[Snyk] Fix for 2 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	490/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-RAMDA-1582370	Yes	No Known Exploit
	748/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.1	Improper Privilege Management SNYK-JS-SHELLJS-2332187	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: eslint-plugin-mocha

The new version differs by 141 commits.

• b2d8c9e 6.3.0
• b91a2f8 Update dependencies
• c470a3d Merge pull request #238 from lo1tuma/fix-nested
• a18680d Merge pull request #239 from lo1tuma/fix-top-level
• 2633908 Fix max-top-level-suites to ignore generated suites
• 46f716d no-hooks-for-single-case: fix false postive in nested suites
• 1c3a545 Merge pull request #237 from lo1tuma/template-strings
• 6255546 Check static template strings in valid-test-description and valid-suite-description
• 7eea93d Merge pull request #236 from lo1tuma/no-hooks-option
• 8778d96 no-hooks: add option to allow certain kind of hooks
• 36c9e67 Merge pull request #235 from brettz9/nondeprecated-rule-format
• 471e354 Switch to nondeprecated eslint rule format
• 8cf8640 Merge pull request #234 from brettz9/schemas-for-options
• c1f8049 Merge pull request #229 from brettz9/recommended-rules
• fdb3843 - Remove regex literal argument; simplify
• 68a3c07 - Add schemas for options (and remove for files which are using settings)
• 04cdbaa - Indicate whether rule is recommended (also put into table along with info on whether "fixable")
• 6ac703b Merge pull request #233 from brettz9/options-in-docs
• 347d544 Merge pull request #232 from brettz9/regexp-u-flags
• 57add13 Merge pull request #231 from brettz9/doc-highlighting
• 07948bd Merge pull request #230 from brettz9/package-lock
• a147956 Merge pull request #228 from brettz9/fixable
• f8141df Merge pull request #226 from cruzdanilo/master
• bdad369 Merge pull request #227 from brettz9/patch-1

See the full diff

Package name: shelljs

The new version differs by 32 commits.

• 70668a4 0.8.5
• d919d22 fix(exec): lockdown file permissions (#1060)
• fcf1651 0.8.4
• a1111ee Silence potentially upcoming circular dependency warning (#973)
• d4d1317 0.8.3
• db317bf Add test case for sed on empty file (#904)
• 0d5ecb6 docs(changelog): updated by Nate Fischer [ci skip]
• 6b3c7b1 refactor: don't expose tempdir in common.state (#903)
• 4bd22e7 chore(ci): fix codecov on travis (#897)
• 2b3b781 fix: silent exec (#892)
• 37acb86 chore(npm): add ci-or-install script (#896)
• 4e861db chore(appveyor): run entire test matrix (#886)
• d079515 docs: remove gitter badge (#880)
• 4113a72 grep includes the i flag (#876)
• 8dae55f Fix(which): match only executable files (#874)
• 6d66a1a chore: rename some tests (#871)
• 131b88f Fix cp from readonly source (#870)
• 1dd437e fix(mocks): fix conflict between mocks and skip (#863)
• 72ff790 chore: bump dev dependencies and add package-lock (#864)
• 93bbf68 Prevent require-ing bin/shjs (#848)
• aa9d443 chore: output npm version in travis (#850)
• 4733a32 chore(appveyor): do not use latest npm (#847)
• dd5551d chore: update shelljs-release version (#846)
• 97a4df8 docs(changelog): updated by Nate Fischer [ci skip]

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic