[Snyk] Fix for 25 vulnerabilities

[adamlaska]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • standalone-packages/vscode-textmate/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution SNYK-JS-DOTPROP-543489	Yes	Proof of Concept
	671/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7	Remote Code Execution (RCE) SNYK-JS-HANDLEBARS-1056767	No	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-HANDLEBARS-1279029	No	Proof of Concept
	579/1000 Why? Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-HANDLEBARS-173692	No	No Known Exploit
	579/1000 Why? Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-HANDLEBARS-174183	No	No Known Exploit
	579/1000 Why? Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-HANDLEBARS-469063	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-HANDLEBARS-480388	No	No Known Exploit
	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Arbitrary Code Execution SNYK-JS-HANDLEBARS-534478	No	Proof of Concept
	704/1000 Why? Has a fix available, CVSS 9.8	Prototype Pollution SNYK-JS-HANDLEBARS-534988	No	No Known Exploit
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Prototype Pollution SNYK-JS-HANDLEBARS-567742	No	Proof of Concept
	631/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.2	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-INI-1048974	Yes	Proof of Concept
	509/1000 Why? Has a fix available, CVSS 5.9	Denial of Service (DoS) SNYK-JS-JSYAML-173999	No	No Known Exploit
	619/1000 Why? Has a fix available, CVSS 8.1	Arbitrary Code Execution SNYK-JS-JSYAML-174129	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-1019388	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	Yes	No Known Exploit
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Prototype Pollution SNYK-JS-MINIMIST-2429795	Yes	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-MINIMIST-559764	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept
	751/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.6	Arbitrary Code Execution SNYK-JS-THENIFY-571690	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	No	No Known Exploit
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	Yes	Proof of Concept
	579/1000 Why? Has a fix available, CVSS 7.3	Prototype Pollution npm:extend:20180424	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:minimatch:20160620	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: remap-istanbul

The new version differs by 13 commits.

• 72ddb4b Add dependency status to README ([Snyk] Fix for 1 vulnerabilities #91)
• 10804e1 fixed: "code" property in coverage.json [Snyk] Security upgrade react-instantsearch from 5.7.0 to 6.0.0 #79 ([Snyk] Security upgrade react-dev-utils from 3.1.1 to 12.0.0 #82)
• ff0bc8d Fixed issue where basePath option was ignored in case of inline sourc… ([Snyk] Security upgrade nginx from 1.16.1-alpine to 1.20.1-alpine #80)
• ce92faf Add 'exclude' option for grunt ([Snyk] Security upgrade @starptech/prettyhtml from 0.8.4 to 0.10.0 #72)
• 8d6b5a1 fix relative paths handling in sourcemaps (issue [Snyk] Security upgrade @svgr/core from 2.4.1 to 4.0.0 #70) ([Snyk] Fix for 1 vulnerabilities #71)
• 24eb7b2 stop using WeakMap when not available ([Snyk] Security upgrade gatsby from 2.32.13 to 3.13.0 #64)
• 32fbb65 Update code to match coding styles ([Snyk] Fix for 1 vulnerabilities #90)
• c6a9d48 fix(remap) Added source code as an array to fileCoverage object. ([Snyk] Security upgrade overmind-devtools from 19.0.1 to 29.0.0 #73)
• 92d8dc0 Clarify exclude patterns in README ([Snyk] Security upgrade react-dev-utils from 3.1.1 to 11.0.0 #69)
• fc6daf2 Update dependencies. ([Snyk] Security upgrade overmind-graphql from 3.1.0 to 7.0.0 #89)
• 6608623 Graceful handling of invalid/non-existent sourceMappingURL ([Snyk] Security upgrade immer from 3.3.0 to 9.0.6 #62)
• 58e0e69 fixed: Missing folder structure in html output [Snyk] Security upgrade overmind-devtools from 19.0.1 to 29.0.0 #50 ([Snyk] Fix for 1 vulnerabilities #65)
• 659f449 Update package metadata

See the full diff

Package name: typings

The new version differs by 23 commits.

• ce773a3 2.1.1
• 2dfd06b Avoid printing "no dependencies", print uninstall
• 657bd4a chore(package): update tslint-config-standard to version 5.0.0 ([Snyk] Security upgrade vscode from 1.1.6 to 1.1.37 #788)
• 60aa87a chore(package): update tslint to version 5.0.0 ([Snyk] Fix for 1 vulnerabilities #786)
• 6afabc9 chore(package): update ts-node to version 3.0.0 ([Snyk] Security upgrade parcel-bundler from 1.9.7 to 1.12.5 #783)
• aba62db Update `typings-core` to latest build
• 04ff2fb Update TSLint
• 46d6ab3 fix(package): update update-notifier to version 2.0.0 ([Snyk] Security upgrade gulp from 3.9.1 to 4.0.0 #770)
• 74a60d9 chore(package): update tslint-config-standard to version 3.0.0 ([Snyk] Security upgrade semantic-release from 15.13.1 to 17.0.1 #761)
• 25309fd fix(package): update cli-truncate to version 1.0.0 ([Snyk] Security upgrade sass-formatter from 0.4.15 to 0.7.4 #758)
• a7e34df chore(package): update ts-node to version 2.0.0 ([Snyk] Security upgrade @typescript-eslint/eslint-plugin from 4.2.0 to 5.10.0 #752)
• afc99a2 v2.1.0
• fed00bf Update generated documentation
• 454fd1f Update bin-install.ts ([Snyk] Upgrade jsonc-parser from 2.0.2 to 2.3.1 #744)
• ebecc13 Update README.md ([Snyk] Security upgrade webpack-cli from 2.1.5 to 3.0.0 #742)
• c67bd61 Update build to use native promises
• 23e4906 Document supported node versions in FAQ ([Snyk] Security upgrade nginx from 1.16.1-alpine to 1.25.4-alpine #737)
• e42ec68 Update TSLint
• 68c9af7 chore(package): update tslint-config-standard to version 2.0.0 ([Snyk] Security upgrade nginx from 1.16.1-alpine to 1.25.5-alpine #731)
• ffc6497 v2.0.0
• f36b453 fix(package): update typings-core to version 2.0.0 ([Snyk] Security upgrade nginx from 1.16.1-alpine to 1-alpine #725)
• 4d76d44 Document effect of `NODE_ENV=production` on the `typings install` command ([Snyk] Security upgrade release-it from 7.6.3 to 13.6.5 #721)
• af50263 chore: drop support for Node.js 0.10 ([Snyk] Fix for 1 vulnerabilities #722)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution
🦉 Remote Code Execution (RCE)

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.