[Snyk] Fix for 3 vulnerabilities

[KayvanMazaheri]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json - package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **509/1000**
**Why?** Has a fix available, CVSS 5.9 | Denial of Service (DoS)
[SNYK-JS-JSYAML-173999](https://snyk.io/vuln/SNYK-JS-JSYAML-173999) | Yes | No Known Exploit  | **619/1000**
**Why?** Has a fix available, CVSS 8.1 | Arbitrary Code Execution
[SNYK-JS-JSYAML-174129](https://snyk.io/vuln/SNYK-JS-JSYAML-174129) | Yes | No Known Exploit  | **658/1000**
**Why?** Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-NODEMAILER-6219989](https://snyk.io/vuln/SNYK-JS-NODEMAILER-6219989) | Yes | Proof of Concept (*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: i18next-node-fs-backend

The new version differs by 40 commits.

• 41d4166 update changelog
• ccffd22 Merge pull request #238 from ceastman-ibm/patch-1
• 67ee4c2 Update js-yaml to a non vulnerable version
• 26e20ac rebuild
• 13157e2 Merge pull request #237 from felixmosh/fix-236
• 229a7f1 Bump dep versions due to DOS vulnerability
• 0056a49 Merge pull request #233 from ffflorian/patch-1
• 714e078 Add repository to package.json
• 7e946e7 rebuild
• 1122cb7 Merge pull request #230 from jonathanz/patch-1
• 14844ac fix [ReferenceError: language is not defined]
• 6135a7f update version
• 07ac0af rebuild
• 7952dec Merge pull request #226 from lovro-bikic/master
• 6854cc4 update addPath to support functions and paths
• f061442 change `var` to `let` in src
• 19b5b0d fix dependencies
• cfdc02c transpile to ES5
• ca9f110 run build script
• 4e1afb2 update loadPath to support functions as parameters
• 479ac5f update travis target
• 97d8d7a remove dep
• bd52d90 remove cson parser, adds option.parse for custom parsing
• 209127a Update README.md

See the full diff

Package name: nodemailer

The new version differs by 250 commits.

• 5a2e10f chore(master): release 6.9.9 [skip-ci] (#1606)
• dd8f5e8 fix(security): Fix issues described in GHSA-9h6g-pr28-7cqp. Do not use eternal matching pattern if only a few occurences are expected
• 2c2b46a chore: do not use caret in version specifier
• be45c1b fix(tests): Use native node test runner, added code coverage support, removed grunt (#1604)
• 4233f6f chore(master): release 6.9.8 [skip-ci] (#1605)
• 09d502f chore: removed double file
• b4d0e0c fix(punycode): do not use native punycode module
• 8376c02 Test new github notice syntax for README
• bc46a3b Updated stale github action
• 78bdaf8 chore: remove redundant AWS SDK for JavaScript v2 (#1593)
• 971ced7 chore: add mailcatch.app to well-known/services.json (#1586)
• 879e562 chore(master): release 6.9.7 [skip-ci] (#1585)
• 140e3b0 Merge branch 'master' of github.com:nodemailer/nodemailer
• 41d482c fix(customAuth): Do not require user and pass to be set for custom authentication schemes (fixes #1584)
• 20e9fe0 update - `services.json` - add SES SMTP endpoints for the AP region (#1580)
• 9da77b6 chore(master): release 6.9.6 [skip-ci] (#1578)
• 7fe0a60 fix(tests): Removed Node v12 from test matrix as it is not compatible with the test framework anymore
• db32c93 fix(inline): Use 'inline' as the default Content Dispostion value for embedded images
• fdc7c27 chore(master): release 6.9.5 [skip-ci] (#1573)
• da4744e fix(license): Updated license year
• 13672b2 Removed legacy files (#1571)
• afd2287 Added release workflow to publish npm packages from Github
• 1ae83a2 Update services.json
• 286dc28 v6.9.4

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/kayvanmazaheri/project/97d60973-e04a-41e6-8345-a40d4a60c989?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/kayvanmazaheri/project/97d60973-e04a-41e6-8345-a40d4a60c989?utm_source=github&utm_medium=referral&page=fix-pr/settings) 📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) [//]: # (snyk:metadata:{"prId":"d786203b-b37e-4b04-ad11-c29801cf30fd","prPublicId":"d786203b-b37e-4b04-ad11-c29801cf30fd","dependencies":[{"name":"i18next-node-fs-backend","from":"0.1.3","to":"2.1.3"},{"name":"nodemailer","from":"3.1.8","to":"6.9.9"}],"packageManager":"npm","projectPublicId":"97d60973-e04a-41e6-8345-a40d4a60c989","projectUrl":"https://app.snyk.io/org/kayvanmazaheri/project/97d60973-e04a-41e6-8345-a40d4a60c989?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-JSYAML-173999","SNYK-JS-JSYAML-174129","SNYK-JS-NODEMAILER-6219989"],"upgrade":["SNYK-JS-JSYAML-173999","SNYK-JS-JSYAML-174129","SNYK-JS-NODEMAILER-6219989"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[509,619,658],"remediationStrategy":"vuln"}) --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Denial of Service (DoS)](https://learn.snyk.io/lesson/redos/?loc=fix-pr) 🦉 [Arbitrary Code Execution](https://learn.snyk.io/lesson/malicious-code-injection/?loc=fix-pr)