[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @thebespokepixel/string

The new version differs by 70 commits.

• 9583b13 Update Dependencies
• d308121 Merge branch 'release/v0.5.10' into develop
• 8ccef83 Update Documentation
• bc53933 Update Dependencies
• b7d5241 Update deps
• 9a77bdc Merge branch 'release/v0.5.9' into develop
• 95c31b0 Update Documentation
• 00dad7b Update Dependencies
• edfac96 Update docs
• 27bb87a Merge branch 'release/v0.5.8' into develop
• ded82f1 Update Documentation
• 35b67a8 Update Dependencies
• de95214 Update docs
• 746892a Update docs
• a801b36 Update pkg/docs/travis
• 13d97f4 Merge branch 'release/v0.5.7' into develop
• 355ed65 Update Documentation
• 853814a Update Dependencies
• b8ee7a9 Merge branch 'master' into develop
• 699a440 Merge branch 'release/v0.5.6'
• 2b9d5c9 Update docs
• 243bb0c 0.5.6
• f967333 Update deps
• 8c250b8 Merge branch 'master' into develop

See the full diff

Package name: term-ng

The new version differs by 73 commits.

• b8cb899 Update Dependencies
• 9315375 Merge branch 'release/v2.0.0' into develop
• 4446507 Update Documentation
• 8ce336f Update Dependencies
• a8824fc Update
• 8899e0a Merge branch 'release/v1.0.5' into develop
• b4eb2d9 Update Documentation
• 2d7bdde Update Dependencies
• 243b195 Update docs
• 10e8bd4 Update docs
• 040b71f Merge branch 'release/v1.0.4' into develop
• b5dcbbb Update Documentation
• 9fe33e4 Update Dependencies
• 87e9c19 Update pkg/docs
• e8100fa Merge branch 'release/v1.0.3' into develop
• ffaf4ff Update Documentation
• d8c7593 Update Dependencies
• fe38dac Merge branch 'release/v1.0.2' into develop
• b78514e Update Documentation
• e6ec966 1.0.2
• 9d19ad4 Update Dependencies
• 5d45f8f Merge branch 'master' into develop
• a600e2f Merge branch 'release/v1.0.1'
• 0f23c61 Update docs

See the full diff

Package name: truwrap

The new version differs by 86 commits.

• ba9fc1c Update Dependencies
• 55cf3bd Update
• 25e4939 Merge branch 'release/v1.0.5' into develop
• d325317 Update Documentation
• 1fa9520 Update Dependencies
• 6094c14 Update docs
• afa86e6 Update docs
• f22498f Update pkg
• 939000b Fix docs
• 652ca51 Merge branch 'release/v1.0.4' into develop
• 3d3a874 Update Documentation
• af5206f Update Dependencies
• fd02e69 Fix import ordering
• ef8ebb9 Update pkg/docs
• a195d36 Merge branch 'release/v1.0.3' into develop
• d2a773d Update Documentation
• 4e0b673 Update Dependencies
• 03aa4b3 Merge branch 'release/v1.0.2' into develop
• 0be40c6 Update Documentation
• 1cbef73 1.0.2
• 5f9f1a7 Update Dependencies
• 81b9e50 Merge branch 'master' into develop
• c8efb2e Merge branch 'release/v1.0.1'
• a24502e Update docs

See the full diff

Package name: update-notifier

The new version differs by 49 commits.

• adf7803 4.0.0
• fb5161c Remove the `callback` option (Update documentation-theme-bespoke to the latest version 🚀 thebespokepixel/trucolor#158)
• 39682de Rename `boxenOpts` option to `boxenOptions`
• bc1721a Avoid showing notification if current version is the latest (Update truwrap to the latest version 🚀 thebespokepixel/trucolor#174)
• ccaf686 Update dependencies
• b1525e6 Disable when `NODE_ENV` is `test` ([Snyk] Fix for 1 vulnerabilities thebespokepixel/trucolor#173)
• bf73119 Fix install command for npm global ([Snyk] Fix for 1 vulnerabilities thebespokepixel/trucolor#165)
• 592b025 3.0.1
• f8b4e60 Update Travis matrix
• a6d6b49 Update URL to TTY (Update nyc to the latest version 🚀 thebespokepixel/trucolor#163)
• f9d168a Remove object spread to support node >=8.0.0 <8.6.0 (Update ava to the latest version 🚀 thebespokepixel/trucolor#164)
• 1712928 Tidelift tasks
• 72f83d1 Create funding.yml
• a7bb3ee 3.0.0
• ad8ed1b Suggest yarn when installed with yarn (Update xo to the latest version 🚀 thebespokepixel/trucolor#132)
• 5f06620 Exit the update check process if it does not respond after 30s ([Snyk] Fix for 1 vulnerable dependencies thebespokepixel/trucolor#156)
• 79e89ad Fix failing test (Update ava to the latest version 🚀 thebespokepixel/trucolor#155)
• c8faa84 Add `distTag` option (An in-range update of yargs is breaking the build 🚨 thebespokepixel/trucolor#151)
• 14632e4 Add failing test for Update rollup-plugin-node-resolve to the latest version 🚀 thebespokepixel/trucolor#153 (Update gulp-chmod to the latest version 🚀 thebespokepixel/trucolor#154)
• aafd8a0 Require Node.js 8
• 0d49f51 Add Tidelift mention in the readme
• 8df01b3 Fix docs position of `shouldNotifyInNpmScript` (Update documentation-theme-bespoke to the latest version 🚀 thebespokepixel/trucolor#143)
• d371834 Docs: isGlobal option does not default to true (An in-range update of truwrap is breaking the build 🚨 thebespokepixel/trucolor#142)
• 5cd6577 2.5.0

See the full diff

Package name: verbosity

The new version differs by 89 commits.

• b22429f Update Dependencies
• 5608b79 Merge branch 'release/v1.2.0' into develop
• e6adfb8 Update Documentation
• 9151889 Update Dependencies
• 5dc6c7e Turn off global default.
• f565bf5 Merge branch 'release/v1.1.3' into develop
• 216d67a Update Documentation
• e103271 Update Dependencies
• e1ed24b Update docs
• 2d1799d Update travis
• 1ee0e3b Update travis
• 5e07a23 Merge branch 'release/v1.1.2' into develop
• 69f544e Update Documentation
• 598bf10 Update Dependencies
• e0662a5 Fix tests
• 671cc1a Update pkg/docs
• 497a2f2 Merge branch 'release/v1.1.1' into develop
• 9e632a3 Update Documentation
• da98104 Update Dependencies
• 8da3319 Merge branch 'release/v1.1.0' into develop
• f1f90d3 Update Documentation
• 03106a1 Update Dependencies
• 9e61575 Add global verbosity control
• a46aef1 Merge branch 'release/v1.0.2' into develop

See the full diff

Package name: yargs

The new version differs by 250 commits.

• aa09faf chore: release 15.0.1 (#1480)
• 6a9ebe2 fix(deps): cliui, find-up, and string-width, all drop Node 6 support (#1479)
• 5cc2b5e chore: release 15.0.0 (#1462)
• 62a114a force build
• 1840ba2 feat: expose `Parser` from `require('yargs/yargs')` (#1477)
• afd5b48 fix(docs): update boolean description and examples in docs (#1474)
• c10c38c feat(deps)!: yargs-parser now throws on invalid combinations of config (#1470)
• 0cba424 build: switch to release-please for releases (#1471)
• 445bc58 chore: update engines to note Node 6 is dropped (#1469)
• 52d875a test: add additional test for 1459
• 12c82e6 fix: stop-parse was not being respected by commands (#1459)
• b4812ac test: add tests for argsert warning to display positional information (#1468)
• 10f10ee test: cover missing filter arg in obj-filter (#1467)
• cb0396f build: switch to c8 for coverage (#1464)
• ebee59d fix!: update to yargs-parser with fix for array default values (#1463)
• 5120aec test: adds missing array choice regression test (#1447)
• 2ba8ce0 chore!: drop Node 6 support (#1461)
• cb64329 build: configure release-please
• 0d3642b refactor!: remove package.json-based parserConfiguration (#1460)
• 9adf22e doc(webpack): webpack example (#1436)
• 7e1c8fc Add missing french translation (#1456)
• b1b156a fix(docs): TypeScript import to prevent a future major release warning (#1441)
• bc3c4d1 chore(release): 14.2.0
• 4d21520 feat(deps): introduce yargs-parser with support for unknown-options-as-args (#1440)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic