[Snyk] Fix for 1 vulnerabilities

[enterstudio]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
• package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	858/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 9.3	Authentication Bypass SNYK-JS-HAWK-6969142	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: gulp-less

The new version differs by 6 commits.

• 7d9df97 4.0.0
• cde149b Update accord to support less@3.0.0 - closes Update params in keystore files to be more consistent with geth and parity and/or change to use pbkdf2 MyEtherWallet/etherwallet#269
• 453625a 3.5.0
• d706f87 fix(deps): update accord to version 0.28 (Create Embedded Send Page MyEtherWallet/etherwallet#281)
• 9f9e643 3.4.0
• f58e0f7 Remove gulp-util

See the full diff

Package name: npm

The new version differs by 250 commits.

• c62d0ea 5.10.0
• 9edd48e docs: update changelog for npm@5.10.0
• e33bc08 audit: Timeout audit requests eventually
• 9cb9102 5.10.0-next.1
• dab8d6d update AUTHORS
• ba6f620 doc: update changelog for npm@5.10.0-next.1
• be01b7d test: Change bad url in test in anticipation of aliasing
• 74bcdb8 update: Add parens to clarify order of operations when defaulting where
• 3232699 deps: Fix regexp used to cleanup from fields
• fb99f75 travis: Add node v10
• d6187a9 mailmap: Update with real names
• 1822379 audit: Only report audit as being unsupported on 404 and >= 500
• 35de046 docs: describe what colors in outdated mean
• e0235eb docs: add from field back into git dependencies
• fb7efac makefile: call cache clean with --force
• cf09066 audit: Refuse to run in global mode
• bc3fc55 audit: Verify lockfile integrity before running
• 7d43ddf audit: Exit with non-zero when vulnerabilities are found
• 113e1a3 inflate-shrinkwrap: Infer versions from tarballs to self heal
• 36f9984 shrinkwrap: Prefer computed resolved from dep tree
• aadbf3f audit: Include session and scope in requests
• f9804b1 cmd-list: How else am I supposed to deploy my urns?
• dac6f9b cmd-list: sit booboo, cit
• a6e2f12 audit: Make sure we hide stream errors on background audit submissions

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Authentication Bypass