[Snyk] Security upgrade nodebots-interchange from 1.5.0 to 2.1.1

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: nodebots-interchange

The new version differs by 201 commits.

• 372bec2 chore(release): 2.1.1
• 7d260e2 Merge pull request #111 from nodebots/fix/110-upgrade-serialport-parser
• b7c6fc9 fix(security): Updated packages that had security vulnerabiltiies
• 400bf69 fix(deps): Updated packages to fix parser readline tests
• f288939 Merge pull request #109 from nodebots/dependabot/npm_and_yarn/standard-version-9.1.0
• ec39f14 Merge branch 'master' into dependabot/npm_and_yarn/standard-version-9.1.0
• f91de1d Merge pull request #108 from nodebots/dependabot/npm_and_yarn/node-notifier-8.0.1
• 1d44943 Merge branch 'master' into dependabot/npm_and_yarn/node-notifier-8.0.1
• 5236400 Merge pull request #107 from nodebots/dependabot/npm_and_yarn/axios-0.21.1
• 535dff3 chore(deps-dev): bump standard-version from 9.0.0 to 9.1.0
• b064fa6 chore(deps): bump node-notifier from 8.0.0 to 8.0.1
• 0428990 chore(deps): bump axios from 0.21.0 to 0.21.1
• 9adcf44 Merge pull request #106 from nodebots/dependabot/npm_and_yarn/eslint-7.16.0
• 4c7a131 chore(deps-dev): bump eslint from 7.15.0 to 7.16.0
• 1505f4c Merge pull request #105 from nodebots/dependabot/npm_and_yarn/serialport-9.0.4
• 45039e1 chore(deps): bump serialport from 9.0.3 to 9.0.4
• 9543286 Merge pull request #104 from nodebots/dependabot/npm_and_yarn/husky-4.3.6
• d10b7c9 chore(deps-dev): bump husky from 4.3.5 to 4.3.6
• 33c5456 Merge pull request #102 from nodebots/dependabot/npm_and_yarn/commander-6.2.1
• 6ecf1f0 chore(deps): bump commander from 6.2.0 to 6.2.1
• af360f1 Merge pull request #101 from nodebots/dependabot/npm_and_yarn/ini-1.3.7
• ff8bfb3 chore(deps): bump ini from 1.3.5 to 1.3.7
• f6db1f2 Merge pull request #100 from nodebots/dependabot/npm_and_yarn/husky-4.3.5
• bc8f175 chore(deps-dev): bump husky from 4.3.0 to 4.3.5

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.