.0.0-beta and update the changelog
• 5fd711c chore(webdriver-manager): use webdriver-manager@13.0.0-beta
• 96ae17c deps(jasmine): upgrade jasmine 3.3 (#5102)
• 68491dd chore(expectedConditions): update generic Function typings (#5101)
• cf43651 chore(debugprint): convert debugprint to TypeScript (#5074)
• d213aa9 deps(selenium): upgrade to selenium 4 (#5095)
• 4672265 chore(browser): remove timing issues with restart and fork (#5085)
• b4dbcc2 chore(elementexplorer): remove explorer bin file (#5094)
• 7de6d85 docs(api): update examples to use async/await (#5081)
• 1b2036e typings(selenium): try out new version of typings (#5084)
• befb457 chore(bin): update webdriver-manager require to use the cli (#5093)
• 509f1b2 deps(latest): upgrade to the gulp and typescript (#5089)
• 2def202 deps(webdriver-manager): use replacement (#5088)
• 9d510db chore(test): remove jasmine addMatcher test (#5072)
• 6522e40 chore(cleanup): clean up imports and wdpromises (#5073)
• 3b8f263 chore(ignoreSynchornization): clean up to use waitForAngularEnabled (#5071)
• ffa3519 chore(debugger): remove debugger and explore methods (#5070)
• 0f7a38a chore(test): error tests fixed (#5069)

See the full diff

Package name: webpack-dev-server

The new version differs by 250 commits.

• c9271b9 chore(release): 4.0.0
• 18bf369 test: fix stability (#3676)
• cdcabb2 fix: respect protocol from browser for manual setup (#3675)
• 1768d6b fix: initial reloading for lazy compilation (#3662)
• 4f5bab1 docs: improve examples (#3672)
• f2d87fb fix: improve https CLI output (#3673)
• 0277c5e chore: remove redundant console statements (#3671)
• 16fcdbc docs: add `ipc` example (#3667)
• 8915fb8 test: add e2e tests for built in routes (#3669)
• 4d1cbe1 docs: ask `version` information in issue template (#3668)
• b6c1881 chore(deps-dev): bump core-js from 3.16.1 to 3.16.2 (#3666)
• ffa8cc5 chore(deps-dev): bump supertest from 6.1.5 to 6.1.6 (#3665)
• f1fdaa7 chore(release): 4.0.0-rc.1
• c4678bc fix: legacy API (#3660)
• d8bdd03 test: fix stability (#3661)
• 22b1414 refactor: remove `killable` (#3657)
• 75bafbf test: add e2e tests for module federation (#3658)
• 493ccbd chore(deps): update `ws` (#3652)
• ae8c523 test: add e2e test for universal compiler (#3656)
• f94b84f chore(deps): update (#3655)
• 1923132 test: fix cli
• 2adfd01 test: fix todo (#3653)
• 6e2cbde fix: proxy logging and allow to pass options without the `target` option (#3651)
• c9ccc96 fix: respect infastructureLogging.level for client.logging (#3613)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.