[Snyk] Fix for 10 vulnerabilities

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.

Changes included in this PR

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Priority Score (*)	Issue	Breaking Change	Exploit Maturity
696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-CSSWHAT-1298035	Yes	No Known Exploit
616/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.9	Insecure Configuration SNYK-JS-CYPRESS-1255446	Yes	Proof of Concept
696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-ENGINEIO-1056749	No	Proof of Concept
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	Proof of Concept
589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-NTHCHECK-1586032	Yes	No Known Exploit
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	No	Proof of Concept
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	No	Proof of Concept
589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-STYLELINT-1585622	Yes	No Known Exploit
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: cypress-audit

The new version differs by 19 commits.

c52ab29 Bump to v1.0.0
8f8b9eb Bumping to LH8 (#91)
68c0ab2 Bump dns-packet from 1.3.1 to 1.3.4 in /examples/cra-authenticated (#90)
061053e Bump Cypress in examples (#88)
9249d84 Bump hosted-git-info from 2.8.5 to 2.8.9 in /examples/cra-authenticated (#86)
25e5cda Bump hosted-git-info from 2.8.8 to 2.8.9 (#87)
33b4342 Bump underscore from 1.9.2 to 1.13.1 (#82)
492abb0 Bump url-parse from 1.4.7 to 1.5.1 in /examples/cra-authenticated (#84)
e45a671 Bump lodash from 4.17.20 to 4.17.21 (#85)
7a642ae Bump LH (#80)
5d3b715 Bump cypress (#78)
6f59631 Update lighthouse.md (#76)
b8cce1e Update README.md
f6152e1 Switch to gh-actions (#69)
d61ec8e Bumping lighthouse (#68)
9997fbc Adding external url examples project and add it to the CI (#64)
ca56855 Update issue templates
0487a9e Add nx example (#60)
cda427b Adjust Types for Typescript & Allow Headless Mode (#59)

See the full diff

Package name: imagemin-svgo

The new version differs by 4 commits.

beba5b2 9.0.0
a42fbfe Use GitHub Action instead (#44)
43888a0 Upgrade svgo (#43)
11dac11 Update API usage

See the full diff

Package name: imagemin-webp-webpack-plugin

The new version differs by 1 commits.

df41e03 [3.3.4] Dependencies bump

See the full diff

Package name: optimize-css-assets-webpack-plugin

The new version differs by 3 commits.

09d29b3 5.0.5
d0a7da7 feat(deps): update dependencies (#154)
41d1e23 Redirect to css-minimizer-webpack-plugin for webpack 5 or above

See the full diff

Package name: stylelint

The new version differs by 250 commits.

060310c 14.0.0
ff4a1ef Prepare CHANGELOG
8d2f6e1 Bump postcss (#5619)
f552608 Merge pull request #5618 from stylelint/dependabot/npm_and_yarn/husky-7.0.4
7ed17ad Bump husky from 7.0.2 to 7.0.4
4d9f75e Merge pull request #5617 from stylelint/dependabot/npm_and_yarn/jest-27.3.1
bc9dd0b Bump jest from 27.2.5 to 27.3.1
82e2507 Merge pull request #5604 from stylelint/v14
16d259f Update CHANGELOG.md
70b1149 Fix false positives for dynamic-range keywords in media-feature-name-no-unknown (#5613)
8dca498 Show more info in missing customSyntax warning (#5611)
2eee0a9 Remove v14 CI triggers (#5610)
12f8081 14.0.0-0
5dd7ec1 Prepare 14.0.0
67313a3 Add support for `extends` in `overrides` config (#5603)
b6fd2fc Document no need for postcss-html maintainer (#5602)
bf28025 Recommend using shared configs (#5598)
07118d6 Update CHANGELOG.md
367142a Change `ignoreFiles` to be extendable (#5596)
1b4162f Fix conflicts in dependabot
87c5fde Bump picocolors from 0.2.1 to 1.0.0 (#5601)
1f32094 Bump typescript from 4.4.3 to 4.4.4 (#5599)
88b9575 Revise contributors section of README (#5585)
e38da70 Use problem rather than violation in docs and types (#5592)

See the full diff

Package name: webpack-cli

The new version differs by 250 commits.

fb50f76 chore(release): publish new version
2c75aeb chore: new version of the packages
0d05c30 chore(release): publish %s
3f9e151 chore: fix lerna config
2c1e34c tests(generator): enhance init generator tests (#1236)
6ee61b9 Fix loader-generator and plugin-generator tests (#1250)
52956a2 Fixing the typos and grammatical errors in Readme files (#1246)
7faaed2 chore: update Bug_report & Feature_request Templates (#1256)
7a5b33d feat(webpack-cli): added mode argument (#1253)
3715756 tests(webpack-cli): add test case for defaults flag (#1254)
a7cba2f chore: project maintanance and typescript fix (#1247)
7748472 chore: ignore package-lock.json and remove its references (#1252)
a014aa7 docs: fix supported arguments & commands link in README (#1244)
06129a1 feat(webpack-cli): add progress bar for progress flag (#1238)
6cc6a49 chore: post refactor CLI (#1237)
358651e chore: move cli under lerna package (#1225)
2dc495a fix(init): fix webpack config scaffold (#1231)
1ab62d2 tests(generator): add tests for plugin generator (#1235)
d2dd0c1 tests(sourcemap): fix flaky stats statement (#1232)
f6dc680 tests(loader-generator): add tests for loader generator (#1234)
35d1381 tests(generator): enable init generator test (#1233)
66cdcb6 chore(generator): remove transpiled tests (#1229)
f29a170 fix(init): fix the invalid package name (#1228)
8c3a66d chore(cli): updated changelog of v3 (#1224)

See the full diff

Package name: webpack-dashboard

The new version differs by 7 commits.

7052a79 3.3.0
7fc5886 Changes for 3.3.0
b74c883 Chore: webpack5 support. (#319)
bda14ee Chore: Update prod dependencies. (#318)
77039dc Chore: Update devDependencies. (#317)
1e91bbf Infra: Switch to GH actions (#315)
d352e7e Bump handlebars from 4.3.0 to 4.5.3 (#311)

See the full diff

Package name: webpack-dev-server

The new version differs by 250 commits.

c9271b9 chore(release): 4.0.0
18bf369 test: fix stability (#3676)
cdcabb2 fix: respect protocol from browser for manual setup (#3675)
1768d6b fix: initial reloading for lazy compilation (#3662)
4f5bab1 docs: improve examples (#3672)
f2d87fb fix: improve https CLI output (#3673)
0277c5e chore: remove redundant console statements (#3671)
16fcdbc docs: add `ipc` example (#3667)
8915fb8 test: add e2e tests for built in routes (#3669)
4d1cbe1 docs: ask `version` information in issue template (#3668)
b6c1881 chore(deps-dev): bump core-js from 3.16.1 to 3.16.2 (#3666)
ffa8cc5 chore(deps-dev): bump supertest from 6.1.5 to 6.1.6 (#3665)
f1fdaa7 chore(release): 4.0.0-rc.1
c4678bc fix: legacy API (#3660)
d8bdd03 test: fix stability (#3661)
22b1414 refactor: remove `killable` (#3657)
75bafbf test: add e2e tests for module federation (#3658)
493ccbd chore(deps): update `ws` (#3652)
ae8c523 test: add e2e test for universal compiler (#3656)
f94b84f chore(deps): update (#3655)
1923132 test: fix cli
2adfd01 test: fix todo (#3653)
6e2cbde fix: proxy logging and allow to pass options without the `target` option (#3651)
c9ccc96 fix: respect infastructureLogging.level for client.logging (#3613)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

craftcms / spoke-and-chain