[Snyk] Fix for 1 vulnerabilities

[bcguan2008]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: istanbul

The new version differs by 72 commits.

• 89e338f 0.4.5
• 7efe4dc update changelog, contributors
• da79378 Merge pull request #673 from popomore/swap-fileset-for-glob
• 58f4c90 swap fileset for glob
• fef889b Merge pull request #657 from djorg83/master
• 91bb666 log filename when file fails to parse using esprima
• 5dbd62c 0.4.4
• 5642fb4 Update changelog, contributors
• f4195bb Merge pull request #507 from Victorystick/es-modules-support
• c521035 Merge pull request #628 from inversion/use-tmp-dir
• 66fffdc Merge pull request #597 from JamesMGreene/patch-1
• dfcab10 Merge pull request #627 from a0viedo/patch-1
• abec3ae Merge pull request #625 from ChALkeR/tmpdir
• a9aaf53 tmp dir setting was being ignored in TmpStore
• 522f465 link build badge to master branch
• 0b5e80d use os.tmpdir() instead of os.tmpDir()
• 5069661 Set "medium" coverage CSS color scheme to yellow
• 0e8c350 Merge pull request #587 from clickthisnick/chore-remove-trailing-spaces
• fc3ba35 0.4.3
• b3de106 Update changelog, contributors
• bb5b6e1 Merge pull request #579 from jtangelder/fix-colors
• 0411600 return plain string when an invalid clazz is given
• a556a5e Merge pull request #552 from abejfehr/patch-1
• 369ed49 Merge pull request #545 from pra85/patch-1

See the full diff

Package name: mocha

The new version differs by 107 commits.

• e8cda73 Release v3.0.0
• 4944e31 rebuild mocha.js
• 16762d1 fix bad merge of karma.conf.js
• 2f9a409 add note about spec reporter to CHANGELOG.md [ci skip]
• 7c0284b fixed typo in mocha.css introduced by 185c0d902e272216232630fe4e2577268456dd9a [ci skip]
• 8741506 Remove carriage return before each test line in spec reporter. Served no purpose
• 309b8f2 add "logo" field to package.json [ci skip]
• 740a511 fix incorrect executable name with new version of commander
• 0e2e49b add bower.json to published package for npmcdn support [ci skip]
• d367bc7 fix broken/wrong URLs in CHANGELOG.md [ci skip]
• 6184529 Release v3.0.0-2
• 4b4009b rebuild mocha.js
• 15c344c add browser-stdout to dependencies
• e3ab4ec update CHANGELOG [ci skip]
• 0cd9dc9 let child suites run if parent is exclusive; closes #2378 (#2387)
• f0b184e Upgrade eslint package to 2.13 version (#2389)
• cab1e43 markdown fixes for CHANGELOG.md [ci skip]
• d0d5e50 fix bad reference to to-iso-string in test
• 517020b suppress warning about .eslintignore when running ESLint
• 08a6ccf copy to-iso-string; closes #2378
• 74940ef added changes to CHANGELOG.md [ci skip]
• bf216d5 tweak wording on "overspecification" exception
• 3a3a699 wip CHANGELOG update
• 5c34451 display executed commands in Makefile for debugging

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)