[Snyk] Fix for 1 vulnerabilities

[patooworld]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	144/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.01055, Social Trends: No, Days since published: 0, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.39, Score Version: V5	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: karma

The new version differs by 103 commits.

• 42933c9 chore: release v4.2.0
• db1ea57 chore: update contributors
• a1049c6 chore: update eslint packages to latest and fix complaints (#3312)
• 70b72a9 fix(logging): Util inspect for logging the config. (#3332)
• 1087926 fix typo: (#3334)
• 182c04d fix(reporter): format stack with 1-based column (#3325)
• f0c4677 docs(travis): Correct the docs to also show how to do it on Xenial (#3316)
• 3aea7ec chore(deps): update core-js -> ^3.1.3 (#3321)
• 5e11340 chore: revert back to Mocha 4 (#3313)
• 1205bce chore(test): fix flaky test cases (#3314)
• 7f40349 Cleanup dependencies (#3309)
• 7828bea chore: update braces and chokidar to latest versions (#3307)
• fe9a1dd fix(server): Add error handler for webserver socket. (#3300)
• 13ed695 chore: release v4.1.0
• d844a48 chore: update contributors
• ce6825f fix(client): Only create the funky object if message is not a string (#3298)
• 7968db6 fix(client): Enable loading different file types when running in parent mode without iframe (#3289)
• 6556ab4 fix(launcher): Log state transitions in debug (#3294)
• 7eb48c5 fix(middleware): log invalid filetype (#3292)
• c7ebf0b chore: release v4.0.1
• c190c4a chore: update contributors
• 375bb5e fix(filelist): correct logger name. (#3262)
• c43f584 fix: remove vulnerable dependency combine-lists (#3273)
• 4ec4f6f fix: remove vulnerable dependency expand-braces (#3270)

See the full diff

Package name: node-sass

The new version differs by 50 commits.

• 7105b0a 5.0.0 (#3015)
• 0648b5a chore: Add Node 15 support (#2983)
• e2391c2 Add a deprecation message to the readme (#3011)
• 6a33e53 chore: Don't upload artifacts on PRs
• d763506 chore: Only run coverage on main repo
• d4ebe72 build(deps): update actions/setup-node requirement to v2.1.2
• 2bebe05 build(deps-dev): bump rimraf from 2.7.1 to 3.0.2
• f877689 chore: Don't double build DependaBot PRs
• b48fac4 chore: Add weekly DependaBot updates
• 91c40a0 Remove deprecated process.sass API
• 1f6df86 Replace lodash/assign in favor of the native Object.assign
• 522828a Remove workarounds for old Node.js versions
• 40e0f00 chore: Remove second NPM badge
• ab91bf6 chore: Remove Slack badge
• 6853a80 chore: Cleanup status badges
• fb1109c chore: Bump minimum engine version to v10
• d185440 chore: Add basic Node version support policy
• db25736 chore: Bump node-gyp to 7.1.0
• 2c5b110 chore: Bump cross-spawn to v7.0.3
• 38b9633 chore: Update Istanbul to NYC
• d63b5bf chore: Bump mocha to v8.1.3
• d0d8865 chore: Skip constructor tests on v14.6+
• ee3984d chore: Hoist test ESLint config
• feee448 chore: Remove disabled and recommended rules

See the full diff

Package name: nodemon

The new version differs by 7 commits.

• 9a67f36 feat: update chokidar to v3
• 6781b40 docs: add license file
• 0e6ba3c fix: wait for all subprocesses to terminate (fixes issue #1476)
• b58cf7d chore: Merge branch 'master'
• 95a4c09 docs: add to faq
• 3a2eaf7 choe: merge master
• 3d90879 chore: add logo to site

See the full diff

Package name: postcss-cli

The new version differs by 103 commits.

• 745ad2c 7.0.0
• cf6ea09 Update eslint config
• ea1cec4 Update eslint-config-problems to version 3.1.0 (Update csdp-introduction.md codefresh-io/cap-docs.codefresh.io#306)
• 1519430 Update globby to version 10.0.1 (CR-9567-POC codefresh-io/cap-docs.codefresh.io#303)
• 5b47456 Update eslint to version 6.8.0 (Update gitops and concepts codefresh-io/cap-docs.codefresh.io#305)
• e241672 Update nyc to version 15.0.0 (Updates codefresh-io/cap-docs.codefresh.io#297)
• 4a87ff1 Update chalk to version 3.0.0 (Proj one deployments codefresh-io/cap-docs.codefresh.io#294)
• e666505 Update prettier to version 1.19.1 (CR-9567 codefresh-io/cap-docs.codefresh.io#304)
• 0d3591a Update ava to version 2.4.0 (Update install and admin topics codefresh-io/cap-docs.codefresh.io#302)
• cb9f451 Update fs-extra to version 8.1.0 (Update csdp-introduction.md codefresh-io/cap-docs.codefresh.io#301)
• 4f68a46 Update chokidar to version 3.3.0 (Update install topics codefresh-io/cap-docs.codefresh.io#300)
• 5c22ddb Update yargs to version 15.0.2 (Add latest updates from Classic codefresh-io/cap-docs.codefresh.io#298)
• 79eb0ac Update get-stdin to version 7.0.0 (Remove ingress-less term from tunnel-based codefresh-io/cap-docs.codefresh.io#273)
• 71384c6 Update Travis config; remove AppVeyor
• 6b92df3 BREAKING: Drop Node 6 & 8; test on new Node versions
• 7091819 6.1.3
• 0de7ccf Fix map file path creation (Proj one testing codefresh-io/cap-docs.codefresh.io#286)
• f1c7352 Update prettier to version 1.18.0 (Proj one deployments codefresh-io/cap-docs.codefresh.io#281)
• 035bab8 Update nyc to version 14.0.0 (Fix x-refs codefresh-io/cap-docs.codefresh.io#274)
• 541048e Update prettier to version 1.17.0 (Update installation.md codefresh-io/cap-docs.codefresh.io#272)
• 8fd79b0 6.1.2
• 72376fc Upgrade prettier to ~1.16.4
• 87a7286 Update globby to v9.0.0 (Update manage monitor topics codefresh-io/cap-docs.codefresh.io#270)
• c079cff Test Node 10 & 11

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncontrolled Resource Consumption ('Resource Exhaustion')

[cr-gpt]

Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information

[patooworld]

Reviewed