Bump snyk from 1.278.1 to 1.291.0

[dependabot-preview[bot]]

Bumps snyk from 1.278.1 to 1.291.0.

Release notes

Sourced from snyk's releases.

v1.291.0

1.291.0 (2020-02-11)

Features

• snyk-mvn-plugin with mvnw support (253a5ad)

v1.290.2

1.290.2 (2020-02-06)

Bug Fixes

• vuln in transitive pkg of configstore (dot-prop) - rc2 (a551fce)

v1.290.1

1.290.1 (2020-01-31)

Bug Fixes

• use @snyk/configstore instead of configstore (93845d9)
• use @snyk/update-notifier instead of update-notifier (b74bbe2)

v1.290.0

1.290.0 (2020-01-31)

Features

• use latest python plugin (3c06cb6)

v1.289.1

1.289.1 (2020-01-31)

Bug Fixes

• correct object path to mvn and java version (98a7031)

v1.289.0

1.289.0 (2020-01-31)

Features

• add java and maven version to analytics (23cbd4c)

v1.288.0

... (truncated)

Commits

• 233593b Merge pull request #1001 from snyk/feat/mvn-plugin-with-wrapper
• 253a5ad feat: snyk-mvn-plugin with mvnw support
• 0a9c7f3 Merge pull request #998 from snyk/feat/convert-to-ts
• 8490b07 chore: convert user-config to ts
• b88496e chore: convert sub-process to ts
• 5d10984 Merge pull request #992 from snyk/fix/dot-prop-vuln-update-2
• 67ecd57 Merge pull request #996 from snyk/chore/fix-issue-emojis
• ea38d75 chore: fix emojis in github
• 1232e46 Merge pull request #995 from snyk/chore/improved-issue-templates
• 75a95f4 chore: separate bug and feature issue templates
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)