Bump minimist from 0.2.1 to 0.2.4

[dependabot[bot]]

Bumps minimist from 0.2.1 to 0.2.4.

Changelog

Sourced from minimist's changelog.

v0.2.4 - 2023-02-24

Commits

• [Tests] check side-effects of pollution protection 3dbebff
• [Robustness] rework isConstructorOrProto 34e20b8
• [Dev Deps] update tape d031f9b

v0.2.3 - 2023-02-09

Merged

• [Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17)
• [Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12)
• [Fix] opt.string works with multiple aliases [#10](https://github.com/minimistjs/minimist/issues/10)

Fixed

• [Fix] Fix long option followed by single dash (#17) [#15](https://github.com/minimistjs/minimist/issues/15)
• [Tests] Remove duplicate test (#12) [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] opt.string works with multiple aliases (#10) [#9](https://github.com/minimistjs/minimist/issues/9)

Commits

• [eslint] fix indentation and whitespace e5f5067
• [eslint] more cleanup 36ac5d0
• [eslint] fix indentation 34b0f1c
• isConstructorOrProto adapted from PR ef9153f
• [Dev Deps] update @ljharb/eslint-config, aud 098873c
• [Dev Deps] add missing npmignore dev dep 3226afa

v0.2.2 - 2022-10-10

Commits

• [meta] add auto-changelog 73923d2
• [actions] add reusable workflows d80727d
• [eslint] add eslint; rules to enable later are warnings 48bc06a
• [readme] rename and add badges 5df0fe4
• [Dev Deps] switch from covert to nyc a48b128
• [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
• [meta] create FUNDING.yml; add funding in package.json 3639e0c
• [meta] use npmignore to autogenerate an npmignore file be2e038
• Only apps should have lockfiles 282b570
• [meta] add safe-publish-latest 4b927de
• [Tests] add aud in posttest b32d9bd
• [meta] update repo URLs f9fdfc0

Commits

• 8c6be48 v0.2.4
• d031f9b [Dev Deps] update tape
• 3dbebff [Tests] check side-effects of pollution protection
• 34e20b8 [Robustness] rework isConstructorOrProto
• c0b2661 v0.2.3
• 63b8fee [Fix] Fix long option followed by single dash (#17)
• 72239e6 [Tests] Remove duplicate test (#12)
• 34b0f1c [eslint] fix indentation
• 3226afa [Dev Deps] add missing npmignore dev dep
• 098873c [Dev Deps] update @ljharb/eslint-config, aud
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/adam-skalicky/juice-shop/network/alerts).

[adam-skalicky]

Checkmarx One – Scan Summary & Details – 1eeb9eed-b227-40bf-8d2a-dc8222c3d481

New Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	Array Without Maximum Number of Items (v3)	/swagger.yml: 40	Array schema should have the field 'maxItems' set
	CVE-2022-23539	Npm-jsonwebtoken-0.4.0	Vulnerable Package
	CVE-2022-23539	Npm-jsonwebtoken-0.1.0	Vulnerable Package
	CVE-2022-23540	Npm-jsonwebtoken-0.4.0	Vulnerable Package
	CVE-2022-23540	Npm-jsonwebtoken-0.1.0	Vulnerable Package
	CVE-2022-2421	Npm-socket.io-parser-4.1.2	Vulnerable Package
	CVE-2022-2421	Npm-socket.io-parser-4.0.4	Vulnerable Package
	CVE-2022-25881	Npm-http-cache-semantics-3.8.1	Vulnerable Package
	CVE-2022-25887	Npm-sanitize-html-1.4.2	Vulnerable Package
	CVE-2022-25893	Npm-vm2-3.9.3	Vulnerable Package
	CVE-2022-3517	Npm-minimatch-3.0.4	Vulnerable Package
	CVE-2022-37616	Npm-@xmldom/xmldom-0.7.5	Vulnerable Package
	CVE-2022-38900	Npm-decode-uri-component-0.2.2	Vulnerable Package
	CVE-2022-38900	Npm-decode-uri-component-0.2.0	Vulnerable Package
	CVE-2022-39353	Npm-@xmldom/xmldom-0.7.5	Vulnerable Package
	CVE-2022-43441	Npm-sqlite3-5.0.2	Vulnerable Package
	CVE-2022-46175	Npm-json5-2.2.0	Vulnerable Package
	CVE-2022-46175	Npm-json5-1.0.1	Vulnerable Package
	CVE-2022-48285	Npm-jszip-3.7.1	Vulnerable Package
	CVE-2023-22578	Npm-sequelize-6.9.0	Vulnerable Package
	CVE-2023-22578	Npm-sequelize-6.17.0	Vulnerable Package
	CVE-2023-22579	Npm-sequelize-6.9.0	Vulnerable Package
	CVE-2023-22579	Npm-sequelize-6.17.0	Vulnerable Package
	CVE-2023-22580	Npm-sequelize-6.9.0	Vulnerable Package
	CVE-2023-22580	Npm-sequelize-6.17.0	Vulnerable Package
	CVE-2023-25813	Npm-sequelize-6.9.0	Vulnerable Package
	CVE-2023-25813	Npm-sequelize-6.17.0	Vulnerable Package
	CVE-2023-29017	Npm-vm2-3.9.3	Vulnerable Package
	CVE-2023-29199	Npm-vm2-3.9.3	Vulnerable Package
	CVE-2023-30547	Npm-vm2-3.9.3	Vulnerable Package
	Passwords And Secrets - Generic Password	/users.yml: 63	Query to find passwords and secrets in infrastructure code.
	SQL_Injection	/routes/dataExport.ts: 32	Attack Vector
	SQL_Injection	/routes/dataExport.ts: 16	Attack Vector
	CVE-2022-23541	Npm-jsonwebtoken-0.4.0	Vulnerable Package
	CVE-2022-23541	Npm-jsonwebtoken-0.1.0	Vulnerable Package
	CVE-2022-41940	Npm-engine.io-4.1.2	Vulnerable Package
	CVE-2023-0842	Npm-xml2js-0.4.23	Vulnerable Package
	CVE-2023-25166	Npm-@sideway/formula-3.0.0	Vulnerable Package
	CVE-2023-28155	Npm-request-2.88.2	Vulnerable Package
	Cx51b085c0-f2c0	Npm-es5-ext-0.10.58	Vulnerable Package
	Missing_Encryption_of_Sensitive_Data	/data/datacreator.ts: 100	Attack Vector
	Use_of_Broken_or_Risky_Cryptographic_Algorithm	/Gruntfile.js: 73	Attack Vector

Fixed Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	Array Without Maximum Number of Items (v3)	/swagger.yml: 41	Array schema should have the field 'maxItems' set
	CVE-2021-23440	Yarn-set-value-2.0.1	Vulnerable Package
	CVE-2021-35065	Yarn-glob-parent-5.1.2	Vulnerable Package
	CVE-2021-44906	Yarn-minimist-1.2.5	Vulnerable Package
	CVE-2021-44906	Yarn-minimist-0.2.1	Vulnerable Package
	Cx6f6f1276-7a2e	Yarn-tar-2.2.2	Vulnerable Package
	Client_DOM_Open_Redirect	/frontend/src/app/login/login.component.ts: 52	Attack Vector
	Unprotected_Cookie	/routes/videoHandler.ts: 43	Attack Vector
	Unprotected_Cookie	/routes/videoHandler.ts: 36	Attack Vector

[github-actions[bot]]

This PR has been automatically marked as stale because it has not had recent activity. :calendar: It will be closed automatically in two weeks if no further activity occurs.

[github-actions[bot]]

This PR was closed because it has been stalled for 14 days with no activity.

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.