[Snyk] Upgrade lerna from 3.15.0 to 3.16.4

[snyk-bot]

Snyk has created this PR to upgrade lerna from 3.15.0 to 3.16.4.

• The recommended version is 5 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2019-07-24.

The recommended version fixes:

Severity	Title	Issue ID
	Prototype Pollution	SNYK-JS-HANDLEBARS-469063

Release notes

• 3.16.4 - 2019-07-24

  3.16.4 (2019-07-24)

  Bug Fixes

  • conventional-commits: Avoid duplicate root changelog entries with custom --tag-version-prefix (8adeac1), closes #2197
  • conventional-commits: Preserve tag prefix in fixed changelog comparison links (11cf6d2), closes #2197
  • pack-directory: Use correct property when packing subdirectories (1575396)
  • publish: Pass correct arguments to packDirectory() (b1aade3)
• 3.16.3 - 2019-07-23

  3.16.3 (2019-07-23)

  Bug Fixes

  • publish: Identify tagged packages correctly with custom --tag-version-prefix (f4cbd4d), closes #2195
• 3.16.2 - 2019-07-22

  3.16.2 (2019-07-22)

  Bug Fixes

  • create-symlink: Generate shims for missing bin scripts for Windows (c3f7998)
  • create-symlink: Use octal notation for chmod values (03f80b7)
  • deps: npm-lifecycle@^3.1.2 (25edebf), closes #2189
  • deps: Switch to actively-maintained @zkochan/cmd-shim (60d1100)
  • integration: Limit concurrency of bootstrap --hoist test (f25854d)
• 3.16.1 - 2019-07-19

  3.16.1 (2019-07-19)

  Bug Fixes

  • deps: Pin exact npm-lifecycle@3.0.0 to avoid Windows regression in >=3.1.0 (af0569d), closes #2189
• 3.16.0 - 2019-07-18

  3.16.0 (2019-07-18)

  Bug Fixes

  • command: Bump minimum range of lodash, silence dumb 'security' warning (c405871)
  • conventional-commits: Hard-pin lodash.template dependency to silence 'helpful' security warning (c54ad68)
  • deps: Bump @evocateur/pacote (03e4797)
  • deps: Update forked npm libs (4d67426)
  • npm-conf: OTP should default to undefined, figgy pudding is very strict (2fa02a8)
  • pack-directory: Bump npm-packlist + tar dependencies (59ebd19)
  • package-graph: Flatten cycles to avoid skipping packages (#2185) (b335763)
  • project: Ensure deprecated githubRelease config is also remapped from command.publish namespace (a3d264e), closes #2177
  • publish: Add --graph-type option to control packages included in topological sort (#2152) (ae87669), closes #1437
  • publish: Allow --no-verify-access to prevent checking for account-level 2FA (ce58d8f)
  • publish: OTP cache should be seeded from conf value, not CLI directly (cf56622)
  • publish: Propagate root license into custom publish directories (d410a58), closes #2157

  Features

  • bootstrap: Add --strict option to enable throwing when --hoist warns (#2140) (91437b5)
  • deps: @octokit/plugin-enterprise-rest@^3.6.1 (74a3890)
  • deps: @octokit/rest@^16.28.4 (5f09f50)
  • deps: byte-size@^5.0.1 (ed51ddd)
  • deps: conventional-recommended-bump@^5.0.0 (2a0ed60)
  • deps: fs-extra@^8.1.0 (313287f)
  • deps: get-port@^4.2.0 (778ae6a)
  • deps: glob-parent@^5.0.0 (c6bc218)
  • deps: globby@^9.2.0 (d9aa249)
  • deps: import-local@^2.0.0 (14d2c66)
  • deps: is-ci@^2.0.0 (ab2ad83)
  • deps: load-json-file@^5.3.0 (3718cc9)
  • deps: multimatch@^3.0.0 (968b0d7)
  • deps: p-map@^2.1.0 (9e58394)
  • deps: pify@^4.0.1 (f8ee7e6)
  • deps: semver@^6.2.0 (d8016d9)
  • deps: slash@^2.0.0 (bedd6af)
  • deps: write-json-file@^3.2.0 (4fa7dea)
  • listable: Output JSON adjacency list with --graph (9457a21), closes #1970
  • otplease: Expose getOneTimePassword() helper (44b9f70)
  • publish: Eager prompt for OTP when account-level 2FA is enabled (4f893d1)
  • run-lifecycle: Upgrade npm-lifecycle@^3.1.0 (e015a74)
• 3.15.0 - 2019-06-09

  3.15.0 (2019-06-09)

  Bug Fixes

  • deps: Consume forked npm libs (bdd4fa1)

  Features

  • version: Add --create-release=[gitlab|github] option (#2073) (4974b78)

from lerna GitHub Release Notes

---

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs