[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Breaking Change	Exploit Maturity
	Prototype Pollution SNYK-JS-LODASH-567746	Yes	Proof of Concept

Commit messages

Package name: captains-log

The new version differs by 12 commits.

• 6e14204 1.0.2
• 6f528e9 Update boilerplate.
• 56ea7f4 Better error msg for 'Unsupported logger override' (custom logger) -- and also upgrade Lodash dep to 3.10.2.
• dd400a9 Add boilerplate.
• ee75b69 Add experimental _dontAccessErrorStacks option (refs https://github.com/balderdashy/captains-log/issues/17)
• e3cdc89 1.0.1
• 277cc49 travis.yml
• d9f4a59 Switch from 'colors' to chalk, with handrolled rainbows derived from Marak's (https://snyk.io/redirect/github/Marak/colors.js/blob/dfb15b55382772ba4fd34fc21922a2d83e9d34d3/lib/maps/rainbow.js).
• 40b1758 Trivial.
• 607fb91 A few minor normalizations.
• 8017c80 Bump rc dep and mocha devDep
• b30c915 Add more details about what custom loggers are useful for

See the full diff

Package name: machine

The new version differs by 250 commits.

• a119f78 15.0.0
• 312fca4 Upgrade eslint
• ea4c0a3 15.0.0-24
• bc3e8fc When checking anchor rule configurations in mdefs, do a HOP check instead of checking for undefined. (This is to match the expected behavior of the runtime check.)
• d44183c 15.0.0-23
• a85e502 Tolerate defaultsTo: null for otherwise-incompatible inputs if they also declare allowNull: true.
• 0bfdb8c Minor tweak to comment about defaultsTo in exits.
• 7268f6e Update eslintrc to match https://github.com/balderdashy/sails-generate/blob/a1c787d7f9b9a118f40ea752116c2c92b02c591b/lib/shared-templates/eslintrc.template
• 630dafd 15.0.0-22
• dfe1920 Fix the broken usage check that made https://github.com/Sails request hangs on sails.getDataStore().transaction(fn) , and fn seems not executed when sails-mysql upgraded to 1.0.0-16 balderdashy/sails#4271 much harder to debug
• 64fb47f Trivial
• b88b82e Clean up out-of-date comments
• ce5205d expand example from previous commit for clarity
• 0aceb08 Add note about future possibilities re merging on .customize()
• afaa659 15.0.0-21
• b468a20 Fix bug that could occur when packs have sub-packs or other misc. properties.
• 79cda55 trivial clarification
• 84f1a4a Add a couple of notes
• e9cf833 Consolidate logic and rename to .registerDefs()
• b035f79 Revert getter and add new registerMethods() method to packs.
• 4787416 Experiment that didn't work.
• 9dc4ee7 15.0.0-20
• ade5f8e Fix check for inputs with allowNull: true and isExemplar: true
• da20741 More clarification of comments.

See the full diff

Package name: machine-as-action

The new version differs by 38 commits.

• 8b71584 10.1.0
• 4663ae7 Revert "10.0.0"
• a4e83a3 10.0.0
• a5d2348 Attach toJSON() method to requestables.
• fa71ddc 10.0.0-7
• c421b16 Force bump machine dep SVR to avoid compat. problems for prerelease users.
• 63ee781 10.0.0-6
• cff524b Tweak error msg
• d8988e9 Use gentler error negotiation when improving stack traces of internal errors from inside actions.
• 1072654 Initial implementation of parsing E_FROM_WITHIN errors (though it will need to be changed)
• 343e17b Trivial (> to !== for consistency with general approach to pluralization)
• 9f860bc Add note about pulling this into Sails core.
• ddbe5bd 10.0.0-5
• 4cc74eb Update expected output in test.
• efc23bc Remove warning from test output by including missing skipAssets
• aa5ee60 Normalize where files are located, and fix all but one test.
• f0038aa 10.0.0-4
• fce5fff Handle any errors emitted by the download stream.
• 031ecd0 Tolerate querystring-encoded empty string provided for a numeric input by simply ignoring it altogether.
• c95b202 10.0.0-3
• 2a682e1 Force-bump machine runner dep
• 834ce70 Remove temmporarily more-aggressive result validation.
• ef43fa4 Remove '===' exit output casting in favor of the originally proposed, more-involved solution (this allows new kinds of more aggressive result validation tactics to be effective)
• 18cea13 If a querystring-encoded parameter value comes in as '' (empty string), and the corresponding input definition is clearly expecting a boolean, then use common sense to interpret the incoming request as having this argin set to the boolean true.

See the full diff

Package name: machinepack-process

The new version differs by 52 commits.

• 60fc4bd 4.0.0
• 3af4f81 Remove unused dep
• f8b8947 Merge pull request [Snyk] Fix for 2 vulnerable dependencies #6 from Peter-Barrett/remove-open
• 7b38467 pin opn version number and move back to json5
• a7e0bd0 swap open with opn to remove critical error on audit
• 75c3685 Trivial
• 1b5092e 4.0.0-3
• ddc1130 Revert "Experimental new method"
• d1e90f2 Experimental new method
• 2a7e0ad Fix typo
• 99c87eb 4.0.0-2
• 9c2c11c Adjust machine dep SVR to ensure proper behavior with .execSync(), and tweak a couple of tests.
• 71308c2 Trivial
• 5911473 Lint against ecmascript 5 for maximum compat. (for now)
• 1a570b0 Update boilerplate, eslint dep, and apply one lint fix
• 40fdb92 4.0.0-1
• 06f46ab Expose .stdout and .stderr properties on error.
• 9e052ee trivial
• b117d7c 4.0.0-0
• 97e43ff Lint fixes.
• 30755b9 Rename machines dir, update machine runner
• 86b3e64 Update boilerplate
• cc43d76 Use @sailshq/lodash
• 4c9fe46 tweak to comments ([Snyk] Fix for 2 vulnerable dependencies #5)

See the full diff

Package name: machinepack-redis

The new version differs by 8 commits.

• f0892e5 2.0.0
• c9a7f8f Drop node 4 support
• 8844340 Use latest machine runner
• fb5e02d Lint fixes
• f449ecd don't test node 4
• 3d2b5b4 Cleanup, sails generate etc
• 1997755 Merge pull request [Snyk] Fix for 1 vulnerable dependencies #13 from jpventura/fix-readme
• cf2cb8e 📚 Gitter join chat icon

See the full diff

Package name: sort-route-addresses

The new version differs by 11 commits.

• 3c46279 0.0.3
• 81f6642 fix version
• 6451427 0.0.3
• 6b44a08 Add respository to package.json
• 4fdc99d Revert "0.0.3"
• f1c4951 0.0.3
• 4960caf Use @sailshq/lodash to resolve vulnerabilities
• 75d93a5 add boilerplate sections to readme
• 84a3bb6 Fix typo in README.md
• aed9e26 0.0.2
• 9ce4d87 Leave Sails regex routes in place.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic