[Snyk] Fix for 1 vulnerabilities

[Bhanditz]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • app/package.json
  • app/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	461/1000 Why? Recently disclosed, Has a fix available, CVSS 3.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-DEBUG-3227433	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: dat-dns

The new version differs by 21 commits.

• c63aada 3.1.0
• 7232606 Add events
• 7229c18 Bump debug dep to fix security risk
• c75f98b Merge pull request [Snyk] Security upgrade lodash from 4.17.4 to 4.17.17 #10 from da2x/patch-1
• b6a375c `datkey` is lowercase
• e26e17a 3.0.2
• 2274a6e Support non-numeric version identifiers
• 2111e18 3.0.1
• 4e8ee9e Add node6 compatibility (convert async/await to generators)
• c94837c Fix typo
• 3d129a8 3.0.0
• b62e711 Add support for dns-over-https
• e6ce4d7 Refactor for clarity and update the failure-caching policy
• 6fa0b75 Merge pull request [Snyk] Security upgrade lodash from 4.17.4 to 4.17.20 #9 from soyuka/dep
• 775a90d Remove unused dep
• dbcd430 Merge pull request [Snyk] Fix for 1 vulnerabilities #7 from brechtpm/fix-failing-tests
• 6eda863 Replace failing `datprotocol.com` in test
• 5b178cb Prevent failing `datprotocol.com` test crash
• cc42d7a Add test
• 902969f 2.0.0
• b4a7f31 Add an optional persistent cache

See the full diff

Package name: debug

The new version differs by 45 commits.

• f073e05 Release 3.1.0
• 2c0df9b rename `DEBUG_HIDE_TTY_DATE` to `DEBUG_HIDE_DATE`
• dcb37b2 Merge branch '2.x'
• 56a3853 Add `DEBUG_HIDE_TTY_DATE` env var (Dat API: Dat-picker modal beakerbrowser/beaker#486)
• 13abeae Release 2.6.9
• f53962e remove ReDoS regexp in %o formatter (Incorrect titles being stored in browsing history beakerbrowser/beaker#504)
• bdb7e01 remove "component" from package.json
• c38a016 remove ReDoS regexp in %o formatter (Incorrect titles being stored in browsing history beakerbrowser/beaker#504)
• 47747f3 remove `component.json`
• a0601e5 fix
• e7e568a ignore package-lock.json
• fdfa0f5 Fix browser detection
• 7cd9e53 examples: fix colors printout
• 8d76196 Merge pull request Fix: Don't let the permissions prompt cause operations to timeout beakerbrowser/beaker#496 from EdwardBetts/spelling
• daf1a7c correct spelling mistake
• 3e1849d Release 3.0.1
• b3ea123 Disable colors in Edge and Internet Explorer (Dat API: "Review and commit changes" dialog beakerbrowser/beaker#489)
• 13e1d06 remove v3 discussion note for now
• 52b894c Release 3.0.0
• d2dd80a component: update "ms" to v2.0.0
• 6752953 fix browser test 😵
• f6f6213 remove `make coveralls` from travis
• f178d86 attempt to separate the Node and Browser tests in Travis
• d73c4ae fix `make test`

See the full diff

Package name: discovery-swarm

The new version differs by 18 commits.

• 72b1c8a 5.1.2
• 38dc54d update UTP native and add more tests
• 95f4878 Update README.md (Dat upstream bugs beakerbrowser/beaker#44)
• 6b63a99 Updated dependencies. ("This site cant be reached" incorrectly rendered beakerbrowser/beaker#42)
• 576433f 5.1.1
• e1ff031 Dont unref the utp socket (Add dat-site title and description editor beakerbrowser/beaker#39)
• 79682b6 5.1.0
• 6d24ef6 Fix utp host/port info (Add in-page navigations to history beakerbrowser/beaker#37)
• 62e9c71 5.0.0
• b56c72f Add a set of events which help with logging (Add adblocker beakerbrowser/beaker#38)
• 101bbc7 fix example: use .join() instead of .add() (Add Web API permission prompts beakerbrowser/beaker#35)
• ca91fd2 Update README sw.on('connection') (Ethereum Intergration beakerbrowser/beaker#33)
• 8c27119 4.4.2
• a09d27b dont listen after destroy
• 6ec42fb 4.4.1
• a7126ca always call destroy cb
• 60aab42 Merge pull request Restore previous window position & size on open beakerbrowser/beaker#30 from garbados/patch-1
• 77a8d47 typo in readme

See the full diff

Package name: hypercore

The new version differs by 250 commits.

• b8b3ecb 9.7.5
• 5c617d8 use hypercore default storage
• 7c111d8 maxsize should be inclusive
• 66f2639 9.7.4
• 0892bcb fix tree cache using too much mem
• d8814e9 9.7.3
• 514b23c writeable update early return has an error for compat
• 990a896 9.7.2
• dc68560 fix update for writables
• 3c98007 9.7.1
• 3b470b4 if writable, let update be a noop unless forced
• b30994f Update crypto.js (Electron 1.6.0 beakerbrowser/beaker#285)
• ca57fea 9.7.0
• 9da983b broadcast returns bool
• 0534b7a Update README.md
• f0b9943 9.6.0
• c1c17e4 using external hypercore-streams package to remove the need for readable-stream and consistently use streamx
• f621c97 moving from travis to github
• 35919cb 9.5.7
• 7111b8a add experimental truncate api
• 45805b6 9.5.6
• 15bf51d get rid of open timeout, as it causes more problems than it fixes
• 11c5b18 bump timeout to 20s
• d5f606b 9.5.5

See the full diff

Package name: hyperdrive

The new version differs by 171 commits.

• 933e45e 10.0.0
• eeadea9 Merge branch 'v10' of github.com:mafintosh/hyperdrive into v10
• e2d8896 Add isLocked to content state
• 1ef6993 Update README.md
• 59a8e73 10.0.0-rc10
• 7ae2da8 Add secretKey to _getContent for mounts + add CORE_LOCK symbol
• 0721730 10.0.0-rc9
• f4356eb Added broken symlink readdir test + getAllMounts test
• 3261a0b 10.0.0-rc8
• b848e78 Add listAllMounts
• e47b82a 10.0.0-rc7
• 065a540 Bump mountable-hypertrie dep
• ff8a96c 10.0.0-rc6
• 5262c7d Pass flags in _update + add unmount and unmount test
• 385bf7b 10.0.0-rc5
• c277459 Pass uid/gid into mount opts
• 2330782 Update corestore dep
• 993a16f Remove unused deps
• 30f38d4 Create new statOpts inside mount
• 267198f Updated tests to remove megastore and reuse single corestores
• 9d86d94 Remove debugging statements
• 79f4be5 Update deps + don't forward top-level options into corestore
• 2bda2cb Another mount test + debugging
• 26a89d9 Re-add sparseMetadata

See the full diff

Package name: random-access-file

The new version differs by 6 commits.

• 3ab7bc1 2.0.0
• bf8096e much better coverage
• bba201e test for rmdir
• 8ba1ff5 fix node 4
• a947639 move to random-access-storage org
• 3541536 rewrite to use random-access-storage

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)