[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/slate-tools/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: eslint

The new version differs by 250 commits.

• 3dd6741 7.0.0
• 9a722f9 Build: changelog update for 7.0.0
• b98d8bd Upgrade: eslint-release@2.0.0 (#13271)
• 4c0b028 Fix: remove Node.js and CommonJS category from build process (#13242)
• 401a687 Chore: fix rules list for prereleases (#13230)
• 4ef6158 Breaking: espree@7.0.0 (#13270)
• b5c8d73 Docs: update 7.0.0 migration guide for consistency (#13267)
• 356fdb4 Docs: add migration guide (#12692)
• 015edf6 Sponsors: Sync README with website
• fdfa364 7.0.0-rc.0
• 8d1b4db Build: changelog update for 7.0.0-rc.0
• 0b1d65a Update: Improve report location for array-callback-return (refs #12334) (#13109)
• d85e291 Fix: yoda left string fix for exceptRange (fixes #12883) (#13052)
• 2ce6bed Chore: added tests for nested arrays (#13145)
• d3aac53 Update: report backtick loc in no-unexpected-multiline (refs #12334) (#13142)
• 8e7a2d9 Fix: func-call-spacing "never" reports wrong message (fixes #13190) (#13193)
• bcafd0f Update: Add ESLint API (refs New: ESLint Class Replacing CLIEngine eslint/rfcs#40) (#12939)
• 3eeae56 Upgrade: some (dev) deps (#13155)
• 6b7030b Chore: Run tests on Node.js v14 (#13210)
• ebc28d7 Fix: Remove default .js from --ext CLI option (#13176)
• 5c1bdeb Update: Improve report location for getter-return (refs #12334) (#13164)
• 56d2bee Docs: fix typos (#13204)
• e13256e Chore: use espree.latestEcmaVersion in config-initializer (#13157)
• e4f57b7 Chore: add nested array tests for array-element-newline (#13161)

See the full diff

Package name: inquirer

The new version differs by 149 commits.

• 65a4d59 Publish
• e2099ed Update dependencies
• 8270551 Produce error on prompt in non-tty environment. (How to add a new section to the "[+] Add section" menu Shopify/slate#891)
• 6a883e6 Update lint-staged to the latest version 🚀 (Added more descriptive info about push classes Shopify/slate#886)
• 4b8b47f Publish
• 833385b Workaround node.js bug with readline (Liquid error could not find asset snippits/collection-grid-item.liquid Shopify/slate#882)
• ee55149 Add inquirer-table-prompt plugin (Why are images being lost & replaced by the placeholder when Slate is deployed? Shopify/slate#884)
• 942908f Publish
• a70ee52 Revert "Workaround node.js bug that closes main input and output stream. (Improve Shopify <-> Slate authentication Shopify/slate#879)" (Format Script fails Shopify/slate#881)
• 0bc1b01 Publish
• 3d0ff8c Workaround node.js bug that closes main input and output stream. (Improve Shopify <-> Slate authentication Shopify/slate#879)
• 7ec6ea0 Publish
• e2e07e3 Fix Inline SVGs with beta 12 Shopify/slate#862 - Do not throw when returning undefined from filter functions
• af16d5b Fix Need way to override domains in external URLs by defining them in slate.config.js Shopify/slate#845 - Fix broken asynchronous validation
• 904e473 fix multi rawList bug (Slate Commands no longer running after node upgrade Shopify/slate#861) (@shopify/liquid-loader Shopify/slate#867)
• 45af563 Bugfix: Choices.push() breaks index if a disabled item was already in the Choices ((ssl-check) ERROR: "\r" is not a valid hostname or IP Shopify/slate#869)
• 8248ee5 Update Readme: Add FOSSA check and remove Node 6 support notice.
• 05f34b6 Bump dependencies
• f04c5cf Remove broken unit tests
• 3ab4549 Add new editor prompt
• 6a2aa06 Add screenshots to mono repo package readmes
• d76c929 Refactor new expand prompt with the hooks
• 7cf9d99 Fix input prompt final answer formatting
• c172c75 Update new confirm prompt to use the hook API

See the full diff

Package name: stylelint

The new version differs by 250 commits.

• cf2f45f 13.7.0
• 797cc84 Prepare 13.7.0
• fb4287c Prepare changelog
• d725b88 Update dependencies
• 9401f56 Update CHANGELOG.md
• 2b7e8ad Deprecate *-blacklist/*-requirelist/*-whitelist (#4892)
• 181f3d9 Fix some path / glob problems (#4867)
• 3cfc658 Update CHANGELOG.md
• 0a17b64 Add a reportDescriptionlessDisables flag (#4907)
• 5446be2 Fix CHANGELOG.md format via Prettier (#4910)
• 260e743 Fix callbacks in tests (#4903)
• d0a150e Update CHANGELOG.md
• 2c4d77f Fix false positives for trailing combinator in selector-combinator-space-after (#4878)
• e2da124 Add coc-stylelint (#4901)
• fd1875d Update CHANGELOG.md
• e124033 Add support for *.cjs config files (#4905)
• 858dcd5 Add a reportDisables secondary option (#4897)
• 40e60ce Support multi-line disable descriptions (#4895)
• 03f494d faster levenshtein (#4874)
• a5b8277 Update CHANGELOG.md
• 9e1edfa Fix TypeError for custom properties fallback in length-zero-no-unit (#4860)
• 1e52251 Update CHANGELOG.md
• 53f5c18 Add autofix to *-no-vendor rules (#4859)
• 23c0e81 Bump @ stylelint/postcss-css-in-js from 0.37.1 to 0.37.2 (#4888)

See the full diff

Package name: webpack-hot-middleware

The new version differs by 90 commits.

• e140693 2.25.1
• 3d5018a Merge pull request Slate tools refactor Shopify/slate#413 from nttibbetts/replace-ansi-html
• 90551e5 use public npm registry, not private one
• adeeade fix: replace ansi-html with ansi-html-community to fix vulnerability
• f0ffa4c Resolve weird desync in package lock
• 0f5e3e9 Use old-style require syntax to keep the linter happy
• aa38d42 Bump ansi/html encoding deps
• 2c31df1 Bump example dependencies
• d156bbc Simplify CI setup
• 0635d00 Replace istanbul with nyc
• 04fa8c8 Apply prettier formatting updates
• b81cfd5 Update eslint and prettier
• c98216a Upgrade test dependencies
• cb29abb 2.25.0
• bbffbe6 Merge branch 'master' of github.com:webpack-contrib/webpack-hot-middleware
• 82dd483 Merge pull request Using Ampersand does nothing in theme.scss Shopify/slate#360 from jimblue/master
• e2b49ff improved client overlay style
• c430265 2.24.4
• fe33d59 Merge pull request Prefix mixin conditionals were not supporting 'all', fixed to allow Shopify/slate#355 from okcoker/ansi-color-fix
• 331ad96 Merge branch 'master' into ansi-color-fix
• f6609e4 Bump deps to sort audit out
• e605d10 Fix ansi colors
• 036bf30 Merge pull request Updated Apple Pay icon Shopify/slate#354 from Hacksign/master
• f2b477d Resolve Code under example folder do not work. webpack-contrib/webpack-hot-middleware#353

See the full diff

Package name: yargs

The new version differs by 172 commits.

• aa09faf chore: release 15.0.1 (#1480)
• 6a9ebe2 fix(deps): cliui, find-up, and string-width, all drop Node 6 support (#1479)
• 5cc2b5e chore: release 15.0.0 (#1462)
• 62a114a force build
• 1840ba2 feat: expose `Parser` from `require('yargs/yargs')` (#1477)
• afd5b48 fix(docs): update boolean description and examples in docs (#1474)
• c10c38c feat(deps)!: yargs-parser now throws on invalid combinations of config (#1470)
• 0cba424 build: switch to release-please for releases (#1471)
• 445bc58 chore: update engines to note Node 6 is dropped (#1469)
• 52d875a test: add additional test for 1459
• 12c82e6 fix: stop-parse was not being respected by commands (#1459)
• b4812ac test: add tests for argsert warning to display positional information (#1468)
• 10f10ee test: cover missing filter arg in obj-filter (#1467)
• cb0396f build: switch to c8 for coverage (#1464)
• ebee59d fix!: update to yargs-parser with fix for array default values (#1463)
• 5120aec test: adds missing array choice regression test (#1447)
• 2ba8ce0 chore!: drop Node 6 support (#1461)
• cb64329 build: configure release-please
• 0d3642b refactor!: remove package.json-based parserConfiguration (#1460)
• 9adf22e doc(webpack): webpack example (#1436)
• 7e1c8fc Add missing french translation (#1456)
• b1b156a fix(docs): TypeScript import to prevent a future major release warning (#1441)
• bc3c4d1 chore(release): 14.2.0
• 4d21520 feat(deps): introduce yargs-parser with support for unknown-options-as-args (#1440)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic