[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/core/package.json
  • packages/core/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	544/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 7.3	Prototype Pollution SNYK-JS-Y18N-1021887	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: ts-jest

The new version differs by 189 commits.

• 6916e7b Merge pull request Fix build amplify-react aws-amplify/amplify-js#650 from kulshekhar/kulshekhar-patch-1
• 54a30eb Bump the version (minor)
• 9e61969 Merge pull request add docs for protected storage level aws-amplify/amplify-js#626 from huafu/feature/upgrade-babel-and-fix-tsconfig
• ef21f50 Merge branch 'master' into feature/upgrade-babel-and-fix-tsconfig
• c67ba4d Merge pull request Don't add AppSync PubSub provider more than once aws-amplify/amplify-js#649 from kulshekhar/greenkeeper/monorepo.react-16.4.2
• 9a6904f Merge branch 'master' of https://github.com/kulshekhar/ts-jest into feature/upgrade-babel-and-fix-tsconfig
• 8a94008 chore(package): update react-test-renderer to version 16.4.2
• 6e73fb9 chore(package): update react to version 16.4.2
• c947791 chore(package): update @types/node to version 10.5.5 (SignIn with confirmed user failed aws-amplify/amplify-js#646)
• fd24ae6 Merge pull request New polyfill to fix PubSub for SSR breaks checks for SSR. aws-amplify/amplify-js#640 from jmheik/to-dev-deps
• e2028da Merge branch 'master' into to-dev-deps
• 4396dde Merge pull request To fix this issue: https://github.com/aws/aws-amplify/issues/625#event-1569199693 aws-amplify/amplify-js#641 from jeznag/patch-1
• 7d78123 Merge branch 'master' into patch-1
• b38e4ca Add TypeScript ^3.0.0 as supported peer dependencies (Analytics retry issue aws-amplify/amplify-js#644)
• 1e287f3 Add more details on using module name mapper
• df71945 doc: adds troubleshooting wiki page links
• 0b2e406 Move dev only deps to devDependencies.
• fb5cd12 chore: simplify jest config test helper + moves test utils
• ddc8c32 chore: moves test-utils.ts in __helpers__ dir
• a5370cf Merge branch 'master' into feature/upgrade-babel-and-fix-tsconfig
• db590d2 Update @types/react to the latest version 🚀 (Support Push Notifications for non-ejected CRNA apps aws-amplify/amplify-js#631)
• 4fc3933 chore: changes after GeeWee review
• fbe4f1f perf: do not hash cache key, jest does it underneath
• 5ab100c fix: resolves correctly config file path (fix Fix problem with Polyfills aws-amplify/amplify-js#636)

See the full diff

Package name: webpack

The new version differs by 250 commits.

• 213226e 4.0.0
• fde0183 Merge pull request image compression on s3 upload aws-amplify/amplify-js#6081 from webpack/formating/prettier
• b6396e7 update stats
• f32bd41 fix linting
• 5238159 run prettier on existing code
• 518d1e0 replace js-beautify with prettier
• 4c25bfb 4.0.0-beta.3
• dd93716 Merge pull request CORS Header error only when Published and only on Safari aws-amplify/amplify-js#6296 from shellscape/fix/hmr-before-node-stuff
• 7a07901 Merge pull request feat(@aws-amplify/ui-components): Add ChatBot Component aws-amplify/amplify-js#6563 from webpack/performance/assign-depth
• c7eb895 Merge pull request #6452 from webpack/update_acorn
• 9179980 Merge pull request Add amazon-cognito-identity-js tests to CircleCI aws-amplify/amplify-js#6551 from nveenjain/fix/templatemd
• e52f323 optimize performance of assignDepth
• 6bf5df5 Fixed template.md
• 90ab23a Merge branch 'master' into fix/hmr-before-node-stuff
• b0949cb add integration test for spread operator
• 39438c7 unittest now also walks the ast
• 15ab027 Merge pull request #6536 from jevan0307/sideEffects-selectors
• 1611ce1 Merge pull request fix(@aws-amplify/auth): CodeDeliveryDetails return type for Auth.resendSignUp aws-amplify/amplify-js#6561 from joshunger/patch-1
• 6e175bc Merge pull request Support Nuxt.js (Vue) also along with Next.js (React) for SSR  aws-amplify/amplify-js#6549 from webpack/md4_hash
• 0637531 Add a hyperlink to create a new issue
• 0e1f9c6 Merge pull request #6554 from webpack/deps/end-of-beta
• 72477f4 upgrade versions to stable versions
• ed30285 Merge pull request refactor(@aws-amplify/core): Rewrite aws-lex-audio.js and centralize it at core aws-amplify/amplify-js#6546 from webpack/bot/review-permission
• 40ee8c7 Use MD4 for hashing

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic