[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	776/1000 Why? Recently disclosed, Has a fix available, CVSS 9.8	Prototype Pollution SNYK-JS-LODASH-590103	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: babel-loader

The new version differs by 13 commits.

• 321852e Merge branch 'release/6.0.0'
• e7565ee Add @malyw 's guide to upgrade babel
• 862b7b1 Update travis badge url
• ff3bc7a Update dependencies.
• fc2bfe4 Merge branch 'shinnn-travis-ci' into develop
• a6f3fc0 Change options to query. Increase timeout interval
• 94d6308 Merge remote-tracking branch 'werk85/master' into develop
• f4e40c5 README updated
• 0823f6a Upgraded to Babel 6
• bb110a8 set up Travis CI
• f84ef50 Merge branch 'develop' of github.com:babel/babel-loader into develop
• 719eb70 Merge branch 'hotfix/5.3.1' into develop
• 6b33020 Merge branch 'release/5.3.0' into develop

See the full diff

Package name: karma

The new version differs by 250 commits.

• db41e8e chore: release v2.0.0
• 0a1a8ef chore: update contributors
• 1afcb09 chore: add yarn.lock
• f64e1e0 Merge pull request #2899 from outsideris/fix-bad-url-in-stacktrace
• 78ad12f refactor(server): move compile step to first run
• 34dc7d3 fix(reporter): show file path correctly when urlRoot specified
• b53929a Merge pull request #2712 from macjohnny/patch-1
• c9e1ca9 feat: better string representation of errors
• 10fac07 Merge pull request #2885 from karma-runner/prep-2
• 00e3f88 chore: remove yarn.lock for now
• 60dfc5c feat: drop core-js and babel where possible
• 0e1907d test: improve linting and fix test on node 4
• af0efda test(e2e): update cucumber step definitions
• c3ccc5d chore(ci): focus on even node versions
• bf25094 chore(deps): update to latest
• d93cc5f docs(config): Document port collision scenario.
• 871d46f feat(launcher): trim whitespace in browser name
• 99fd3f0 fix(config): Call debug log methods after setting the loglevel based upon config/cli-options.
• 7bd54ed Merge pull request #2890 from reda-alaoui/patch-1
• 91e916a docs(config): Document port collision scenario.
• 334f9fb feat(launcher): trim whitespace in browser name
• e23c0d4 Merge pull request #2837 from JakeChampion/logs
• a340dae fix(config): Call debug log methods after setting the loglevel based upon config/cli-options.
• 6d353dc docs: improve comments in config.tpl.*

See the full diff

Package name: karma-phantomjs-launcher

The new version differs by 9 commits.

• 22622e4 chore: release v1.0.0
• 45807be chore: update contributors
• 950292f Merge pull request #99 from shinnn/lodash
• 9167041 Merge pull request #98 from shinnn/rename
• 2a03f46 Merge pull request #100 from shinnn/ci
• 9f9e0e2 fix: replace deprecated nvm version identifier with the proper one
• ad1aad5 fix: test on Node v4 instead of ancient v0.4
• ee4726e chore: update lodash from v3.x to v4.x
• 5844941 fix: use phantomjs-prebuilt instead of deprecated phantomjs

See the full diff

Package name: karma-webpack

The new version differs by 55 commits.

• db43093 chore(release): 2.0.10
• 5406a4c ci(.travis): update CI config (#302)
• 2bb71f5 style(src/): fix linting errors (#303)
• 0a5564d chore(package): update `dependencies`
• eca88a8 docs(RELEASE): outdated && removed
• 56e99b0 refactor(index): renamed to `src/index`
• 31862ff docs(README): standardize
• 77797a8 build(gulpfile): remove `gulp`
• 6d28c5c build(.babelrc): use `babel-preset-env`
• 99ddad8 fix(package): add `webpack >= v4.0.0` (`peerDependencies`) (#301)
• 94a2d73 build(package): don't generate source maps for release (`build:release`) (#294)
• 906ed52 fix: correctly escape `{Regex}` in custom file handler (#293)
• 5fa2409 fix(karma-webpack): correctly coalesce `idx` (`{Number}`) in filepaths (#287)
• 41d1912 fix: disable `webpack` rebuilds on karma `--single-run`
• b361ff4 chore(release): 2.0.9
• be2b0e8 fix: ensure webpack paths include a trailing slash (#285)
• c781f4e chore: Update changelog for publishing issue
• 1044b2d chore(release): 2.0.8
• 60c9616 chore(release): 2.0.7
• 0616dda fix: use `os.tmpdir()` to safely store `_karma_webpack_` (#279)
• 68506b4 chore(release): 2.0.6
• c952bcd fix: work with sourcemaps when mocha is wrapped (#237) (#238)
• 33d8eaa chore(package): Updates version of webpack-dev-middleware (#269)
• ec1badf docs(README): update link to latest docs (`webpack.js.org`) (#270)

See the full diff

Package name: wallaby-webpack

The new version differs by 86 commits.

• efb1922 3.9.8
• 949b889 Lodash version bump
• a870b1a 3.9.7
• 6ff3b84 Added `webpack` option
• c69dc5f 3.9.6
• ce0659e Angular CLI v6 webpack path
• 5069478 3.9.5
• fb4a8cb Webpack 4 initial support
• 5254d93 3.9.4
• 1c89f78 Support webpack 4.0.0-alpha.3
• e910f50 3.9.3
• 98b1450 Disabling `mode`
• 21873d7 3.9.2
• 2ff5097 Webpack 4.0.0-alpha.0 support
• 5b6074e 3.9.1
• 4674797 Harmony dependency updates support fix
• 9787b9c Harmony dependency updates support
• b2a2946 0.0.45
• 2d48a74 Add `emitModulePaths` setting
• d5f0ca7 0.0.44
• 8ba22cc Missing parameter
• 3844715 0.0.43
• 4ee6ec0 Added sync stat/file/dir versions for wallaby input system
• 9ece813 0.0.42

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic