[Snyk] Fix for 1 vulnerabilities

[baby636]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: grunt

The new version differs by 123 commits.

• 0afeb5c 1.6.0
• 2805dc3 Merge pull request Fix for #1740. Dogfalo/materialize#1750 from gruntjs/dep-update-jan28
• 3f1e423 README updates
• 8fd096d Bump to 16
• 42c5f95 Update more deps
• 1d88050 Bump eslint and node version
• 82d79b8 1.5.3
• 572d79b Merge pull request Background tearing during scroll Dogfalo/materialize#1745 from gruntjs/fix-copy-op
• 58016ff Patch up race condition in symlink copying.
• 0749e1d Merge pull request Lets update the documentation for navbar search. Dogfalo/materialize#1746 from JamieSlome/patch-1
• 69b7c50 Create SECURITY.md
• ac667b2 1.5.2
• 7f15fd5 Update Changelog
• b0ec6e1 Merge pull request Right to left Support Dogfalo/materialize#1743 from gruntjs/cleanup-link
• 433f91b Clean up link handling
• d5969ec 1.5.1
• ad22608 Merge pull request sideNav not working with Requirejs Dogfalo/materialize#1742 from gruntjs/update-symlink-test
• 0652305 Fix symlink test
• a7ab0a8 1.5.0
• b2b2c2b Updated changelog
• 3eda6ae Merge pull request Forgot to complete Dogfalo/materialize#1740 from gruntjs/update-deps-22-10
• 47d32de Update testing matrix
• 2e9161c More updates
• 04b960e Remove console log

See the full diff

Package name: grunt-contrib-compress

The new version differs by 14 commits.

• bd9fc8e v2.0.0
• b8565a9 Update Archiver (Styled input file button Dogfalo/materialize#232)
• f6815bf Update deps and remove nodeunit loading (Date picker string translation with weekdaysShort parameter is not working Dogfalo/materialize#231)
• b70c1d9 Update tests and dependencies (Date picker opens up after switching tabs  Dogfalo/materialize#230)
• 5759edd Bump ini from 1.3.5 to 1.3.7 (Many selects in same form Dogfalo/materialize#228)
• 0603886 v1.6.0
• ea2bb69 Update deps (Fixed a typo Dogfalo/materialize#218)
• 1cfa1f1 update iltorb to 2.4.3 (Merge pull request #1 from Dogfalo/master Dogfalo/materialize#216)
• a8998ec 1.5.0
• e7cb371 Update changelog
• f6e95ab Add package lock (Is there a center align ? Dogfalo/materialize#213)
• 050ae41 Updated iltorb to latest minor version for v1.* (sidebar on both sides Dogfalo/materialize#209)
• fd055e9 update tar to 4.4.8 (Integrate alexk111's SVG-Morpheus? Dogfalo/materialize#211)
• b8ed0cc package.json: minimum node.js version is 4 since the Brotli patch.

See the full diff

Package name: grunt-contrib-jasmine

The new version differs by 5 commits.

• 51feacb Update deps (Does SideNav also work other than on mobile? Dogfalo/materialize#271)
• 02e72f3 Switch from PhantomJS to Chrome Headless via Puppeteer (Input-field class documentation Dogfalo/materialize#269)
• 55594d0 1.2.0
• 5fc2536 Update ci (Add Sidebar Naviagation Dogfalo/materialize#268)
• cc8572c Fix deprecation warning in Node.js 7 (Increased z-index of dropdown menu Dogfalo/materialize#262)

See the full diff

Package name: grunt-sass

The new version differs by 9 commits.

• 2b662db 3.0.0
• 64f6444 Add support for Dart Sass (reattach events Dogfalo/materialize#283)
• 683ad07 Meta tweaks
• 12138d1 Fix linting
• 26c31c0 Require Node.js 8
• 276257e 2.1.0
• cfb6b53 Force the latest verison of node-sass
• b7087c6 Travis CI: Add Node.js 7 (Updated the range input code sample Dogfalo/materialize#270)
• e9187e2 Lock the XO dependency

See the full diff

Package name: jasmine

The new version differs by 81 commits.

• e1657e3 Fixed grunt release task to use main, not master
• 0d56082 Bump version to 3.6
• 0e8022b Removed ancient Node versions from build matrix
• 4814296 Removed unnecessary check for passedExpectations truthiness
• 204e0a1 Fixed spec that wasn't verifying what it meant to
• 7e72bef Merge branch 'missing-core-config-options' of https://github.com/coyoteecd/jasmine-npm
• 4ecf63c Support 'failSpecWithNoExpectations' config option and include a message in the default ConsoleReporter when a spec contains no expectations
• af16759 Merge branch 'c4dt-master'
• 6c14ba2 not parsing argv after --
• f0c0d7d Merge branch 'wood1986-features/concurrent-v4'
• b78c149 feat: add the parallel functionality
• c2e0f30 bump version to 3.5
• f2dee59 Use the total time from Jasmine-Core instead of calculating ourself
• b44fcef Add newer node.js version to travis and bump year in license
• dd00f4b Bump version to 3.4
• b5d9ef9 Use `removeListener` instead of `off` since it always exists
• 78cf067 Merge branch 'battk-remove-listener'
• 8e9ab27 moved exit listener add and removal to completion reporter
• b8183d2 recognize that Windows paths may use a '/' or a '\' as a separator
• 82b395c update dependencies
• bf79dd2 Merge branch 'strama4-strama4-readme-update'
• 831b646 Merge branch 'strama4-readme-update' of https://github.com/strama4/jasmine-npm into strama4-strama4-readme-update
• 0f2531c Bump version to 3.3.1
• 82b7db2 Add `null` encoding when writing to streams on close

See the full diff

Package name: lint-staged

The new version differs by 11 commits.

• 3d0ccb2 fix(package): Update jest-validate to version 23.0.0 (Wave buttons outline bug in the Firefox Dogfalo/materialize#458)
• a8816f5 ci: Update CI scripts to test against current Node release (Valign not working in Safari Dogfalo/materialize#453)
• 9e27620 fix: Add .lintstagedrc.js to list of config files to search
• a56d7c9 fix(package): Update listr to version 0.14.1 (Added new important class! Dogfalo/materialize#445)
• 2fc7aa3 fix(package): Update cosmiconfig to version 5.0.2 (Correcting the dropdowns positioning bug Dogfalo/materialize#444)
• ec4f4f2 chore: Use npm as script runner (<ol> does not display decoration Dogfalo/materialize#456)
• 9823d26 fix(cli): Correct value for FORCE_COLOR env var (Added a Toast dismiss click handler Dogfalo/materialize#451)
• 1601c02 feat: Chunked execution of linters on Windows only (Fix typo Dogfalo/materialize#439)
• 0924e78 docs: Mention npx mrm lint-staged template (Modal alignment in IE Dogfalo/materialize#438)
• b9d84ce fix: Update "please-upgrade-node" to version 3.0.2 (.active not applied to already-filled inputs Dogfalo/materialize#434)
• 5fba40d docs: Link to AgentConf talk by @ okonet (Full Screen Image Slider Dogfalo/materialize#431)

See the full diff

Package name: node-sass

The new version differs by 227 commits.

• 3b556c1 7.0.2
• c716359 Bump sass-graph@^4.0.1 (send event to Modal completion event Dogfalo/materialize#3292)
• 24741b3 docs(readme): fix docpad plugin link
• 1523330 feat: Drop Node 12
• 365d357 update https://registry.npm.taobao.org to https://registry.npmmirror.com
• 1456114 build(deps): bump actions/upload-artifact from 2 to 3
• b465b69 chore: bump GitHub Actions to Windows 2019 (Merge pull request #1 from Dogfalo/master Dogfalo/materialize#3254)
• e6194b1 build(deps): bump make-fetch-happen from 9.1.0 to 10.0.4
• 4edf594 build(deps): bump node-gyp from 8.4.1 to 9.0.0
• 29e2344 build(deps): bump actions/checkout from 2 to 3
• 85b0d22 build(deps): bump actions/setup-node from 2 to 3
• 3bb51da Use make-fetch-happen instead of request (How to start wave effect? Dogfalo/materialize#3193)
• adc2f8b build(deps): bump true-case-path from 1.0.3 to 2.2.1 (dropdown not working properly Dogfalo/materialize#3000)
• 77d12f0 chore: disable Apline for Node 16/17 builds
• 308d533 ci: use Python 3 for Node 12
• c818907 ci: unpin actions/setup-node to v2
• 99242d7 7.0.1
• 77049d1 build(deps): bump sass-graph from 2.2.5 to 4.0.0 (material_select option's class Dogfalo/materialize#3224)
• c929f25 build(deps): bump node-gyp from 7.1.2 to 8.4.1 (Mobile version of nav not working a all in latest release (chrome) Dogfalo/materialize#3209)
• 918dcb3 Lint fix
• 0a21792 Set rejectUnauthorized to true by default (Remove hidden options from UI Dogfalo/materialize#3149)
• e80d4af chore: Drop EOL Node 15 (Datepicker closeOnSelect Workaround Breaks Date Formatting Dogfalo/materialize#3122)
• d753397 feat: Add Node 17 support (Invalid bower.json Dogfalo/materialize#3195)
• dcf2e75 build(deps-dev): bump eslint from 7.32.0 to 8.0.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.