[Snyk] Fix for 1 vulnerabilities

[aliscco]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • node_modules/eslint-module-utils/node_modules/debug/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: concurrently

The new version differs by 106 commits.

• 105445c 6.2.2
• 875d375 Fix linting
• 7263ffe Remove read-pkg
• 8bcdf7f ci: add missing parallel coverage reporting step
• 24e51ad Add coveralls badge to readme
• b16585f ci: readd coveralls reporting
• 0bc490f 6.2.1
• c295062 Stop reading from stdin after programmatic API finishes ([Snyk] Fix for 3 vulnerabilities #253)
• 07a7de1 Update links to new GH org and remove travis+appveyor ([Snyk] Security upgrade mocha from 2.5.3 to 10.1.0 #285)
• f574848 Fix link to substack blog post in README
• fe5c01c Add GH actions workflow
• 10ff00c Correctly reexport flow controllers
• becac73 6.2.0
• d38ab32 Include `killed` boolean in command result ([Snyk] Fix for 6 vulnerabilities #250)
• e8f0706 Make --restart-tries restart forever with negative value
• aad79fa 6.1.0
• ecf1c5b Change default text color to reset instead of gray.dim
• 70b92da Run npm audit fix
• ccb6b8d 6.0.2
• 330cf92 Fix input handler when input contains a colon ([Snyk] Fix for 4 vulnerabilities #269)
• 7710c21 Update lodash package ([Snyk] Fix for 4 vulnerabilities #271)
• e36e8c1 6.0.1
• 9fa0544 Fix cwd option not overwriting per command if specified in programmatic usage ([Snyk] Fix for 4 vulnerabilities #266)
• 343d1ab 6.0.0

See the full diff

Package name: karma

The new version differs by 195 commits.

• a4d5bdc chore: release v3.0.0
• 75f466d chore: release v2.0.6
• 5db9399 chore: update contributors
• eb3b1b4 chore(deps): update mime -> 2.3.1 (#3107)
• 732396a fix(travis): Up the socket timeout 2->20s. (#3103)
• 173848e Remove erroneous change log entries for 2.0.3
• 1002569 chore(ci): drop node 9 from travis tests (#3100)
• 02f54c6 fix(server): Exit clean on unhandledRejections. (#3092)
• 0fdd8f9 chore(deps): update socket.io -> 2.1.1 (#3099)
• 90f5546 fix(travis): use the value not the key name. (#3097)
• fba5d36 fix(travis): validate TRAVIS_COMMIT if TRAVIS_PULL_REQUEST_SHA is not set. (#3094)
• 56fda53 fix(init): add "ChromeHeadless" to the browsers' options (#3096)
• f6d2f0e fix(config): Wait 30s for browser activity per Travis. (#3091)
• a58fa45 fix(travis): Validate TRAVIS_PULL_REQUEST_SHA rather than TRAVIS_COMMIT. (#3093)
• 88b977f fix(config): wait 20s for browser activity. (#3087)
• 94a6728 chore: remove support for node 4, update log4js (#3082)
• c5dc62d docs: better clarity for API usage
• 0018947 chore: release v2.0.5
• 02dc1f4 chore: update contributors
• dc7265b fix(browser): ensure browser state is EXECUTING when tests start (#3074)
• 7617279 refactor(filelist): rename promise -> lastCompletedRefresh and remove unused promise (#3060)
• a701732 fix(doc): Document release steps for admins (#3063)
• 93ba05a fix(middleware): Obey the Promise API.
• 518cb11 fix: remove circular reference in Browser

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)