[Snyk] Fix for 1 vulnerabilities

[chriswrightdesign]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: concurrently

The new version differs by 106 commits.

• 105445c 6.2.2
• 875d375 Fix linting
• 7263ffe Remove read-pkg
• 8bcdf7f ci: add missing parallel coverage reporting step
• 24e51ad Add coveralls badge to readme
• b16585f ci: readd coveralls reporting
• 0bc490f 6.2.1
• c295062 Stop reading from stdin after programmatic API finishes (#253)
• 07a7de1 Update links to new GH org and remove travis+appveyor (#285)
• f574848 Fix link to substack blog post in README
• fe5c01c Add GH actions workflow
• 10ff00c Correctly reexport flow controllers
• becac73 6.2.0
• d38ab32 Include `killed` boolean in command result (#250)
• e8f0706 Make --restart-tries restart forever with negative value
• aad79fa 6.1.0
• ecf1c5b Change default text color to reset instead of gray.dim
• 70b92da Run npm audit fix
• ccb6b8d 6.0.2
• 330cf92 Fix input handler when input contains a colon (#269)
• 7710c21 Update lodash package (#271)
• e36e8c1 6.0.1
• 9fa0544 Fix cwd option not overwriting per command if specified in programmatic usage (#266)
• 343d1ab 6.0.0

See the full diff

Package name: cross-env

The new version differs by 1 commits.

• 61ebf59 fix: bumped cross-spawn to version 7.0.0 (test: Temporarily disable import/no-import-module-exports kentcdodds/kcd-scripts#211)

See the full diff

Package name: eslint

The new version differs by 250 commits.

• 3dd6741 7.0.0
• 9a722f9 Build: changelog update for 7.0.0
• b98d8bd Upgrade: eslint-release@2.0.0 (#13271)
• 4c0b028 Fix: remove Node.js and CommonJS category from build process (#13242)
• 401a687 Chore: fix rules list for prereleases (#13230)
• 4ef6158 Breaking: espree@7.0.0 (#13270)
• b5c8d73 Docs: update 7.0.0 migration guide for consistency (#13267)
• 356fdb4 Docs: add migration guide (#12692)
• 015edf6 Sponsors: Sync README with website
• fdfa364 7.0.0-rc.0
• 8d1b4db Build: changelog update for 7.0.0-rc.0
• 0b1d65a Update: Improve report location for array-callback-return (refs #12334) (#13109)
• d85e291 Fix: yoda left string fix for exceptRange (fixes #12883) (#13052)
• 2ce6bed Chore: added tests for nested arrays (#13145)
• d3aac53 Update: report backtick loc in no-unexpected-multiline (refs #12334) (#13142)
• 8e7a2d9 Fix: func-call-spacing "never" reports wrong message (fixes #13190) (#13193)
• bcafd0f Update: Add ESLint API (refs New: ESLint Class Replacing CLIEngine eslint/rfcs#40) (#12939)
• 3eeae56 Upgrade: some (dev) deps (#13155)
• 6b7030b Chore: Run tests on Node.js v14 (#13210)
• ebc28d7 Fix: Remove default .js from --ext CLI option (#13176)
• 5c1bdeb Update: Improve report location for getter-return (refs #12334) (#13164)
• 56d2bee Docs: fix typos (#13204)
• e13256e Chore: use espree.latestEcmaVersion in config-initializer (#13157)
• e4f57b7 Chore: add nested array tests for array-element-newline (#13161)

See the full diff

Package name: eslint-config-kentcdodds

The new version differs by 110 commits.

• bd7ef58 fix: disable a few rules that were annoying
• c609ea4 fix(jest): only apply jest rules to jest files
• 1f162d6 fix: upgrade deps and drop webpack
• 0dc22bf feat: update dependencies (Add support for custom scripts kentcdodds/kcd-scripts#106)
• 17396fc feat: update dependencies & add new rules ([pre-commit] Fails when passing environment to test script kentcdodds/kcd-scripts#105)
• 8e5673c fix: disable conflicting rule
• be401e4 docs: add silviuaavram as a contributor (add types for jest kentcdodds/kcd-scripts#102)
• 472f024 docs: mention tthe typescript parser and plugin as dependencies (Prettier kentcdodds/kcd-scripts#101)
• 9dd3be3 chore: add tests for Node 16 (Update dependencies kentcdodds/kcd-scripts#99)
• 4858d1e feat: update eslint-plugin-testing-library (Fix/locate all prettier configs kentcdodds/kcd-scripts#97)
• 6f2fc42 feat: update dependencies & add new rule (format does not recognize all prettier config formats. kentcdodds/kcd-scripts#96)
• bce0535 feat: Update dependencies & add new rule (docs: add coderberry as a contributor kentcdodds/kcd-scripts#95)
• b27d0f0 feat: Update dependencies & add new rules (Add CodeFund sponsorship message to README kentcdodds/kcd-scripts#94)
• 00ede68 fix(ts): update ts stuff
• e6ee710 feat: update to latest of deps and disable annoying rules
• cd701d6 fix: disable another troublesome rule
• c83e9dc fix: disable some rules that I have found to be annoying
• 0b584af fix: configure new rules
• 03bad6c fix(react): disable some rules
• b8a3c69 fix: add no-unsafe-optional-chaining as an error
• c9ca92b chore: rename to main
• 8a53ff5 feat(jest): add jest-dom/prefer-to-have-value
• bdba9b6 chore: Add 'Cancel Previous Runs' step (Add support for vue files kentcdodds/kcd-scripts#92)
• 20d340b feat: update deps

See the full diff

Package name: read-pkg-up

The new version differs by 20 commits.

• c4f8985 8.0.0
• e6fbe7f Require Node.js 12 and move to ESM
• 021b1ec Move to GitHub Actions ([Snyk] Fix for 2 vulnerabilities #16)
• c92040f 7.0.1
• d96ce60 Readme tweaks
• 69983fc Tidelift tasks
• 83476ad 7.0.0
• 4406073 Update dependencies
• 8140c73 Rename `.package` to `.packageJson`
• 9ecaa3e Tidelift tasks
• e473d2a Create funding.yml
• 5267672 6.0.0
• 1c15896 Rename `pkg` property to `package`, return `undefined` instead of empty object, add TypeScript definition ([Snyk] Fix for 1 vulnerabilities #10)
• 2c1d52f Add Node.js 12 to testing ([Snyk] Fix for 1 vulnerabilities #9)
• d8d5100 5.0.0
• 4412fe2 Require Node.js 8
• 5bb0a79 Upgrade `read-pkg` to v4 ([Snyk] Security upgrade eslint-config-kentcdodds from 13.0.1 to 19.0.0 #7)
• ecb0795 4.0.0
• c8bc094 Meta tweaks
• 7d66254 Require Node.js 6 ([Snyk] Fix for 1 vulnerabilities #5)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)