[Snyk] Fix for 1 vulnerabilities

[maniator]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	461/1000 Why? Recently disclosed, Has a fix available, CVSS 3.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-DEBUG-3227433	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: debug

The new version differs by 43 commits.

• f073e05 Release 3.1.0
• 2c0df9b rename `DEBUG_HIDE_TTY_DATE` to `DEBUG_HIDE_DATE`
• dcb37b2 Merge branch '2.x'
• 56a3853 Add `DEBUG_HIDE_TTY_DATE` env var (fix(core): install @electron-forge/cli to new projects electron/forge#486)
• bdb7e01 remove "component" from package.json
• c38a016 remove ReDoS regexp in %o formatter (fix(publisher): remove deprecated option from @octokit/rest params electron/forge#504)
• 47747f3 remove `component.json`
• a0601e5 fix
• e7e568a ignore package-lock.json
• fdfa0f5 Fix browser detection
• 7cd9e53 examples: fix colors printout
• 8d76196 Merge pull request V6 Docs electron/forge#496 from EdwardBetts/spelling
• daf1a7c correct spelling mistake
• 3e1849d Release 3.0.1
• b3ea123 Disable colors in Edge and Internet Explorer (Windows installer create shortcut - question electron/forge#489)
• 13e1d06 remove v3 discussion note for now
• 52b894c Release 3.0.0
• d2dd80a component: update "ms" to v2.0.0
• 6752953 fix browser test 😵
• f6f6213 remove `make coveralls` from travis
• f178d86 attempt to separate the Node and Browser tests in Travis
• d73c4ae fix `make test`
• 402c856 fix lint
• 87e7399 readme++

See the full diff

Package name: electron-packager

The new version differs by 250 commits.

• 8d03dd7 14.0.0
• fe05b3e Merge pull request Webpack plugin fails on compile error in Docker container electron/forge#1017 from electron-userland/v14-develop
• a77eb2d chore: add NEWS entries for v14
• f8a3cac Linux/ia32 warning moved from Packager to @ electron/get (chore: replace coveralls with codecov electron/forge#1016)
• 67e3021 test: fix CLI test names, add --no-download.rejectUnauthorized test
• 5f09eb5 refactor: use object shorthand in targets exports
• cf7c725 feat: convert from electron-download to @ electron/get (build(deps-dev): bump @babel/core from 7.5.0 to 7.5.4 electron/forge#1002)
• cc470ef refactor: always test against post-1.0 versions of Electron (chore(deps): bump inquirer from 6.4.1 to 6.5.0 electron/forge#1012)
• 51cce5b chore: install Wine via homebrew on macOS
• 6075368 chore: use yarn on Travis/macOS
• f56c84e chore: upgrade the ava ecosystem to ^2
• 2f6e385 chore: refactor codesign testing (Move template CSS into a separate file electron/forge#1010)
• 8356c07 chore: avoid running npm install for fixtures ([6.x] Create-electron-app with webpack template failing due to old Forge version installed electron/forge#1009)
• 99e28bb feat: ignore system junk files by default (build(deps): bump @octokit/rest from 16.28.2 to 16.28.3 electron/forge#1005)
• 058f8d4 chore: upgrade electron-notarize to ^0.1.1
• 14625fb chore: upgrade rcedit to ^2.0.0 ([security] build(deps): bump lodash.template from 4.4.0 to 4.5.0 electron/forge#1003)
• c3a499a Replace extract-zip with cross-zip (build(deps): bump semver from 6.1.3 to 6.2.0 electron/forge#984)
• 481937a Wrap await example in a function because top-level await doesn't exist yet
• ae73870 chore: upgrade eslint-plugin-node to ^9.0.1
• 3be181a chore: split up NPM scripts
• 70b96d0 Upgrade asar to ^2.0.1
• 34a305a Update asar to ^2.0.0
• dd0f0de Drop mz for util.promisify (chore: upgrade dependencies electron/forge#983)
• b0b253b Update tempy requirement from ^0.2.1 to ^0.3.0 (Cannot create squirrel distributable due to invalid iconUrl electron/forge#980)

See the full diff

Package name: github

The new version differs by 142 commits.

• 1667120 fix(package): update follow-redirects to version 1.2.6
• 309e66e docs(README): fixlink to promise example (#651)
• 072a53f fix: routes.json validation for project cards and columns
• 8973c5e test: project cards
• 9110ae1 chore(package): @ octokit/fixtures@^5.0.0
• be1d098 fix: TypeScript/Flow definitions
• 733f63e chore(package): update @ octokit/fixtures to version 4.1.0
• 4ce5ad7 test: examples
• 2c4bdd6 docs(examples): adapt for standard and testing
• ea9b23a docs(README): set `EXAMPLES_GITHUB_TOKEN` for testing
• f839777 chore(gitignore): .env
• 4870f1c chore(package): ignore nyc coverage in examples
• c130ca9 chore(package): dotenv, glob, proxyquire
• 03c03f7 refactor: move defines from `routes.json` into separate `definitions.json` file
• 72bff1e chore: remove unused `Util.isFalse()`
• d8a2903 refactor: remove `Util.isTrue`
• db4ecd1 chore: replace `Util.toCamelCase` with `lodash/camelCase`
• 42d4c35 chore(package): lodash
• 59887ad chore: remove unused `upper` argument from `Util.toCamelCase`
• 29d7ead chore: remove unused Util.escapeRegExp method
• b646d53 chore: remove obsolete doc/apidoc.js file
• cf91047 chore(package): generate flow/typescript definition files before releasing
• a6ec889 refactor: move scripts from `lib/` to `scripts/` folder
• aff85ff chore(gitignore): lib/index.d.ts, lib/index.js.flow

See the full diff

Package name: tabtab

The new version differs by 79 commits.

• db75a56 test: ensure test run on travis
• 3fefe80 3.0.2
• c18b614 docs: update doc files
• 23907cd feat: add tabtab.uninstall()
• 0b00ccd 3.0.1-beta
• c48223a example: adding uninstall-completion to example
• 399a3da npm: remove assert-rejects
• 1fdaa8c test: fixing test for node 7 / 8
• e477705 test: fixing test
• a598965 readme: fix badge for the branch
• e143f80 Begin to write uninstall method
• c2aedd8 Fixing check of filename when installing
• 5447c9c 3.0.0-beta
• d457524 readme: animated gif
• c01b443 node: support for version 10, 8 and 7
• e4854d9 readme: simple fix
• 6c53559 readme: simple fix
• c6aca5e readme: update toc
• 0d0d497 readme: update documentation
• 7841135 test: update example
• c7770d4 test: remove bin and scripts/completion.sh
• 036d9c0 feat: avoid adding multiple lines to SHELL scripts
• 12d5897 log: better handling of descriptions
• fae0553 example: remove completion script, all in one

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)