[Snyk] Fix for 1 vulnerabilities

[Matthelonianxl]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	461/1000 Why? Recently disclosed, Has a fix available, CVSS 3.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-DEBUG-3227433	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: method-override

The new version differs by 19 commits.

• 5b83d4f 3.0.0
• 0aef6c8 deps: debug@3.1.0
• ddb4bcc build: supertest@1.2.0
• baed633 build: mocha@3.5.3
• b357d8e Drop support for Node.js below 0.10
• 09582af build: support Node.js 10.x
• 7579004 lint: apply standard 11 style
• 00ca04a build: support Node.js 9.x
• c92384c build: eslint-plugin-promise@3.7.0
• 4947f58 build: eslint-plugin-import@2.11.0
• 6fb651a build: support Node.js 8.x
• 21c08c3 build: Node.js@6.14
• 254b6ef build: Node.js@4.9
• 26ba0ce build: eslint-plugin-node@5.2.1
• 4aef9e5 build: eslint-plugin-import@2.8.0
• 7aced59 docs: remove gratipay badge
• b232f67 build: eslint-plugin-promise@3.6.0
• d96eb1f build: Node.js@6.12
• 78421d2 build: fix Node.js 0.8 npm install

See the full diff

Package name: socket.io

The new version differs by 26 commits.

• db831a3 [chore] Release 2.1.0
• ac945d1 [feat] Add support for dynamic namespaces (Add functionality for handling exceptions present in the blockchain - Closes #3181 LiskArchive/lisk-sdk#3195)
• ad0c052 [docs] Add note in docs for `origins(fn)` about `error` needing to be a string. (Remove Storage.instance to allow Storage component to be used by different modules LiskArchive/lisk-sdk#2895)
• 1f1d64b [fix] Include the protocol in the origins check (Remove invokeAsync() from controller and bus LiskArchive/lisk-sdk#3198)
• f4fc517 [fix] Properly emit 'connect' when using a custom namespace (Add capability to register database migration from the application/module layer LiskArchive/lisk-sdk#3197)
• be61ba0 [docs] Add link to a Dart client implementation (Add schema validation support to system component on provided options LiskArchive/lisk-sdk#2940)
• c0c79f0 [feat] Add support for dynamic namespaces (Remove attributes related to the unconfirmed state from the API - Closes #3183 LiskArchive/lisk-sdk#3187)
• dea5214 [chore] Bump superagent and supertest versions (Integration test for InMemoryChannel - Partially Closes #3118 LiskArchive/lisk-sdk#3186)
• b1941d5 [chore] Bump engine.io to version 3.2.0
• a23007a [docs] Update license year (Prepare README.md files describing the new repositories structure  LiskArchive/lisk-sdk#3153)
• f48a06c [feat] Add a 'binary' flag (Pass termination signals to the child processes LiskArchive/lisk-sdk#3185)
• 0539a2c [test] Update travis configuration
• c06ac07 [docs] Fix typo (Update README for the framework modules LiskArchive/lisk-sdk#3157)
• 52b0960 [chore] Bump debug to version 3.1.0
• 1c108a3 [chore] Release 2.0.4
• f333479 [test] Use npm scripts instead of gulp (Run mocha tests by npm scripts & Remove Gruntfile.js - Closes #2935 LiskArchive/lisk-sdk#3078)
• 3f61165 [docs] Fix a grammar mistake in the API docs (Convert system component to a general application state - Closes #3036 LiskArchive/lisk-sdk#3076)
• e26b71c [docs] Fix typo in API docs (Typo in Readme LiskArchive/lisk-sdk#3066)
• 3386e15 [docs] Actually prevent input from having injected markup in chat example (Add validation config for system component - Closes #2940 LiskArchive/lisk-sdk#2987)
• 3684d59 [docs] Use path.join instead of concatenating paths (Upgrade lisk-elements - Closes #3007 LiskArchive/lisk-sdk#3014)
• dd69abb [fix] Reset rooms object before broadcasting from namespace (Update docker configuration to match with current structure LiskArchive/lisk-sdk#3039)
• 1f0e64a [fix] Do not throw when receiving an unhandled error packet (Block has no scope bind and transport validation is failing - Closes #3037 LiskArchive/lisk-sdk#3038)
• 9d170a7 [docs] Add io.emit in the cheat sheet (Group transaction actions on Chain module LiskArchive/lisk-sdk#2992)
• 7199d1b [docs] Fix misnamed 'Object.keys' in API docs (API Transaction Type Delegate Creation Missing Asset Fields LiskArchive/lisk-sdk#2979)

See the full diff

Package name: sway

The new version differs by 46 commits.

• e7a5a79 v2.0.0
• 79111bd Preparing for v2.0.0 release
• 6447d8c Add support for custom request/response validation
• 0f3e2f8 Added test for documents with circular documents
• 33a4767 Do not validate Content-Type for empty bodies
• ef7d4ed Make `#getSample` for `Parameter` and `Response` work file type
• 9a4befc Fix issue where `UNUSED_DEFINITION` warnings were reported by error
• 7040c09 Add support for strict request/response validation
• cda4431 Fix bug where `Path#getOperation` by `operationId` returns a `Path`
• 1edce17 Add support for registering custom formats and format generators
• 3d4f297 Add support for registering custom format generators
• 1dc454c Add release notes, test and browser builds for fixes #170 LiskArchive/lisk-sdk#174
• dd26567 Update json-schema-faker for date and time support (fixes #170 LiskArchive/lisk-sdk#174)
• 998f0c8 Better error for empty parameter value with `allowEmptyValues` false
• d796c9d Fixed issue in `Sway#getPath` with regexp characters in definition
• 2ed7ed8 Make Sway#getPath handle multiple matches better
• ee83295 Updated release notes for bugs fixed in previous commit
• cdd8030 Upgraded dependencies for new json-refs release
• d2f577e Add support for registering custom formats
• 18604e2 Rewrite the document walker function
• 6d83390 Fix bug in reference resolution
• 43e33d8 Support req.originalUrl for Sway#getPath and Parameter#getValue
• 94ba34f Make type coercion for arrays in query parameters better
• 09dec1c Support finding operations by operationId

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)