[Snyk] Security upgrade update-notifier from 2.2.0 to 3.0.0

merge advice

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: update-notifier

The new version differs by 25 commits.

a7bb3ee 3.0.0
ad8ed1b Suggest yarn when installed with yarn (#132)
5f06620 Exit the update check process if it does not respond after 30s (#156)
79e89ad Fix failing test (#155)
c8faa84 Add `distTag` option (#151)
14632e4 Add failing test for #153 (#154)
aafd8a0 Require Node.js 8
0d49f51 Add Tidelift mention in the readme
8df01b3 Fix docs position of `shouldNotifyInNpmScript` (#143)
d371834 Docs: isGlobal option does not default to true (#142)
5cd6577 2.5.0
ac0d3cb Add ability to bypass isNpm check with `shouldNotifyInNpmScript` option (#127)
edbe3d2 2.4.0
83c4daa Add license file
accc884 Fix URI Scheme in package.json (#136)
0ad8e5b Update URL to XO
38d5679 Disable on CI (#116)
3e5cea0 Fix typo in README (#128)
492c21e 2.3.0
3eaa793 Force bump `boxen` dependency
70b8248 package.json indentation
97d0b97 Add is-installed-globally for auto-detection (#114)
6008ccf Meta tweaks
6f2b074 Move to AVA for testing (#121)

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

commonality / generator-community