[Snyk] Fix for 38 vulnerabilities

[crew-security]

Snyk has created this PR to fix 38 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

• package.json

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

⚠️ Warning

Failed to update the yarn.lock, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Prototype Pollution SNYK-JS-JSONPOINTER-598804	811
	Authentication Bypass SNYK-JS-HAWK-6969142	786
	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	751
	Uninitialized Memory Exposure npm:base64url:20180511	741
	Prototype Pollution SNYK-JS-LODASH-567746	731
	Remote Code Execution (RCE) SNYK-JS-PACRESOLVER-1564857	726
	Server-side Request Forgery (SSRF) SNYK-JS-NETMASK-1089716	706
	Server-side Request Forgery (SSRF) SNYK-JS-NETMASK-6056519	706
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISMYJSONVALID-597165	696
	Prototype Pollution SNYK-JS-LODASH-6139239	696
	Prototype Poisoning SNYK-JS-QS-3153490	696
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	696
	Regular Expression Denial of Service (ReDoS) npm:sshpk:20180409	696
	Arbitrary Code Execution SNYK-JS-ISMYJSONVALID-597167	686
	Prototype Pollution SNYK-JS-LODASH-608086	686
	Prototype Pollution SNYK-JS-Y18N-1021887	686
	Code Injection SNYK-JS-LODASH-1040724	681
	Server-Side Request Forgery (SSRF) SNYK-JS-IP-7148531	646
	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	646
	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	646
	Uninitialized Memory Exposure npm:stringstream:20180511	646
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	644
	Prototype Pollution npm:hoek:20180212	636
	Prototype Pollution SNYK-JS-AJV-584908	619
	Prototype Pollution SNYK-JS-JSONPOINTER-1577288	601
	Regular Expression Denial of Service (ReDoS) npm:forwarded:20170908	589
	Regular Expression Denial of Service (ReDoS) npm:fresh:20170908	589
	Prototype Override Protection Bypass npm:qs:20170213	589
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	586
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HAWK-2808852	584
	Prototype Pollution npm:extend:20180424	579
	Uninitialized Memory Exposure npm:tunnel-agent:20170305	576
	Regular Expression Denial of Service (ReDoS) npm:is-my-json-valid:20180214	571
	Regular Expression Denial of Service (ReDoS) npm:tough-cookie:20170905	509
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	506
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	506
	Regular Expression Denial of Service (ReDoS) npm:mime:20170907	399
	Regular Expression Denial of Service (ReDoS) npm:ms:20170412	399

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution
🦉 Regular Expression Denial of Service (ReDoS)
🦉 Authentication Bypass
🦉 More lessons are available in Snyk Learn