[Snyk] Fix for 1 vulnerabilities

[crew-security]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	461/1000 Why? Recently disclosed, Has a fix available, CVSS 3.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-DEBUG-3227433	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: auth0-extension-tools

The new version differs by 20 commits.

• 3ee9a4f Merge pull request Import export #19 from auth0-extensions/version-bump
• 5ba28bc add defaults to circle-ci yaml config
• bb0e04e add deploy step and test_and_deploy workflow to circle config
• d705af6 change circle-ci config to use npm instead of yarn.
• 0ac6628 Merge pull request Config fix #18 from auth0-extensions/version-bump
• c5f23ad bump package.json version
• 0e81ea0 Merge pull request Update redux form #17 from gkwang/update-dependencies
• f9e0206 Update dependencies
• 140cc2a 1.4.1
• 1eadbc8 Merge pull request Import/export endpoints #16 from chrisscott/update_node_auth0
• 2e47408 Update node-auth version to latest, 2.18.0
• 8a7c701 Merge pull request Bring fixes to dev branch #15 from auth0-extensions/node-auth0-bump
• b2015ad yarn.lock update
• 8f966bf bump node-auth0 version to latest
• 90c347d [Automated Script] Add stale config.
• 16b5d45 [Automated Script] Added PR Template
• 591750e 1.3.3
• e0b6aa4 Merge pull request Handlers cleanup #14 from zxan1285/no-access-token
• fb91228 no access token option
• 5be377c optional response_type

See the full diff

Package name: axios

The new version differs by 64 commits.

• 5c8095e Releasing 0.16.1
• 982183c Updating changelog
• fa58223 Merge pull request #828 from mzabriskie/feature/return-last-request-in-redirects
• a18f039 Merge pull request #829 from jcready/patch-3
• df6b46c Add caret
• 04982a2 Update follow-redirects dependency
• 19644ba Adding documentation for Buffer data
• 1883344 support node buffers less than 8192 bytes (#773)
• bbfbeff Minor grammar/line length changes (#547)
• a784774 Adding comment about header names (#778)
• 88cc84c Adding documentation for response.request
• 84d9a41 Adding code to assign the last request to axios response
• e5beab0 Adding test checking the request in axios response is the last in a redirect
• 08eb985 Merge pull request #818 from carlosromel/patch-1
• 21b43ed Merge pull request #826 from mzabriskie/github-templates
• 34b63f8 Adding additional instruction line
• bb57daa Adding templates for issues and pull requests
• 23c4dfc Update README.md
• a8dab57 Merge pull request #741 from model3volution/Update/readme
• 19b7948 Releasing 0.16.0
• e6ffc52 Updating Upgrage Guide
• 8d675bb Merge branch 'master' of github.com:mzabriskie/axios
• 5b904d5 Updating changelog
• efc1f11 Merge pull request #781 from TomyJaya/TomyJaya-patch-1

See the full diff

Package name: hapi-swagger

The new version differs by 121 commits.

• 444d387 v9.0.0
• 2bb1f97 v9.0.0
• e00fbd8 Readme update pre release
• 8d45a99 Restore property unit text coverage up 100%
• 94e7334 New tests
• 8a8a83c Fixed or removed unneeded breaking tests
• c5ea0c2 Fixed linting issues
• cb97964 Documentation checks and updates
• 74c9f7a Updated examples for hapi v17.x
• 7a7f0c7 Merge
• 1381f9a update getHost
• c930f99 add back iisnode options test
• 6641663 fix wildcard routes test
• e79294d refactor plugin
• 6697d91 proxy tests
• 189fca8 grouping tests
• 878b9cb update jwt test
• b2f635c clean up connection references
• 3220af1 h2o2 and hapi-auth-basic updates
• 81d3c43 minor estlint fixes
• c2a3e2d upgrade hapi v17
• 1a698d6 v8.0.0
• 1550702 Revert CI settings
• 4577256 v7.9.1

See the full diff

Package name: jwks-rsa

The new version differs by 80 commits.

• 58dccc5 Release 1.6.1 (Api explorer #117)
• 43a1d20 Merge pull request Replace appId in all records #113 from ecasilla/master
• f63c29b Merge branch 'master' into master
• 2c90cfe npm dependencies update Added mongo and s3 storage support #112
• f301e1d Setup the .github/stale.yml for Probot:Stale
• cf6a7fe Setup the CODEOWNERS for pull request reviews
• ca1ade2 Setup the CODEOWNERS for pull request reviews
• 1afe7ca Merge pull request Duplicate roles fix #109 from nickcox/patch-1
• 7d9c09a Fix typo
• b0bce42 Merge pull request Updating from v1 #106 from sobil/update-lru-memoizer
• 4405927 Update lru-memoizer to 2.0.1
• 486e958 Merge pull request fix data searching cleared #102 from auth0/prepare/1.6.0
• 7566cd1 Release 1.6.0
• af5120b Merge pull request API config page route fixed #84 from cconcannon/support-private-cert-tls
• 74f6fe3 Merge branch 'master' into support-private-cert-tls
• e60d1bf Merge pull request FIX After adding roles to a group, the page jumps back to group members #98 from igorsechyn/fix_typescript_definitions
• da88d1a rebased off master for the latest changes
• dc650e9 fixed typescript definitions and added tests
• cec3230 Merge pull request Rule generation fixed #80 from fnberta/fix-typings
• 123f5fd Merge branch 'master' into fix-typings
• ca656a1 fix hapiJwt2KeyAsync type
• 27ca58f Add badges to README
• 482ffc4 Update CHANGELOG.md
• 7b5fb5f Merge pull request When creating a group, immediately allow new members to be added #96 from auth0/update-main-deps

See the full diff

Package name: superagent

The new version differs by 250 commits.

• 1930bd4 Work around mime-types flipflopping about XML mime type
• 1e255c2 Update node versions in CI
• 96f3df8 Update dependencies
• 0e85681 docs(piping): add note about chunked transfer encoding
• 0274b7b Syntax fix
• 7326cc0 Field/attach docs
• c5be156 Upgrading instructions
• f059135 ES6 in readme examples
• cbf8569 Update dependency
• 02985f9 Change test for header own props
• 6783635 3.6.0
• 4e21f1c Documented FormData support in .send() (#1260)
• 7e19e77 Update supported node version to >= 4.0 (#1248)
• d55adf1 Keep nodelay always on
• 72babfb support TCP_NODELAY option (#1240)
• f5e39b7 Merge pull request #1238 from mxl/patch-1
• 9e8c3ed timeout options.read property is not used.
• ccecb4e grammar misstype (#1234)
• d0ab622 Merge pull request #1227 from focusaurus/fix-latest-mime-tests
• ea35c57 Fix spelling mistake in the docs (#1232)
• 340a4bf Merge pull request #1228 from focusaurus/get-head-data-in-query-string
• 15b3750 Merge pull request #1230 from PWesterdale/bugfix/pfx-passphrase
• 977be03 Remove stale duplicate test.html from root dir
• 801ec88 Use tocbot instead of tocify for documentation

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)