[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution npm:hoek:20180212	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: hapi

The new version differs by 156 commits.

• 0c8109e Allow disabling ranges support. Closes #3015
• 81f5f58 Another test for #2979
• ce695c4 Cleanup for #3072
• 9471e34 Merge pull request #3072 from geek/master
• 8b51062 Merge pull request #3069 from craigswatman/master
• 138881d Merge upstream
• b96a8c6 Merge pull request #3057 from gergoerdosi/initialize
• 6fdbf6e Cleanup for #3034
• e2553fe Merge pull request #3034 from pra85/patch-1
• be547a9 Support late cache provision. Closes #3077. Closes #3078. Closes #3079. Closes #3080. Closes #3081. Closes #3082. Closes #3083
• 6804ac2 Merge pull request #3074 from mattii/master
• da2bf26 Update API.md: updated request.app description
• a63746e Update API.md: fixed line-break
• 72b135e Update API.md: added a more precise description for `request.app`
• 9b4d8da Better test and document reply realm
• 6e550bb Demonstrate issue with realm and plugin options
• 4795b39 Merge pull request #3071 from rluba/patch-1
• 1eb9ec0 Fix description of server.state option ignoreErrors
• 0eadc7d Merge branch 'master' of github.com:hapijs/hapi
• e0bb076 Minor shuffle
• 9c6b287 Pass through cookie options when calling reply.unstate()
• 0b7acac Merge pull request #3062 from gergoerdosi/server-stop-callback
• 121ed53 Fix callback function signature
• 65a4ad0 Rename errorCallback to NextTickCallback

See the full diff

Package name: inert

The new version differs by 23 commits.

• c4f6b07 4.0.0
• d53a0ec Merge pull request #47 from kanongil/confine-file-path
• 7251728 Remove '..' param check which is no longer required. Closes [Snyk] Security upgrade falcor-router-demo from 1.0.3 to 1.0.5 #5
• 0a6b551 Add confine option that confines file responses
• fef2232 Update license date
• ac741b5 Update hoek to 4.x.x
• d751e8d Update travis config to match hapi
• c439c5b Update joi to 8.x.x
• d2998d8 Update devDependencies
• 11ce9bf Merge pull request #56 from prashaantt/clarify
• 9607ea4 Merge pull request #59 from simon-p-r/absolutePath
• 4e3ec4d Merge pull request #61 from kanongil/gzip-range-fix
• bd6a007 Restrict when range request logic is applied. Closes #60
• 3c4cd57 remove hoek.isAbsolutePath for path.isAbsolute
• 5540383 Clarify bad path for directory handler message
• 0b33f1e Update lru-cache to 4.0.x. Closes #53
• 86a12b8 Fix license according to Copyright and license outmoded/hapi-contrib#66
• f5f704d Don't test using the hapi-lts branch
• ef243e1 Additional ES6 style fixes
• cbab9fc Merge branch 'escalant3-es6-and-node4'
• 6614b93 Use ES6 endsWith for better readability
• 90c860a Remove unnecessary memoizing
• b7210a2 Update dependencies. Update codebase to ES6/Node4

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic