This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
#### Vulnerabilities that will be fixed
##### With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity
:-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------
 | **586/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS) [SNYK-JS-GLOBPARENT-1016905](https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905) | Yes | Proof of Concept
 | **661/1000** **Why?** Recently disclosed, Has a fix available, CVSS 7.5 | Missing Release of Resource after Effective Lifetime [SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | Yes | No Known Exploit
 | **506/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 3.7 | Prototype Pollution [SNYK-JS-MINIMIST-2429795](https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795) | Yes | Proof of Concept
 | **601/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 5.6 | Prototype Pollution [SNYK-JS-MINIMIST-559764](https://snyk.io/vuln/SNYK-JS-MINIMIST-559764) | Yes | Proof of Concept
 | **646/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 6.5 | Server-side Request Forgery (SSRF) [SNYK-JS-REQUEST-3361831](https://snyk.io/vuln/SNYK-JS-REQUEST-3361831) | Yes | Proof of Concept
 | **646/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 6.5 | Prototype Pollution [SNYK-JS-TOUGHCOOKIE-5672873](https://snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873) | Yes | Proof of Concept
 | **589/1000** **Why?** Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS) [npm:timespan:20170907](https://snyk.io/vuln/npm:timespan:20170907) | Yes | No Known Exploit
 | **324/1000** **Why?** Has a fix available, CVSS 2.2 | Uninitialized Memory Exposure [npm:utile:20180614](https://snyk.io/vuln/npm:utile:20180614) | Yes | No Known Exploit
(*) Note that the real score may have changed since the PR was raised.
Commit messagesPackage name: forever
The new version differs by 38 commits.
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project.
------------
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.*
For more information:
🧐 [View latest project report](https://app.snyk.io/org/naramsim/project/b172eebe-ce59-4b68-bf4a-56721765bd3b?utm_source=github&utm_medium=referral&page=fix-pr)
🛠 [Adjust project settings](https://app.snyk.io/org/naramsim/project/b172eebe-ce59-4b68-bf4a-56721765bd3b?utm_source=github&utm_medium=referral&page=fix-pr/settings)
📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities)
[//]: # (snyk:metadata:{"prId":"72416e82-a508-4f34-a3d7-a82ceebcff46","prPublicId":"72416e82-a508-4f34-a3d7-a82ceebcff46","dependencies":[{"name":"forever","from":"0.15.3","to":"3.0.4"},{"name":"ngrok","from":"2.3.0","to":"4.0.0"}],"packageManager":"npm","projectPublicId":"b172eebe-ce59-4b68-bf4a-56721765bd3b","projectUrl":"https://app.snyk.io/org/naramsim/project/b172eebe-ce59-4b68-bf4a-56721765bd3b?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-GLOBPARENT-1016905","SNYK-JS-INFLIGHT-6095116","SNYK-JS-MINIMIST-2429795","SNYK-JS-MINIMIST-559764","SNYK-JS-REQUEST-3361831","SNYK-JS-TOUGHCOOKIE-5672873","npm:timespan:20170907","npm:utile:20180614"],"upgrade":["SNYK-JS-GLOBPARENT-1016905","SNYK-JS-INFLIGHT-6095116","SNYK-JS-MINIMIST-2429795","SNYK-JS-MINIMIST-559764","SNYK-JS-REQUEST-3361831","SNYK-JS-TOUGHCOOKIE-5672873","npm:timespan:20170907","npm:utile:20180614"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[586,661,506,601,646,646,589,324],"remediationStrategy":"vuln"})
---
**Learn how to fix vulnerabilities with free interactive lessons:**
🦉 [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lesson/redos/?loc=fix-pr)
🦉 [Prototype Pollution](https://learn.snyk.io/lesson/prototype-pollution/?loc=fix-pr)
🦉 [Server-side Request Forgery (SSRF)](https://learn.snyk.io/lesson/ssrf-server-side-request-forgery/?loc=fix-pr)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **586/1000****Why?** Proof of Concept exploit, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-GLOBPARENT-1016905](https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905) | Yes | Proof of Concept  | **661/1000**
**Why?** Recently disclosed, Has a fix available, CVSS 7.5 | Missing Release of Resource after Effective Lifetime
[SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | Yes | No Known Exploit  | **506/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 3.7 | Prototype Pollution
[SNYK-JS-MINIMIST-2429795](https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795) | Yes | Proof of Concept  | **601/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 5.6 | Prototype Pollution
[SNYK-JS-MINIMIST-559764](https://snyk.io/vuln/SNYK-JS-MINIMIST-559764) | Yes | Proof of Concept  | **646/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 6.5 | Server-side Request Forgery (SSRF)
[SNYK-JS-REQUEST-3361831](https://snyk.io/vuln/SNYK-JS-REQUEST-3361831) | Yes | Proof of Concept  | **646/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 6.5 | Prototype Pollution
[SNYK-JS-TOUGHCOOKIE-5672873](https://snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873) | Yes | Proof of Concept  | **589/1000**
**Why?** Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
[npm:timespan:20170907](https://snyk.io/vuln/npm:timespan:20170907) | Yes | No Known Exploit  | **324/1000**
**Why?** Has a fix available, CVSS 2.2 | Uninitialized Memory Exposure
[npm:utile:20180614](https://snyk.io/vuln/npm:utile:20180614) | Yes | No Known Exploit (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: forever
The new version differs by 38 commits.- b2120f9 Remove utile (#1099)
- 071cc04 Update changelog
- c1bcbff Remove dependency on broadway (#1098)
- 3586afe Prepare 3.0.1 for release
- 67cc950 Prepare 3.0.1 for release
- 877d93a Replaced optimist with yargs (#1093)
- a36330a Update forever-monitor (#1081)
- 0c5d32a Update dependencies and test Node 14 (#1080)
- 9e85c59 Fix argument type of fs.writeFileSync (#1075)
- 58eb131 Add CLI test for starting/stopping from a directory with space (#1068)
- 437ca4a Remove unnecessary path-is-absolute dependency (#1062)
- 8f739b0 Execute Mocha tests (#1054)
- ceb235c Update changelog
- 008766f Add linting (#1053)
- a5b97ae add '--version' to help text (#1041)
- 3c09b6f Update async to 1.x.x (#1052)
- c551947 Update async (#1051)
- dda79a6 Update dependencies (#1050)
- 70259bc Drop support for Node < 6 (#1049)
- 8b41d16 Bump version in package-lock.json
- 2f6d4e0 Only publish necessary files
- 067c758 Bump version to 1.0.1, update changelog
- bce5991 Update forever-monitor (#1047)
- 0ef5100 Fix CI (#1048)
See the full diffPackage name: ngrok
The new version differs by 119 commits.- cb7a3ef 4.0.0
- 4ca226e Updates CHANGELOG for v4 release
- d63bc73 Merge branch 'homedir' into master
- 7b7e863 Removes homedir dependency
- 508944e Merge branch 'mocha-update' into master
- 041dfab Update colors dependency
- 8c9d50e Updates mocha and chai
- 670088d Typo
- 339248b Updated Changelog
- 6d18d23 Updates README for v4
- 9facf40 Format all files with prettier
- 6937584 Corrects JSDoc comment for getVersion
- fd03d0b 4.0.0-beta.4
- 08b4319 Fixes location of ngrok binary
- d3200b8 4.0.0-beta.3
- a02c181 Updates CHANGELOG
- e8d932e Move download file back to top level.
- 0424074 4.0.0-beta.2
- 83cb646 Updates CHANGELOG
- 40a2fe7 Corrects package.json files array
- 3e247fb 4.0.0-beta.1
- 1963e3a Adds a CHANGELOG and documents 4.0.0-beta.1
- 5a5e328 Updates package.json files
- 931938b Merge branch 'default-opts' into master
See the full diff