[Snyk] Fix for 1 vulnerabilities

[enterstudio]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: babel-eslint

The new version differs by 43 commits.

• 0f20099 5.0.0
• 278579f Update README.md
• 11c2f03 Merge pull request Validate status fields mozilla/platform-status#255 from deepsweet/npm-ignore
• 3b5f8f4 include only `index.js` in npm package
• c0f1110 delete `.npmignore`
• f399c89 Merge pull request Automatically check validity of *_ref fields when building mozilla/platform-status#250 from danez/patch-1
• c71392e adjust test to also cover issue Make resolved count reflect the status of the tracking bug mozilla/platform-status#239
• 413b80e 5.0.0-beta10
• 7a038d5 Merge pull request Show 'Complete' if the tracking bug is resolved mozilla/platform-status#246 from babel/escope-patterns
• c80a386 fixup tests
• 36f6638 fix typo
• bd4eee9 check using `__esModule`
• b26bc58 Prevent escope referencer from traversing into param pattern type annotations
• 0d30882 5.0.0-beta9
• 71fadf0 Merge pull request Add Web Speech Synthesis API. Fixes #243 mozilla/platform-status#244 from christophehurpeau/patch-1
• d8ac8f9 fix Add Web Speech Synthesis API to Firefox status mozilla/platform-status#243
• 3dcb32c 5.0.0-beta8
• ac4d3f0 Add a test for use strict and directive ast change
• 937eceb 5.0.0-beta7
• 880dc03 Merge pull request Add Shared Worker API mozilla/platform-status#241 from jmm/rule-strict
• 80f7a48 temporarily remove test
• 04838a2 Add tests for `strict` rule.
• 4a3a35d Merge pull request postcss-cssnext@2.3.0 breaks build 🚨 mozilla/platform-status#232 from vaibhavmule/patch-1
• 0cf92d3 update Licenses date

See the full diff

Package name: css-mqpacker

The new version differs by 8 commits.

• c364fa5 Version 5.0.0
• 1e232e9 Bye ESLint
• 0edef79 Move known issues section to GitHub Wiki
• 0be400d Merge pull request [Snyk] Fix for 15 vulnerabilities #37 from hail2u/use-fd
• 284de5d Add extension to binary file
• 9648142 Use fd when reading CSS from STDIN
• 69afb64 Remove files field
• 61a2ecb Remove Grunt plugin

See the full diff

Package name: del

The new version differs by 47 commits.

• cd0543e 6.0.0
• 6c99805 Require Node.js 10
• 1df5280 Readme tweaks
• 4acd962 Add tip about deleting subdirectories (Update babel-core to version 6.1.4 🚀 mozilla/platform-status#116)
• 1a0c36c Add mention of GitHub Sponsors
• 1e0d705 Tidelift tasks
• 892ce2a Make it clear that it recursively deletes directories (Cache bugzilla queries. mozilla/platform-status#113)
• 728cb7c Fix benchmark
• 557c1fa 5.1.0
• 12c443d Meta tweaks
• 01da91f Allow non-glob patterns with backslash on Windows (Increase wait time for selenium server startup mozilla/platform-status#100)
• 9c72270 Add benchmarks (Smart wait for Selenium server to start mozilla/platform-status#101)
• 1299747 Use graceful-fs (add Media Recorder info mozilla/platform-status#108)
• f509a89 Update dependencies (Improved status design mozilla/platform-status#109)
• ca05c65 Sort removed files (Fix icon spacing so empty space with underline doesn't display mozilla/platform-status#102)
• 51662ac Reverse order back for the returned paths (Intermittent selenium failures mozilla/platform-status#99)
• 902b594 Meta tweaks
• ffbf4c4 Fix the `cwd` option (Finish the scaffold for our node unit tests and browser functional tests mozilla/platform-status#96)
• 8efdbcd Prevent race condition on macOS when deleting files (Support list of bugs and whiteboard tags for buzilla ref mozilla/platform-status#95)
• 9e7550b Add note about backward-slashes
• c071180 5.0.0
• a73462c Meta tweaks
• 6f96d2d Update globby to version 10 (Selenium Error: Invalid or corrupt jarfile mozilla/platform-status#64)
• 6e23f6a Tidelift tasks

See the full diff

Package name: eslint

The new version differs by 250 commits.

• a7985a6 6.0.0
• be74dd9 Build: changelog update for 6.0.0
• 81aa06b Upgrade: espree@6.0.0 (#11869)
• 5f022bc Fix: no-else-return autofix produces name collisions (fixes #11069) (#11867)
• ded9548 Fix: multiline-comment-style incorrect message (#11864)
• cad074d Docs: Add JSHint W047 compat to no-floating-decimal (#11861)
• 41f6304 Upgrade: sinon (#11855)
• 167ce87 Chore: remove unuseable profile command (#11854)
• c844c6f Fix: max-len properly ignore trailing comments (fixes #11838) (#11841)
• 1b5661a Fix: no-var should not fix variables named 'let' (fixes #11830) (#11832)
• 4d75956 Build: CI with Azure Pipelines (#11845)
• 1db3462 Chore: rm superfluous argument & fix perf-multifiles-targets (#11834)
• c57a4a4 Upgrade: @ babel/polyfill => core-js v3 (#11833)
• 65faa04 Docs: Clarify prefer-destructuring array/object difference (fixes #9970) (#11851)
• 81c3823 Fix: require-atomic-updates reports parameters (fixes #11723) (#11774)
• aef8ea1 Sponsors: Sync README with website
• 4f48f5a 6.0.0-rc.0
• 6bad650 Build: changelog update for 6.0.0-rc.0
• f403b07 Update: introduce minKeys option to sort-keys rule (fixes #11624) (#11625)
• 87451f4 Fix: no-octal should report NonOctalDecimalIntegerLiteral (fixes #11794) (#11805)
• e4ab053 Update: support "bigint" in valid-typeof rule (#11802)
• e0fafc8 Chore: removes unnecessary assignment in loop (#11780)
• 20908a3 Docs: removed '>' prefix from from docs/working-with-rules (#11818)
• 1c43eef Sponsors: Sync README with website

See the full diff

Package name: glob

The new version differs by 173 commits.

• a68703e 9.0.0
• 58159ca test: cwd can be a url
• a547a9c more docs
• 42a3ac7 link to bash manual for Pattern Matching
• 474172d update readme with cwd URL support
• ad3904d update readme with posix class support
• b22fc7d minimatch@7.3.0
• cdd1627 update all the things, remove unused mkdirp types
• 75c6416 Merge branch 'v9'
• fa0cd77 cwd can be a file:// url
• d03ed0a typedoc github action
• 9a5a45a put bench results in readme
• 20b2f88 docs, fix benchmark script
• 4829c88 upgrade ci actions
• 5cbacdd minimatch@7.2.0
• 210310b omit symlinks on windows
• d34c8d5 full test coverage, clean up signals and remove extranous code
• 5f21b46 adding lots of tests, clean up types
• b12e6ba slashes on nodir test
• 75f74b0 more windows test slashes
• 3aa1abd more windows test affordances
• 3e68a7b some windows test affordances
• 8c2e082 feature complete and tests passing
• c3be35a correct ** vs ./** behavior

See the full diff

Package name: gulp-eslint

The new version differs by 62 commits.

• 5dd78fa 6.0.0
• a35a203 Upgrade to ESLint 6 (Permissions API bugzilla status is wrong mozilla/platform-status#235)
• 40d004f 5.0.0
• 72c3599 use destructuring assignment to simplify the code
• aed571b update dependencies and devDependencies (Pluralize header copy text mozilla/platform-status#224)
• a58a58d 4.0.2
• 0880d1a update plugin-error and mocha
• 1d79ed0 4.0.1
• 8f7e966 replace all HTTP protocols with HTTPS
• b48a04a remove deprecated gulp-util dependency (fix unbalanced tags in header mozilla/platform-status#213)
• 35eae57 update devDependencies (Remove standardization as a required field. mozilla/platform-status#207)
• 47bd269 use npx to simplify after_script
• 29dbab5 inherit autofix-related props even if `quiet` option is enabled
• a398838 4.0.0
• 18a4299 emit an error when it fails to load an ESLint plugin
• b8bf261 update ESLint from v3 to v4 (Update eslint-config-airbnb mozilla/platform-status#198)
• c0e82ce use `Buffer.from` instead of `new Buffer`
• e6c67a2 drop support for linting `Stream` contents
• 132d5cc Fix formatting issues in README.md (Update eslint-config-airbnb to version 1.0.2 🚀 mozilla/platform-status#194)
• 7f65378 remove link to config file `globals` doc
• 8ddfb84 correct the type of `globals` option in README
• 6059c22 3.0.1
• b0c2816 ensure sharable config works
• 08b9212 test the case where babel-eslint is actually useful

See the full diff

Package name: postcss-import

The new version differs by 11 commits.

• 32470ed 9.0.0
• 7d9099c Merge branch 'v9-dev'
• 7124d43 BREAKING: Remove transform option (Automatically check validity of *_ref fields when building mozilla/platform-status#250)
• dfe4c23 Add warning message for deprecated addDependencyTo option (There are no warnings for invalid *_status fields mozilla/platform-status#251)
• 9fdde94 BREAKING: Rewrite imported file parsing
• 883669d Reorganize tests
• a15e402 Change resolve behavior (Shared Array Buffers bug is "NEW" and all the bugs it depends on are open, but we show it "Complete" mozilla/platform-status#249)
• 49cf9be Deprecate addDependencyTo
• dbb2f60 Add docs for dependency message
• 3352a37 BREAKING: File not found is an Error, not a Warning (Automatically deploy pull requests to heroku mozilla/platform-status#247)
• 0cf36ec BREAKING: Remove pkg-resolve as a dep (Add Web Speech Synthesis API to Firefox status mozilla/platform-status#243)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.