[Snyk] Fix for 1 vulnerabilities

[ayishagisel]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json - package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **461/1000**
**Why?** Recently disclosed, Has a fix available, CVSS 3.5 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-DEBUG-3227433](https://snyk.io/vuln/SNYK-JS-DEBUG-3227433) | Yes | No Known Exploit (*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: anymatch

The new version differs by 18 commits.

• d474c82 Release 3.0.0.
• dd660f8 Update deps.
• 64ce747 Update types.
• bd27242 Fixes.
• e18de05 Update to picomatch-stable.
• 30fa2c3 Merge pull request #28 from leonardodino/fix-package-name
• 6b01ef6 Fix package name typo in README.md
• b500318 Remove line.
• 57e0193 Bring back arg passing.
• 13343b0 Cache patterns. Performance boost.
• 5ece3fd Switch to picomatch. Update deps.
• cece732 Fix declarations.
• 0065fca Update readme.
• 4518091 Readme.
• 1e69e91 Update.
• 9ef72e8 Changelog.
• cb143fe Improve type matching.
• 02257b9 New version. More strict. Drop returnIndex and startIndex params for now.

See the full diff

Package name: braces

The new version differs by 16 commits.

• abcf341 3.0.0
• 68a3fdf refactor
• bb5b5ba Remove appveyor from readme.
• 086008a travis: Drop sudo: false.
• 4ed704b add unit tests
• 60eb988 ranges
• 7b1abf0 Use proper nodejs versions for appveyor.
• 7b106b6 braces api
• 80eae1f Drop duplicate node v11 for travis.
• 58d868e windows support
• 27f7344 Appveyor: Drop support for nodejs <8 for now.
• 25424ec Drop support for nodejs <8 for now.
• ceef790 cover sets
• f5bf204 clean up examples
• 92ec96d start refactoring
• cd50063 2.3.2

See the full diff

Package name: browser-sync

The new version differs by 63 commits.

• 0b3d98b v2.26.6
• fdfc681 tests: add e2e tests to package.json
• c56cfd9 Merge pull request #1698 from emeitch/fix_deprecated_header
• 2fd598f Merge pull request #1690 from XhmikosR/xmr-ci
• 841ccd5 Merge pull request #1694 from coliff/patch-1
• 209c9c1 Merge pull request #1697 from gaards/update-localtunnel
• 87bee4b Use getHeaders or _headers
• 77abfd3 Update localtunnel
• 1f073f9 Remove gittip from README (service closed down)
• 51792b1 AppVeyor tweaks.
• 9c9d71a CI: Add Node.js 12 and 10.
• 6dd2d56 v2.26.5
• 62007c8 SyntaxError in micromatch when starting browser-sync - fixes #1682
• 47a4d1b v2.26.4
• 05a58db deps: fixes #1677 #1671 #1659 #1648
• 35035df deps: removed nodemon since it includes flat-stream (security)
• 1b2eab5 Merge pull request #1634 from mxschmitt/patch-1
• e35e5dc fix(ui): updated dead links and moved to https
• 85c4ba7 examples: server + proxy
• 924d5e7 v2.26.3
• d60cd91 fix: application/wasm support in Chrome - fixes #1598
• f95dd7a v2.26.2
• 9f3fea4 deps: npm audit fixes across all packages - fixes #1618
• cf7cb3e v2.26.1

See the full diff

Package name: localtunnel

The new version differs by 11 commits.

• d7330a7 v1.9.2
• 5754959 update History.md
• e9d9203 update debug to 4.1.1
• be3dc1a update axios to 0.19.0
• 4d6db16 update yarn.lock with integrity entries
• 41270db Update node versions and default build environment in travis.yml (#307)
• 42ea8ec Bump to UNRELEASED
• 5b313bd v1.9.1
• ef78c19 update History.md
• d0fc61c update debug to 2.6.9
• a4bf6d1 unreleased

See the full diff

Package name: micromatch

The new version differs by 29 commits.

• 89efcff 4.0.0
• f3238cb Merge pull request #151 from micromatch/dev
• 7c78f9a ensure args are strings
• 2e42796 bump picomatch
• 09f8260 windows, it's time we had a talk...
• a49f94c fix slashes in tests
• a6ab670 use braces patch, build readme
• 976d956 upgrade braces and picomatch
• a6596da add benchmarks
• 11168b1 rename unixify to windows
• 5bf40fe package.json: Use github versions of deps to test the env.
• 5d78d48 Drop node v6 since picomatch doesnt support it.
• 96ac3ba Remove duplicate node. Remove unsupported node v7.
• bf44408 Merge branch 'master' into dev
• b8abcf9 Merge remote-tracking branch 'origin/dev'
• e07df11 rebuild docs
• 47340ad Merge remote-tracking branch 'origin/master' into dev
• 52df06d refactor
• 09bd55c Merge pull request #149 from Glazy/hotfix/issue-template-update
• c32543d Add myself to package.json contributors list
• 86858bf Update issue template w/ typo and question change
• f2ce9d2 Merge pull request #130 from wtgtybhertgeghgtwtg/unescape
• 677f127 Merge pull request #134 from Tvrqvoise/v3-changelog
• 4a70a66 Merge pull request #141 from simlu/patch-1

See the full diff

Package name: snyk

The new version differs by 29 commits.

• e14ab9e Merge pull request #185 from snyk/fix/bump-deps
• c6735e4 Merge pull request #184 from snyk/chore/github-release
• ace19f7 Merge pull request #183 from snyk/chore/eslint
• f316024 fix: bump sbt plugin to update 'debug' dep version
• 2c79a4e fix: bump python plugin to fix pipenv monitoring issue
• 975ca1c fix: bump nuget plugin to get rid of an unneeded dep
• 828d579 fix: bump go plugin to update doc/typos
• be8fa57 fix: bump snyk-config to fix env merge issue
• b638a37 chore: eslint instead of jscs
• 0bfeb0b chore: fix github-release for assets uploading
• 9312a04 Merge pull request #181 from snyk/chore/semantic-release
• 6abdfd9 chore: upgrade semantic-release, proper travis & appveyor setup
• 2a6938f feat: add support for Python projects using pipenv
• 179fa24 feat: style wizard prompts to look similar to test
• 9315721 fix: Show more of the error when available
• bd4843f fix: allow node pre-releases
• 2e20440 fix: handle license issues better
• d325836 tests: Update tests
• f0a43a5 fix: enhance user errors to point to snyk docs
• a54c615 fix: Add cliMessage passing to all pkg managers
• a51ad76 feat: add python dockerfiles
• b2ae665 docs: fix docker tag typo
• a517143 fix: use https where possible
• c7f5e29 fix: failing docker image builds

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/ayishagisel/project/2d0e6801-a727-4748-acbf-2e75d2b7bc1f?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/ayishagisel/project/2d0e6801-a727-4748-acbf-2e75d2b7bc1f?utm_source=github&utm_medium=referral&page=fix-pr/settings) 📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) [//]: # (snyk:metadata:{"prId":"7fd075c6-d082-458f-8a0b-a5e64323707a","prPublicId":"7fd075c6-d082-458f-8a0b-a5e64323707a","dependencies":[{"name":"anymatch","from":"2.0.0","to":"3.0.0"},{"name":"braces","from":"2.3.2","to":"3.0.0"},{"name":"browser-sync","from":"2.24.6","to":"2.26.6"},{"name":"localtunnel","from":"1.9.0","to":"1.9.2"},{"name":"micromatch","from":"3.1.10","to":"4.0.0"},{"name":"snyk","from":"1.88.2","to":"1.90.1"}],"packageManager":"npm","projectPublicId":"2d0e6801-a727-4748-acbf-2e75d2b7bc1f","projectUrl":"https://app.snyk.io/org/ayishagisel/project/2d0e6801-a727-4748-acbf-2e75d2b7bc1f?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-DEBUG-3227433"],"upgrade":["SNYK-JS-DEBUG-3227433"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[461]}) --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lessons/redos/javascript/?loc=fix-pr)