[Snyk] Security upgrade npm from 5.10.0 to 6.6.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: npm

The new version differs by 250 commits.

• bb8688d 6.6.0
• f277bce doc: update changelog for npm@6.6.0
• 46639ba chore: Update package-lock.json for https tarball URLs
• 6c89adb 6.6.0-next.1
• b9d4dcb update AUTHORS
• 371442f doc: update changelog for npm@6.6.0
• c665f35 chore: replace var with const/let in lib/repo.js (#119)
• 5d07635 doc: fix npm-prefix description (#116)
• a5c9e6f cli,outdated: default homepage to an empty string (#124)
• f58b43e audit: report any errors above 400 as potentially not supporting audit (#128)
• c5b6056 Handle git branch references correctly (#123)
• 41f1552 deps: updating semver docs
• 887e943 lru-cache@4.1.5
• 5777ea8 readable-stream@3.1.1
• a0a0ca9 pacote@9.3.0
• 4ffa8a8 query-string@6.2.0
• 3f40251 npm-pick-manifest@2.2.3
• 455476c require-inject@1.4.4
• 740e79e rimraf@2.6.3
• 09a5c2f semver@5.6.0
• e4ffc6a unique-filename@1.1.1
• 8213def npm-packlist@1.2.0
• 66d60e3 marked@0.6.0
• 2a59bfc libnpmhook@5.0.2

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic