[Snyk] Fix for 2 vulnerabilities

[terrorizer1980]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	No	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: koa-swagger-decorator

The new version differs by 59 commits.

• 526e8ce refactor: remove js code
• b090f3d Merge branch 'develop' of github.com:Cody2333/koa-swagger-decorator into develop
• e137fec Merge pull request #140 from Cody2333/dependabot/npm_and_yarn/validator-13.7.0
• b45c2a9 build: 1.8.0 fixes #138
• f6b6083 Merge pull request #139 from Caprisone/fix-router-generics
• e8209a4 build(deps): bump validator from 13.6.0 to 13.7.0
• 44dcc4f fix(138): fix for router generics
• 7fbed64 Merge pull request #130 from bulog/patch-2
• a4457d7 chore: update deps
• 55c6086 chore: update deps
• 3f97767 chore: release v1.7.8
• bc8610d chore: update deps
• b2975dd Merge pull request #134 from iamcc/develop
• 90692ec Merge pull request [Snyk] Upgrade typeorm from 0.2.32 to 0.2.41 #1 from iamcc/iamcc-fix-95
• 9c3f42a fix Bump minimist from 1.2.5 to 1.2.6 javieraviles/node-typescript-koa-rest#95
• 44b1393 if the option value is null or an object
• b857f5f Merge pull request #116 from Cody2333/dependabot/npm_and_yarn/handlebars-4.7.7
• ff76f30 Bump handlebars from 4.0.12 to 4.7.7
• e560186 Merge pull request #115 from Cody2333/dependabot/npm_and_yarn/lodash-4.17.21
• 9d4fe64 Merge pull request #117 from Cody2333/dependabot/npm_and_yarn/hosted-git-info-2.8.9
• 06b8c3b Merge pull request #123 from Cody2333/dependabot/npm_and_yarn/urijs-1.19.7
• 9461916 Merge pull request #126 from Cody2333/dependabot/npm_and_yarn/path-parse-1.0.7
• 157d6b1 Merge pull request #128 from Cody2333/dependabot/npm_and_yarn/tar-4.4.19
• 8edb3a2 build(deps): bump tar from 4.4.8 to 4.4.19

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution