[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: chalk

The new version differs by 53 commits.

• 3fca615 2.0.0
• f66271e Add tagged template literal (Figure out why e2e script doesn't catch some issues facebook/create-react-app#163)
• 23ef1c7 fix linter errors
• c015568 add rainbow example
• 09fb2d8 Re-implement `chalk.enabled` (Contributing instructions step two facebook/create-react-app#160)
• 608242a spoof supports-color
• 18f2e7c add host information output
• 523b998 Revert "TEMPORARY: emergency travis CI fix (see comments)"
• 54975fb TEMPORARY: emergency travis CI fix (see comments)
• 1d73b21 Improve readme
• 6f4d6b3 Bump dependencies
• 8702496 Remove `chalk.styles`
• 0412cdf Minor code improvements
• 249b9ac ES2015ify the codebase
• cb3f230 Add RGB (256/Truecolor) support (Electron support facebook/create-react-app#140)
• dbae68d Update dependent package count in the readme (initial settings for editorconfig facebook/create-react-app#154)
• 9b60021 Drop support for Node.js 0.10 and 0.12
• 0d21449 check parent builder object for enabled status (Typescript Option facebook/create-react-app#142)
• 5a69476 add XO badge
• 492f11f add example file
• 4ce73b6 make XO happy
• 7c02cf4 Add log statement to chalk examples (Add missing semver dependency. facebook/create-react-app#129)
• 835ca3d You've just reached 10,000 dependent modules. (Typo fix facebook/create-react-app#122)
• 74c087d minor doc improvements (United init command for both React and React Native facebook/create-react-app#120)

See the full diff

Package name: css-loader

The new version differs by 207 commits.

• 634ab49 chore(release): 2.0.0
• 6ade2d0 refactor: remove unused file ("Displaying Lint Output in the Editor" instructions not working in VS Code facebook/create-react-app#860)
• e7525c9 test: nested url (Exit production build if any errors are in build stats facebook/create-react-app#859)
• 7259faa test: css hacks (Upgrade to Jest 16 facebook/create-react-app#858)
• 5e6034c feat: allow to filter import at-rules (NPM shows the latest version to be 0.5.0 facebook/create-react-app#857)
• 5e702e7 feat: allow filtering urls (Dispose error overlay when linting errors have been corrected facebook/create-react-app#856)
• 9642aa5 test: css stuff (Correct a comment mistype in webpack production config facebook/create-react-app#855)
• 3338656 fix: reduce number of require for url (Feature request: Doc generation facebook/create-react-app#854)
• 533abbe test: issue 636 (Using pow (virtual host proxy) causes websocket error facebook/create-react-app#853)
• 08c551c refactor: better warning on invalid url resolution (Add root imports with tilde prefix facebook/create-react-app#852)
• b0aa159 test: issue Added instructions for using local images facebook/create-react-app#589 (Update Jest to 16 facebook/create-react-app#851)
• f599c70 fix: broken unucode characters (Document folder layout in CONTRIBUTING.md facebook/create-react-app#850)
• 1e551f3 test: issue 286 (Add base routes for source files facebook/create-react-app#849)
• 419d27b docs: improve readme (Return correct package name when using a custom react-script scoped package facebook/create-react-app#848)
• d94a698 refactor: webpack-default (Build size info facebook/create-react-app#847)
• b97d997 feat: schema options
• 453248f fix: support module resolution in composes (favicon.ico spelled incorrectly in index.html facebook/create-react-app#845)
• 8a6ea10 refactor: postcss plugins (Fson eslint config react app e2e facebook/create-react-app#844)
• fdcf687 fix: url resolving logic (Missing script: start facebook/create-react-app#843)
• 889dc7f feat: allow to disable css modules and disable their by default (Tin tức  facebook/create-react-app#842)
• ee2d253 test: importLoaders option (Update instructions on publishing to GitHub pages facebook/create-react-app#841)
• 1dad1fb feat: reuse postcss ast from other loaders (i.e `postcss-loader`) (Make webpackHotDevClient support webpack 2 too facebook/create-react-app#840)
• fe94ebc test: icss reserved keywords (Make react-dev-utils/webpackHotDevClient work with webpack 2 facebook/create-react-app#839)
• 9eaba66 refactor: migrate on message api for postcss-icss-plugin (Add Rails link to User Guide facebook/create-react-app#838)

See the full diff

Package name: eslint

The new version differs by 250 commits.

• c4fffbc 8.0.0
• d51f4cf Build: changelog update for 8.0.0
• 7d3f7f0 Upgrade: unfrozen @ eslint/eslintrc (fixes #15036) (#15146)
• 2174a6f Fix: require-atomic-updates property assignment message (fixes #15076) (#15109)
• f885fe0 Docs: add note and example for extending the range of fix (refs #13706) (#13748)
• 3da1509 Docs: Add jsdoc `type` annotation to sample rule (#15085)
• 68a49a9 Docs: Update Rollup Integrations (#15142)
• d867f81 Docs: Remove a dot from curly link (#15128)
• 9f8b919 Sponsors: Sync README with website
• 4b08f29 Sponsors: Sync README with website
• ebc1ba1 Sponsors: Sync README with website
• 2d654f1 Docs: add example .eslintrc.json (#15087)
• 16034f0 Docs: fix fixable example (#15107)
• 07175b8 8.0.0-rc.0
• 71faa38 Build: changelog update for 8.0.0-rc.0
• 67c0074 Update: Suggest missing rule in flat config (fixes #14027) (#15074)
• cf34e5c Update: space-before-blocks ignore after switch colons (fixes #15082) (#15093)
• c9efb5f Fix: preserve formatting when rules are removed from disable directives (#15081)
• 14a4739 Update: `no-new-func` rule catching eval case of `MemberExpression` (#14860)
• 7f2346b Docs: Update release blog post template (#15094)
• fabdf8a Chore: Remove `target.all` from `Makefile.js` (#15088)
• e3cd141 Sponsors: Sync README with website
• 05d7140 Chore: document target global in Makefile.js (#15084)
• 0a1a850 Update: include `ruleId` in error logs (fixes #15037) (#15053)

See the full diff

Package name: html-webpack-plugin

The new version differs by 250 commits.

• 873d75b chore(release): 5.5.0
• ddeb774 chore: update examples
• 1e42625 feat: Support type=module via scriptLoading option
• 7d3645b Bump pretty-error to 4.0.0 to fix transitive vuln for ansi-regex CVE-2021-3807
• 79be779 [chore] changes actions to run on pull_requests
• b7e5859 [chore] fixes CI to avoid race conditions
• 48131d3 chore(release): 5.4.0
• 16a841a [chore] rebuild examples
• 3bb7c17 Update index.js
• e38ac97 Update index.js
• f08bd02 [chore] updates fixtures
• d62a10f [chore] upgrades html-minifier-terser@5.0.0 -> 6.0.2
• 2f5de7a Remove archived plugin
• 8f8f7c5 chore(release): 5.3.2
• 053c6e6 chore: update snapshot tests for webpack 5.4.0
• 9c7fba0 Fix security vulnerabilities
• b98fbeb Fix security vulnerabilities
• 25cdfc7 Added inject-body-webpack-plugin to readme
• 0e4c1fb Update README to document actual behavior
• 0a6568d chore(release): 5.3.1
• 82d0ee8 fix: remove loader-utils from plugin core
• 6f39192 chore(release): 5.3.0
• d654f5b feat: allow to modify the interpolation options in webpack config
• 41d7a50 feat: drop loader-utils dependency

See the full diff

Package name: postcss-loader

The new version differs by 237 commits.

• 7647ac9 chore(release): 3.0.0
• 313c3c4 docs(README): update filename formatting
• d6931da refactor(Error): add `error` property checks
• 962b1d6 refactor(options): remove `ident` from validation schema
• 1f98aee refactor(Warning): add `warning` property checks
• 95de4c1 docs(LOADER): update JSDoc
• ea68a42 chore(package): update `schema-utils` v0.4.5...1.0.0 (`dependencies`)
• 73a8c66 chore(ISSUE_TEMPLATE/DOCS): add template for documentation issues
• 70f4426 chore(ISSUE_TEMPLATE/FEATURE): add feature request template
• 4a0328e chore(ISSUE_TEMPLATE/BUG): move bug reports into their own template
• 319d1f7 chore(PULL_REQUEST_TEMPLATE): improve format and content
• bdcbef0 refactor(src): update code base with latest ES2015+ features
• f34954f fix(index): add ast version (`meta.ast`)
• 8ac6fb5 fix(index): emit `warnings` as an instance of `{Error}`
• 2c6033b test(Errors): remove stacktrace from snapshot
• 549ea08 fix(options): improved `ValidationError` messages
• fbf05de test: replace helpers with `@ webpack-utilities/test` (Add Netlify to deploy instructions facebook/create-react-app#386)
• daa0da8 chore(package): update `postcss` v6.0.0...7.0.0 (`dependencies`) (check if npm properly supports long cache-min and enable if so facebook/create-react-app#375)
• 114db12 docs(README): add autoprefixing example (Failed after run create-react-app test facebook/create-react-app#380)
• 8772814 style(standard): fix linting issues
• 8ef443f ci(travis): build stages
• 6f10898 ci(appveyor): readd Appveyor CI (External node module css load problem facebook/create-react-app#381)
• 0bb835c ci(package): run tests in an explicit environment (`jest --env=node`) (Fixed typo facebook/create-react-app#382)
• 5e2bca9 docs(README): replace `postcss-cssnext` with `postcss-preset-env` (Add Surge.sh to deploy instructions facebook/create-react-app#379)

See the full diff

Package name: webpack-dev-server

The new version differs by 250 commits.

• c9271b9 chore(release): 4.0.0
• 18bf369 test: fix stability (Can't use NODE_PATH with two directories facebook/create-react-app#3676)
• cdcabb2 fix: respect protocol from browser for manual setup (add experimental babel-plugin-macros support facebook/create-react-app#3675)
• 1768d6b fix: initial reloading for lazy compilation (Overlay launch editor in Webstorm 2017.3.2 does not work facebook/create-react-app#3662)
• 4f5bab1 docs: improve examples (Preparing the next release facebook/create-react-app#3672)
• f2d87fb fix: improve https CLI output (I am trying to run 'create-react-app blog-app' command on cmd but its giving me errors  facebook/create-react-app#3673)
• 0277c5e chore: remove redundant console statements (Including from a CDN facebook/create-react-app#3671)
• 16fcdbc docs: add `ipc` example (typescript facebook/create-react-app#3667)
• 8915fb8 test: add e2e tests for built in routes (Allow user to define what node_modules to transpile down to ES5 facebook/create-react-app#3669)
• 4d1cbe1 docs: ask `version` information in issue template (stylus facebook/create-react-app#3668)
• b6c1881 chore(deps-dev): bump core-js from 3.16.1 to 3.16.2 (Error: Cannot find module 'react-dev-utils/ignoredFiles' facebook/create-react-app#3666)
• ffa8cc5 chore(deps-dev): bump supertest from 6.1.5 to 6.1.6 (Invalidate cache by service worker facebook/create-react-app#3665)
• f1fdaa7 chore(release): 4.0.0-rc.1
• c4678bc fix: legacy API (Add WebWorker Support facebook/create-react-app#3660)
• d8bdd03 test: fix stability (Travis CI use trusty instead precise facebook/create-react-app#3661)
• 22b1414 refactor: remove `killable` (Stop Treating warnings as errors because process.env.CI = true. facebook/create-react-app#3657)
• 75bafbf test: add e2e tests for module federation (An issue to compile facebook/create-react-app#3658)
• 493ccbd chore(deps): update `ws` (added code-insiders to the editor list facebook/create-react-app#3652)
• ae8c523 test: add e2e test for universal compiler (Better documentation for setupTests.js when ejecting facebook/create-react-app#3656)
• f94b84f chore(deps): update (unable to install react script, react and react-dom facebook/create-react-app#3655)
• 1923132 test: fix cli
• 2adfd01 test: fix todo (Document common peer dependency warnings facebook/create-react-app#3653)
• 6e2cbde fix: proxy logging and allow to pass options without the `target` option (Why react-scripts is a dependency instead of a dev-dependency? facebook/create-react-app#3651)
• c9ccc96 fix: respect infastructureLogging.level for client.logging (Service worker fails to load new dynamic/code-split chunk facebook/create-react-app#3613)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 9474322

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR