[Snyk] Fix for 2 vulnerabilities

[stephanbit]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	Yes	No Known Exploit
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncontrolled resource consumption

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@babel/code-frame@7.24.2	environment	+8	149 kB	nicolo-ribaudo
npm/@babel/generator@7.24.5	None	+3	624 kB	nicolo-ribaudo
npm/@babel/helper-environment-visitor@7.22.20	None	0	6.56 kB	nicolo-ribaudo
npm/@babel/helper-module-transforms@7.24.5	Transitive: environment, filesystem, unsafe	+25	3.11 MB	nicolo-ribaudo
npm/@babel/helper-plugin-utils@7.24.5	None	0	130 kB	nicolo-ribaudo
npm/@babel/helper-simple-access@7.24.5	None	0	14.1 kB	nicolo-ribaudo
npm/@babel/parser@7.24.5	None	0	1.89 MB	nicolo-ribaudo
npm/@babel/template@7.24.0	None	0	68.9 kB	nicolo-ribaudo
npm/@babel/types@7.24.5	environment	+3	2.5 MB	nicolo-ribaudo
npm/@jridgewell/sourcemap-codec@1.4.15	None	0	45.9 kB	jridgewell
npm/@jridgewell/trace-mapping@0.3.25	None	+1	222 kB	jridgewell
npm/@nodelib/fs.stat@2.0.5	filesystem	0	11.8 kB	mrmlnc
npm/ansi-styles@4.3.0	None	+2	50.9 kB	sindresorhus
npm/anymatch@3.1.3	None	0	9.65 kB	phated
npm/ava@2.4.0	environment, filesystem Transitive: eval, network, shell, unsafe	+196	9.29 MB	novemberborn
npm/braces@3.0.2	None	0	49.2 kB	doowb
npm/chokidar@3.6.0	environment, filesystem	+4	292 kB	paulmillr
npm/commander@2.3.0	shell	0	25.8 kB	somekittens
npm/convert-source-map@1.9.0	filesystem	0	11.4 kB	thlorenz
npm/debug@4.3.4	environment	+1	49.2 kB	qix
npm/end-of-stream@1.4.4	None	0	6.23 kB	mafintosh
npm/fastq@1.17.1	None	+1	51.4 kB	matteo.collina
npm/fill-range@7.0.1	None	0	16.4 kB	jonschlinkert
npm/find-up@4.1.0	Transitive: filesystem	+3	29.4 kB	sindresorhus
npm/glob-parent@5.1.2	None	0	12.1 kB	phated
npm/gulp@5.0.0	Transitive: environment, filesystem, shell, unsafe	+39	516 kB	phated
npm/ini@1.3.5	None	0	8.93 kB	isaacs
npm/is-fullwidth-code-point@3.0.0	None	0	4.99 kB	sindresorhus
npm/is-glob@4.0.3	None	+1	19.8 kB	phated
npm/js-tokens@4.0.0	None	0	15.1 kB	lydell
npm/js-yaml@3.13.1	eval Transitive: environment, filesystem	+3	749 kB	vitaly
npm/load-json-file@5.3.0	Transitive: environment, filesystem	+3	48.2 kB	sindresorhus
npm/lodash@4.17.21	None	0	1.41 MB	bnjmnt4n
npm/merge2@1.4.1	None	0	8.9 kB	zensh
npm/micromatch@4.0.5	None	0	55.9 kB	jonschlinkert
npm/mime-types@2.1.24	None	+1	204 kB	dougwilson
npm/ms@2.1.3	None	0	6.72 kB	styfle
npm/p-limit@2.3.0	None	+1	11.8 kB	sindresorhus
npm/path-parse@1.0.7	None	0	4.51 kB	jbgutierrez
npm/path-type@4.0.0	filesystem	0	5.41 kB	sindresorhus
npm/picomatch@2.3.1	None	0	90 kB	mrmlnc
npm/read-pkg-up@3.0.0	Transitive: filesystem	+6	28.1 kB	sindresorhus
npm/read-pkg@3.0.0	Transitive: filesystem	+3	14 kB	sindresorhus
npm/resolve-from@5.0.0	filesystem, unsafe	0	5.82 kB	sindresorhus
npm/resolve@1.22.8	environment, filesystem	+4	225 kB	ljharb
npm/rimraf@2.7.1	filesystem Transitive: environment	+3	35.6 kB	isaacs
npm/semver@6.3.1	None	0	68.3 kB	lukekarrys
npm/signal-exit@3.0.2	None	0	9.43 kB	isaacs
npm/string-width@4.2.3	None	+2	57.4 kB	sindresorhus
npm/strip-ansi@5.2.0	None	+1	9.34 kB	sindresorhus
npm/supports-color@7.2.0	None	+1	11.5 kB	sindresorhus
npm/to-regex-range@5.0.1	None	0	22.9 kB	jonschlinkert
npm/yargs-parser@10.1.0	environment	+1	52.8 kB	bcoe
npm/yargs@16.2.0	environment, filesystem	0	286 kB	oss-bot

🚮 Removed packages: npm/abbrev@1.1.1, npm/aproba@1.2.0, npm/async-each@1.0.3, npm/ava@0.25.0, npm/camelcase@2.1.1, npm/console-control-strings@1.1.0, npm/convert-source-map@1.6.0, npm/debug@3.2.6, npm/detect-libc@1.0.3, npm/find-cache-dir@1.0.0, npm/get-value@2.0.6, npm/gulp@4.0.2, npm/has-flag@2.0.0, npm/iconv-lite@0.4.24, npm/is-ci@1.2.1, npm/is-stream@1.1.0, npm/kind-of@6.0.2, npm/lodash@4.17.15, npm/normalize-path@2.1.1, npm/object-keys@1.1.1, npm/os-locale@1.4.0, npm/path-parse@1.0.6, npm/process-nextick-args@2.0.1, npm/regex-not@1.0.2, npm/remove-trailing-separator@1.1.0, npm/repeat-string@1.6.1, npm/resolve-from@3.0.0, npm/set-blocking@2.0.0, npm/set-value@2.0.1, npm/split-string@3.1.0, npm/to-regex@3.0.2, npm/which-module@1.0.0

View full report↗︎