[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • scm-ui/ui-scripts/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	758/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-Y18N-1021887	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: webpack

The new version differs by 250 commits.

• f2f998b 5.1.1
• bcd6190 Merge pull request #11704 from webpack/bugfix/delete-asset
• 11935a9 Merge pull request #11703 from webpack/bugfix/11678
• 63ba54c update chunk to files mapping when deleting assets
• 4669600 Merge pull request #11690 from webpack/bugfix/11673
• 234373e Merge pull request #11702 from webpack/deps/terser
• b6bc273 fix infinite loop in inner graph optimization
• 50c3a83 fix unused modules in chunk when optimizing runtime-specific
• 5d9d9b9 fix runtime-specific handling in concatenated modules
• 250e37c add test case
• 7925652 upgrade terser-webpack-plugin
• 27796db Merge pull request #11669 from webpack/dependabot/npm_and_yarn/ts-loader-8.0.5
• bd5aab8 Merge pull request #11692 from webpack/dependabot/npm_and_yarn/babel/core-7.12.0
• 886bbd5 Merge pull request #11693 from webpack/dependabot/npm_and_yarn/react-dom-16.14.0
• 3a14b3d Merge pull request #11694 from webpack/dependabot/npm_and_yarn/react-16.14.0
• ddf9936 chore(deps-dev): bump react from 16.13.1 to 16.14.0
• dc6e69a chore(deps-dev): bump react-dom from 16.13.1 to 16.14.0
• 8f18de9 chore(deps-dev): bump @babel/core from 7.11.6 to 7.12.0
• c0410e8 Merge pull request #11686 from webpack/bugfix/11677
• 4504046 order runtime chunks correctly when they depend on each other
• 74a44cd add comment to help tagging for the bot
• e97efb7 chore(deps-dev): bump ts-loader from 8.0.4 to 8.0.5
• 77329b4 5.1.0
• 48c10f3 Merge pull request #11653 from log2-hwan/fix-moduletemplate-deprecation

See the full diff

Package name: webpack-cli

The new version differs by 250 commits.

• fb50f76 chore(release): publish new version
• 2c75aeb chore: new version of the packages
• 0d05c30 chore(release): publish %s
• 3f9e151 chore: fix lerna config
• 2c1e34c tests(generator): enhance init generator tests (c:\var\cache folder and An illegal reflective access operation has occurred #1236)
• 6ee61b9 Fix loader-generator and plugin-generator tests (SCM SSL problem #1250)
• 52956a2 Fixing the typos and grammatical errors in Readme files (add key value entry inputfield component #1246)
• 7faaed2 chore: update Bug_report & Feature_request Templates (ignore ports on proxy exclusions #1256)
• 7a5b33d feat(webpack-cli): added mode argument (SCM behind apache reverse with SSL  #1253)
• 3715756 tests(webpack-cli): add test case for defaults flag ([Snyk] Upgrade com.fasterxml.jackson.core:jackson-core from 2.11.0 to 2.11.1 #1254)
• a7cba2f chore: project maintanance and typescript fix (fix diff expand error on empty response #1247)
• 7748472 chore: ignore package-lock.json and remove its references (Error in pushing committed files to SCM #1252)
• a014aa7 docs: fix supported arguments & commands link in README (Fixes NullPointerException in update steps #1244)
• 06129a1 feat(webpack-cli): add progress bar for progress flag (More robust management interface or even a CLI ? #1238)
• 6cc6a49 chore: post refactor CLI (Installation redmine plugin fails #1237)
• 358651e chore: move cli under lerna package (Broken links in Markdown #1225)
• 2dc495a fix(init): fix webpack config scaffold (Changeset short link #1231)
• 1ab62d2 tests(generator): add tests for plugin generator (notification plugin installation failed #1235)
• d2dd0c1 tests(sourcemap): fix flaky stats statement (Support for mercurial on python 3 #1232)
• f6dc680 tests(loader-generator): add tests for loader generator (Adds missing content type header to migration wizard #1234)
• 35d1381 tests(generator): enable init generator test (Update required plugins if available on plugin update #1233)
• 66cdcb6 chore(generator): remove transpiled tests (update project metadata in order to fix deb and rpm package information #1229)
• f29a170 fix(init): fix the invalid package name (apt update error - repository/apt-v2-releases stable InRelease' doesn't support architecture 'amd64' #1228)
• 8c3a66d chore(cli): updated changelog of v3 (Check for ports #1224)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.