This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
#### Vulnerabilities that will be fixed
##### With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity
:-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------
 | **718/1000** **Why?** Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.5 | Uncontrolled Resource Consumption ('Resource Exhaustion') [SNYK-JS-TAR-6476909](https://snyk.io/vuln/SNYK-JS-TAR-6476909) | Yes | Proof of Concept
(*) Note that the real score may have changed since the PR was raised.
Commit messagesPackage name: chokidar
The new version differs by 119 commits.
feee448 chore: Remove disabled and recommended rules
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project.
------------
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.*
For more information:
š§ [View latest project report](https://app.snyk.io/org/jiiks/project/8735654b-9e00-4c02-aa5d-615b64cbc429?utm_source=github&utm_medium=referral&page=fix-pr)
š [Adjust project settings](https://app.snyk.io/org/jiiks/project/8735654b-9e00-4c02-aa5d-615b64cbc429?utm_source=github&utm_medium=referral&page=fix-pr/settings)
š [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities)
[//]: # (snyk:metadata:{"prId":"1ef6bdba-847c-4b34-9dce-4d7a86cc856d","prPublicId":"1ef6bdba-847c-4b34-9dce-4d7a86cc856d","dependencies":[{"name":"chokidar","from":"2.1.2","to":"3.0.0"},{"name":"node-sass","from":"4.11.0","to":"5.0.0"}],"packageManager":"npm","projectPublicId":"8735654b-9e00-4c02-aa5d-615b64cbc429","projectUrl":"https://app.snyk.io/org/jiiks/project/8735654b-9e00-4c02-aa5d-615b64cbc429?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-TAR-6476909"],"upgrade":["SNYK-JS-TAR-6476909"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[718],"remediationStrategy":"vuln"})
---
**Learn how to fix vulnerabilities with free interactive lessons:**
š¦ [Uncontrolled Resource Consumption ('Resource Exhaustion')](https://learn.snyk.io/lesson/redos/?loc=fix-pr)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json - package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **718/1000****Why?** Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.5 | Uncontrolled Resource Consumption ('Resource Exhaustion')
[SNYK-JS-TAR-6476909](https://snyk.io/vuln/SNYK-JS-TAR-6476909) | Yes | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: chokidar
The new version differs by 119 commits.- 7b8e02a Release 3.0.0.
- e7bfe2f Move stuff.
- df7f22e Remove changelog from npm, move to hidden dir.
- 3df7692 Improve naming.
- 6e94ca2 Clean-up.
- 2de2f9c test: Add testing of Node.js v12 in Travis pipeline. (#833)
- 9e0965a Fix Windows tests in Travis CI (#832)
- c95a98f Update stuff.
- 187ff2b test: Trying to fix blinked tests for Travis CI. (#825)
- db99076 fix(Windows): Add converting from windows to unix path for all ignored paths. (#824)
- 41f8782 fix(FsEvents): Remove situation with NaN depth. (#823)
- 7cf3f7e Update readdirp to stable.
- 0927a62 Bump packages.
- 11cd857 Update nyc.
- 99c14d7 Uncomment fsevents.
- cf330a5 Update fsevents.
- 0e4fca5 Fix deps.
- 9c575d4 Fix Windows version (#821)
- 3323d59 fix(Linux): Make event loop hack for keep testing valid. (#820)
- 06214c5 Update to latest readdirp.
- 793639f Rename osxfswatch.
- 078bc2d Refactor and fix freaking tests.
- 2b9bb41 Try node 11.
- 3fe3d4e Test travis.
See the full diffPackage name: node-sass
The new version differs by 93 commits.- 7105b0a 5.0.0 (#3015)
- 0648b5a chore: Add Node 15 support (#2983)
- e2391c2 Add a deprecation message to the readme (#3011)
- 6a33e53 chore: Don't upload artifacts on PRs
- d763506 chore: Only run coverage on main repo
- d4ebe72 build(deps): update actions/setup-node requirement to v2.1.2
- 2bebe05 build(deps-dev): bump rimraf from 2.7.1 to 3.0.2
- f877689 chore: Don't double build DependaBot PRs
- b48fac4 chore: Add weekly DependaBot updates
- 91c40a0 Remove deprecated process.sass API
- 1f6df86 Replace lodash/assign in favor of the native Object.assign
- 522828a Remove workarounds for old Node.js versions
- 40e0f00 chore: Remove second NPM badge
- ab91bf6 chore: Remove Slack badge
- 6853a80 chore: Cleanup status badges
- fb1109c chore: Bump minimum engine version to v10
- d185440 chore: Add basic Node version support policy
- db25736 chore: Bump node-gyp to 7.1.0
- 2c5b110 chore: Bump cross-spawn to v7.0.3
- 38b9633 chore: Update Istanbul to NYC
- d63b5bf chore: Bump mocha to v8.1.3
- d0d8865 chore: Skip constructor tests on v14.6+
- ee3984d chore: Hoist test ESLint config
- feee448 chore: Remove disabled and recommended rules
See the full diff