[Snyk] Fix for 2 vulnerabilities

[huevoncito]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	324/1000 Why? Has a fix available, CVSS 2.2	Uninitialized Memory Exposure npm:utile:20180614	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: prompt

The new version differs by 33 commits.

• fbf6dac 1.2.0
• fef3933 Move off abandoned utile dependency #213
• 33febea add eslint
• c071b85 Merge pull request #198 from caub/1.1
• 88c403e 1.1.0
• 756fa65 Fix inconsistent options.noHandleSIGINT for windows
• 8d5495c Merge pull request #196 from caub/promisify
• 33ddf56 prompt.get promise: add test, update readme
• b92a9a9 promisify prompt.get
• 0ff93b6 Merge pull request #184 from dsych/windows-sigint
• 9e80863 triggering sigint on windows
• 1c95d1d Merge pull request bug:preserve db owner on new db XervoIO/cli#171 from blahah/master
• 65ac6e2 Merge pull request #172 from Shank09/Shank09-package.json
• d03edd0 Added missing keywords in package.json
• df42a26 Respect falsy overrides (fixes Add project update command XervoIO/cli#151)
• b732102 Merge pull request Migrating an org DB clones new DB under user account XervoIO/cli#169 from jordanyaker/master
• 6ebf54a Removed the pkginfo dependency. Updated the required version of winston.
• 7d1a28f Removed the pkginfo dependency.
• d550674 Merge pull request Style/standard XervoIO/cli#163 from Eagerod/fixer/add-properties
• 9b5f65b Added a test addProperties() with no parameters.
• fb83773 Fixed an issue where the first parameter in a callback would not be the
• e7b5449 Merge pull request Problem just after uploading the project XervoIO/cli#121 from rubbingalcoholic/master
• e493cb8 Merge pull request Fix for 4 vulnerable dependency paths XervoIO/cli#153 from devrelm/devrelm.function-defaults
• 3046431 Merge pull request Error while deploying meteor application.  XervoIO/cli#156 from littleguga/master

See the full diff

Package name: request

The new version differs by 92 commits.

• f422111 2.80.0
• bce66a5 Merge pull request #2571 from JamesMGreene/fix_ipv6_host_header
• ff6d6c6 Correctly format the Host header for IPv6 addresses
• 667e923 Merge pull request #2558 from request/FredKSchott-patch-1
• 6862553 Merge pull request #2221 from calamarico/change_readme
• 8d78bd0 Update README.md example snippet
• 60f6a00 Merge pull request #2452 from nicjansma/master
• da077f7 Merge pull request #2553 from request/issue-template
• 921ebee small change to template wording
• 256deea add ISSUE_TEMPLATE, move PR template
• fec1f2b reorder PULL_REQUEST_TEMPLATE sections
• 2046cf3 Merge pull request #2539 from request/FredKSchott-patch-1
• 0ea3d47 Merge pull request #2524 from request/greenkeeper-caseless-0.12.0
• 3f57975 Use performance-now instead of custom solution
• a9ad38a Ensure only the properties we expect are there
• d9e8c3d Added deprecated notes
• a60be68 Create PULL_REQUEST_TEMPLATE.md
• 223f44b Merge pull request #2460 from OwnageIsMagic/patch-1
• d40f9af Merge pull request #2514 from humphd/package.json-keywords
• dfd777a chore(package): update caseless to version 0.12.0
• 4901f96 Change tags to keywords in package.json
• f009af2 Merge pull request #2492 from addaleax/lenient-gzip
• 71081b6 More lenient gzip decompression
• 21e315d Removed extra space

See the full diff

Package name: update-notifier

The new version differs by 21 commits.

• 492c21e 2.3.0
• 3eaa793 Force bump `boxen` dependency
• 70b8248 package.json indentation
• 97d0b97 Add is-installed-globally for auto-detection (Failed authorization error could be more informative XervoIO/cli#114)
• 6008ccf Meta tweaks
• 6f2b074 Move to AVA for testing (Problem just after uploading the project XervoIO/cli#121)
• 4bfb8b4 Update chalk to 2.0.1 (Throw error if deploying Meteor project to Node.js runtime XervoIO/cli#117)
• adf7af0 2.2.0
• d032e12 Bail if notify is disabled (Meteor 1.3.2.2 with Modulus@6.0.0 XervoIO/cli#110)
• 1055d57 Meta tweaks
• e2f9233 Add npm as »reference« (Cannot deploy meteor application with "Runtime Meteor" XervoIO/cli#108)
• 86ca238 2.1.0
• 607d3c9 Add option to exclude `-g` argument from default update message (Cannot find module when deploying Meteor 1.3 XervoIO/cli#105)
• d295cf3 2.0.0
• fda96b6 ES2015ify
• ac47d69 Improve readme
• f1de1bf Update dependencies
• 01fcd25 Bump minimum supported `node` version to `node@4`. (remove automatic demeteorization XervoIO/cli#102)
• e36671d 1.0.3
• d66245c Exit process on SIGINT (Error when deploying meteor application from CLI XervoIO/cli#98)
• 384e846 get tests passing on Travis CI with latest xo, etc (Update package.json. XervoIO/cli#97)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)