[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: cssnano

The new version differs by 250 commits.

• 0e2c3bf Merge pull request #1043 from cssnano/fix-svg-warnings
• 7ae1cf7 fix(postcss-svgo): fix processing declaration mixing svg and non svg
• 747f16c Merge pull request #1039 from cssnano/v5
• ac2dbc7 Publish
• 53a5d66 Merge pull request #1034 from cssnano/silence-cve-alerts
• fc8a52a refactor(postcss-svgo): always warn on invalid SVG
• 22d2a18 refactor: remove is-svg dependency
• 60d107b Merge pull request #1017 from cssnano/5.0.0-rc2
• 5ba19ca Publish
• 4218332 Merge pull request #1016 from cssnano/update-svgo
• dbc08bf test: update SVG output in framework tests
• aa07cfd fix: update SVGO
• c4a4f69 Merge pull request #1014 from cssnano/fix-babel-deps
• d8bcfb6 chore: regenerate yarn.lock and update all deps
• 1ae7022 Merge pull request #1011 from cssnano/update-node-target
• b521501 chore: update Babel and Babel config
• b6e7f2b chore: transpile only for supported Node.js versions
• 80dd2e3 Merge pull request #1010 from cssnano/update-lerna
• 618b170 chore: update lerna to latest major
• 114efb0 Merge pull request #1008 from cssnano/5.0.0-rc1
• 58fa95f Publish
• 752a270 fix(cssnano-utils): get rid of deprecation warning
• 600b30f docs: add release instructions (#1001)
• 815be8e Merge pull request #998 from cssnano/5.0.0

See the full diff

Package name: npm

The new version differs by 250 commits.

• ab3c62a 6.2.0
• 0cfe801 update AUTHORS
• 890c132 doc: update changelog for npm@6.2.0
• 7a08a9b empty
• 322d9c2 chore: Make standard happy
• 4231a0a meta: Add cli-table3 to bundledeps
• f0a372b docs: replace references to the old repo or issue tracker ([pull] master from alanshaw:master #5)
• 4c32413 run-script: Do not use SET to fetch the env in git-bash or cygwin
• 7984206 version: Add new sign-git-commit config (#12697)
• 244b183 audit: add support for --parseable output (#20554)
• 7381783 docs: republish waiting period (#20920)
• 5724983 docs: remove back-ticks not being parsed as markdown (#21165)
• 90c759f npm-audit-report@1.3.1
• 8dc6d76 cli-table3@0.5.0
• 2ac48f8 node-gyp@3.7.0
• d9b2712 request@2.81.0
• 843bdd6 6.2.0-next.1
• 5440b5e doc: update changelog for npm@6.2.0
• ecdcbd7 misc: remove postinstall script that broke stuff (#21129)
• ea9415f 6.2.0-next.0
• d7cf1b3 update AUTHORS
• feb4e2b doc: update changelog for npm@6.2.0
• fe4240e uuid@3.3.2
• 177cbb4 cache: Add warning text about using temp cache for debugging (#21105)

See the full diff

Package name: snyk

The new version differs by 250 commits.

• 4cc1a94 Merge pull request #2105 from snyk/feat/webpack
• 7737f75 Merge pull request #2181 from snyk/test/migrate-old-snyk-format
• 418e6ad Merge pull request #2180 from snyk/test/migrate-is-docker
• 95631e7 test: migrate is-docker to jest
• babe22a test: migrate old-snyk-format to jest
• e22e94f feat: Snyk CLI is bundled with Webpack
• dd46c19 Merge pull request #2175 from snyk/fix/snyk-protect-multiple
• e7c314f Merge pull request #2178 from snyk/test/server-close
• 5e824c0 fix(protect): skip previously patched files
• ca2177a fix(protect): catch and log unexpected errors
• c9ddb44 chore(protect): move api url warnings to stderr
• e8fed38 refactor(protect): move stdout logs to top level
• 55e88f9 Merge pull request #2177 from snyk/test/set-jest-acceptance-timeout
• 1522c5f test: server.close uses callbacks, not promises
• 13dce51 test: increase timeout for slow oauth test
• 65c35be Merge pull request #2172 from snyk/chore/no-run-test-on-master
• a1e3992 chore: don't run tests on master
• 20feb67 Merge pull request #2165 from snyk/chore/dont-wait-for-regression-tests
• f50bca7 Merge pull request #2167 from snyk/refactor/replace-cc-parser-with-split-functions
• 1ed7d11 refactor: replace cc parser with split functions
• 707801d Merge pull request #2166 from snyk/fix/support_quotes_in_poetry_toml
• dc6b784 Merge pull request #2163 from snyk/chore/remove-store-test-results
• 7973015 fix: support quoted keys in inline tables
• 18f0d2a Merge pull request #2164 from snyk/chore/upgrade-snyk-nuget-plugin

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic