[Snyk] Fix for 8 vulnerabilities

[vchacin]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	619/1000 Why? Has a fix available, CVSS 8.1	Prototype Pollution SNYK-JS-AJV-584908	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-COOKIEJAR-3149984	Yes	Proof of Concept
	644/1000 Why? Has a fix available, CVSS 8.6	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	Yes	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASH-1040724	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Prototype Pollution SNYK-JS-MINIMIST-2429795	No	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-MINIMIST-559764	No	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Prototype Poisoning SNYK-JS-QS-3153490	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: bitly

The new version differs by 8 commits.

• 55fa675 Version bump because ugh
• 437a27d Fixing for release (How to pass a sketch in Editor URL hydra-synth/hydra#76)
• 6b1a563 Remove email
• 93f90bc New release branch (Error in function freezes editor hydra-synth/hydra#75)
• cb8d6dd Merge in release branch
• 10db6f2 fixes readme example code (Add video recorder functionality hydra-synth/hydra#67)
• 95bf73b point to typescript typings (Revert "Remove generated files from Git" hydra-synth/hydra#66)
• 7c9e97e Re-organising how releases are done

See the full diff

Package name: p5

The new version differs by 250 commits.

• 465fcae Merge branch 'master' of github.com:processing/p5.js
• 7354e3c Release v0.7.0
• 6f3cc98 Update release_process.md
• 140f10e Update release_process.md
• 258bbae Update release_process.md
• a54ba3b Update release_process.md
• 2805618 Update release_process.md
• 76ac7d3 Merge branch 'master' of github.com:processing/p5.js
• cbae780 fixing documentation for curvePoint closes #3108
• b7485c6 Merge pull request #3122 from Spongman/check-const-docs
• 61c4cc7 Merge pull request #3124 from Spongman/npm-run-dev
• 6df2449 saving speed if set before video is loaded, fixes #3113
• e4cf0e8 updating drop examples closes #3117
• e08f28d documenting loadedmetadata property for capture element closes #3123
• 4ffbf4f updating contributors in readme
• 696756a resolving merge ocnflict in dev docs
• c9fe810 Update aidannelson_gsoc_2018.md
• 28420a1 Update README.md
• c6b0903 Merge pull request #3133 from AidanNelson/add-wpr
• b4e3335 Merge pull request #3134 from Zalastax/lint-fix
• cc5d3f8 Fix linter errors
• 797787f add wpr
• 8b013d2 Merge pull request #3115 from Spongman/add-valign-sample
• 06fb24e Merge pull request #3128 from shinytang6/master

See the full diff

Package name: twilio

The new version differs by 183 commits.

• 07891d5 Release 3.41.0
• 3120c68 [Librarian] Regenerated @ b99d9f1d3667442d965805ac71bf6185ee04b82c
• c76264e fix: remove the lock file since this is a library
• d073d8c fix: Page JSON parsing and integration tests (#546)
• ef0d339 fix: add overloaded TS definitions for non-required params (#545)
• 465d158 fix: Add method overload to VoiceResponse.prototype.play (#544)
• 747a091 fix: don't re-parse parsed JSON (#543)
• 6266910 feat: migrate from deprecated request module to axios (#542)
• 5249e3b [Librarian] Regenerated @ ee964c66599ebcd125eb411ba410bde1e62b3503
• ad2e98b Release 3.40.0
• ec54ee2 [Librarian] Regenerated @ ee964c66599ebcd125eb411ba410bde1e62b3503
• 5a65128 docs: add url parameter documentation in twilio.webhook() (#541)
• 6d96611 fix: proper indentation (#534)
• 3b07aca docs: guide for enabling lazy loading (#532)
• 25ec77d feat: Faster requiring using optional lazy loading (#526)
• deca8ff Release 3.39.5
• f8f368c [Librarian] Regenerated @ 59055a0e4517ecbe8ab584e0f9b38f2a70cd94a8
• 3d0e4a1 Release 3.39.4
• 2d7f7fa [Librarian] Regenerated @ 0d359fdcea150a7f3ec36771ffeb0bd2bf34ea1d
• 412b484 [Librarian] Regenerated @ d279b32f822f241b774d58939b2c4c04ca4152e9
• 1294266 [Librarian] Regenerated @ d279b32f822f241b774d58939b2c4c04ca4152e9
• 0d96c5b [Librarian] Regenerated @ d279b32f822f241b774d58939b2c4c04ca4152e9
• 1286866 [Librarian] Regenerated @ d279b32f822f241b774d58939b2c4c04ca4152e9
• 548eed3 [Librarian] Regenerated @ d279b32f822f241b774d58939b2c4c04ca4152e9

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution
🦉 Regular Expression Denial of Service (ReDoS)
🦉 Command Injection