[Snyk] Security upgrade tape-run from 6.0.1 to 11.0.0

[leonardoadame]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • tools/node_modules/eslint/node_modules/parse-entities/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	804/1000 Why? Mature exploit, Has a fix available, CVSS 7.5	Heap-based Buffer Overflow SNYK-JS-ELECTRON-1021884	Yes	Mature
	869/1000 Why? Mature exploit, Has a fix available, CVSS 8.8	Use After Free SNYK-JS-ELECTRON-1041745	Yes	Mature
	794/1000 Why? Mature exploit, Has a fix available, CVSS 7.3	Improper Validation SNYK-JS-ELECTRON-1047306	Yes	Mature
	751/1000 Why? Mature exploit, Has a fix available, CVSS 7.3	Insufficient Validation SNYK-JS-ELECTRON-1050882	Yes	Mature
	704/1000 Why? Has a fix available, CVSS 9.8	Use After Free SNYK-JS-ELECTRON-1050999	Yes	No Known Exploit
	704/1000 Why? Has a fix available, CVSS 9.8	Use After Free SNYK-JS-ELECTRON-1070013	Yes	No Known Exploit
	869/1000 Why? Mature exploit, Has a fix available, CVSS 8.8	Use After Free SNYK-JS-ELECTRON-1085705	Yes	Mature
	869/1000 Why? Mature exploit, Has a fix available, CVSS 8.8	Out-of-bounds Write SNYK-JS-ELECTRON-1088600	Yes	Mature
	869/1000 Why? Mature exploit, Has a fix available, CVSS 8.8	Use After Free SNYK-JS-ELECTRON-1252279	Yes	Mature
	876/1000 Why? Mature exploit, Has a fix available, CVSS 9.8	Out-of-bounds SNYK-JS-ELECTRON-1257943	Yes	Mature
	761/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.8	Type Confusion SNYK-JS-ELECTRON-1296559	Yes	Proof of Concept
	869/1000 Why? Mature exploit, Has a fix available, CVSS 8.8	Access of Resource Using Incompatible Type ('Type Confusion') SNYK-JS-ELECTRON-1312314	Yes	Mature
	869/1000 Why? Mature exploit, Has a fix available, CVSS 8.8	Use After Free SNYK-JS-ELECTRON-1313765	Yes	Mature
	704/1000 Why? Has a fix available, CVSS 9.8	Out-of-bounds Write SNYK-JS-ELECTRON-1315668	Yes	No Known Exploit
	869/1000 Why? Mature exploit, Has a fix available, CVSS 8.8	Type Confusion SNYK-JS-ELECTRON-1534883	Yes	Mature
	761/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.8	Use After Free SNYK-JS-ELECTRON-1536581	Yes	Proof of Concept
	869/1000 Why? Mature exploit, Has a fix available, CVSS 8.8	Use After Free SNYK-JS-ELECTRON-1656743	Yes	Mature
	869/1000 Why? Mature exploit, Has a fix available, CVSS 8.8	Use After Free SNYK-JS-ELECTRON-1910985	Yes	Mature
	811/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.8	Type Confusion SNYK-JS-ELECTRON-1911949	Yes	Proof of Concept
	754/1000 Why? Mature exploit, Has a fix available, CVSS 6.5	Information Exposure SNYK-JS-ELECTRON-1912085	Yes	Mature
	794/1000 Why? Mature exploit, Has a fix available, CVSS 7.3	Use After Free SNYK-JS-ELECTRON-2322001	Yes	Mature
	704/1000 Why? Has a fix available, CVSS 9.8	Improper Input Validation SNYK-JS-ELECTRON-2332173	Yes	No Known Exploit
	809/1000 Why? Mature exploit, Has a fix available, CVSS 7.6	Use After Free SNYK-JS-ELECTRON-2414027	Yes	Mature
	794/1000 Why? Mature exploit, Has a fix available, CVSS 7.3	Type Confusion SNYK-JS-ELECTRON-2434822	Yes	Mature
	919/1000 Why? Mature exploit, Has a fix available, CVSS 9.8	Type Confusion SNYK-JS-ELECTRON-2805803	Yes	Mature
	859/1000 Why? Mature exploit, Has a fix available, CVSS 8.6	Heap-based Buffer Overflow SNYK-JS-ELECTRON-2946881	Yes	Mature
	869/1000 Why? Mature exploit, Has a fix available, CVSS 8.8	Use After Free SNYK-JS-ELECTRON-3014411	Yes	Mature
	869/1000 Why? Mature exploit, Has a fix available, CVSS 8.8	Type Confusion SNYK-JS-ELECTRON-3091122	Yes	Mature
	761/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.8	Type Confusion SNYK-JS-ELECTRON-570833	Yes	Proof of Concept
	794/1000 Why? Mature exploit, Has a fix available, CVSS 7.3	Heap-based Buffer Overflow SNYK-JS-ELECTRON-6137744	Yes	Mature
	708/1000 Why? Currently trending on Twitter, Has a fix available, CVSS 8.6	Out-of-bounds Write SNYK-JS-ELECTRON-6173171	Yes	No Known Exploit
	884/1000 Why? Currently trending on Twitter, Mature exploit, Has a fix available, CVSS 8.8	Out-of-bounds Read SNYK-JS-ELECTRON-6179663	Yes	Mature

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: tape-run

The new version differs by 16 commits.

• dfc05e7 11.0.0
• 26d520a pkg: add `engines.node`
• 2730fcb fix ci ([Snyk] Security upgrade tap from 12.7.0 to 15.0.0 #88)
• 01f5097 upgrade `through`
• 41c594a docs: security
• 8d0e790 10.0.0
• e5579fb docs
• fb87809 replace deprecated optimist with yargs ([Snyk] Security upgrade mocha from 7.2.0 to 10.1.0 #85)
• ee4654e 9.0.0
• 57adc5f Bump browser-run to support sandbox option. Closes [Snyk] Security upgrade xo from 0.16.0 to 0.40.3 #82
• ccad1ea Include more detailed Headless Testing section ([Snyk] Security upgrade standard from 11.0.1 to 15.0.0 #81)
• 31de6f9 8.0.0
• 20125a6 Bump browser-run to latest, fixing electron security issue ([Snyk] Fix for 5 vulnerabilities #80)
• e93c616 travis: update node versions
• 463bed9 7.0.0
• e032edb bump browser-run to 7.0.1

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Type Confusion
🦉 Use After Free
🦉 Insufficient Validation

[stackblitz]

Run & review this pull request in StackBlitz Codeflow.