This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
#### Vulnerabilities that will be fixed
##### With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity
:-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------
 | **768/1000** **Why?** Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5 | Prototype Pollution [SNYK-JS-LODASH-6139239](https://snyk.io/vuln/SNYK-JS-LODASH-6139239) | Yes | Proof of Concept
(*) Note that the real score may have changed since the PR was raised.
Commit messagesPackage name: babel-eslint
The new version differs by 6 commits.
8186280 Bump word-wrap from 1.2.3 to 1.2.4 (#2526)
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project.
------------
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.*
For more information:
π§ [View latest project report](https://app.snyk.io/org/stashaway-devops/project/b01436c9-cdae-4270-9510-13b288b2fdf9?utm_source=github&utm_medium=referral&page=fix-pr)
π [Adjust project settings](https://app.snyk.io/org/stashaway-devops/project/b01436c9-cdae-4270-9510-13b288b2fdf9?utm_source=github&utm_medium=referral&page=fix-pr/settings)
π [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities)
[//]: # (snyk:metadata:{"prId":"af19cd79-30c2-4db2-b7f4-3f4203ee4214","prPublicId":"af19cd79-30c2-4db2-b7f4-3f4203ee4214","dependencies":[{"name":"babel-eslint","from":"10.0.1","to":"10.1.0"},{"name":"lodash","from":"4.17.11","to":"4.17.17"},{"name":"sinon","from":"7.3.2","to":"16.1.2"}],"packageManager":"npm","projectPublicId":"b01436c9-cdae-4270-9510-13b288b2fdf9","projectUrl":"https://app.snyk.io/org/stashaway-devops/project/b01436c9-cdae-4270-9510-13b288b2fdf9?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-LODASH-6139239"],"upgrade":["SNYK-JS-LODASH-6139239"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[768],"remediationStrategy":"vuln"})
---
**Learn how to fix vulnerabilities with free interactive lessons:**
π¦ [Prototype Pollution](https://learn.snyk.io/lesson/prototype-pollution/?loc=fix-pr)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **768/1000****Why?** Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5 | Prototype Pollution
[SNYK-JS-LODASH-6139239](https://snyk.io/vuln/SNYK-JS-LODASH-6139239) | Yes | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: babel-eslint
The new version differs by 6 commits.- 4bd049e 10.1.0
- 2c754a8 Update Babel to ^7.7.0 and enable Flow enums parsing (#812)
- 183d13e 10.0.3
- 354953d fix: require eslint dependencies from eslint base (#794)
- 48f6d78 10.0.2
- 0241b48 removed unused file reference (#773)
See the full diffPackage name: sinon
The new version differs by 250 commits.- 6547aa1 16.1.2
- 9ea3d5b Fix hooks-install
- 6c28d07 16.1.1
- ff0e993 Showcase #replace.usingAccessor for DI in the typescript case study (#2556)
- c47a4be Bump @ babel/traverse from 7.22.5 to 7.23.2 (#2555)
- f0d250b Add TOC feature to articles (#2554)
- 737736f 16.1.0
- cac5184 Enable use of assignment in the presence of accessors (#2538)
- f8c20e5 New article: making Sinon work with complex setups (#2540)
- cb5b962 Add NPM script 'dev-docs' and document its usage
- dd7c609 Add a little update to contributing
- 79acdf3 Move tool versions into single file at root
- 03b1db5 Expose Changelog page (#2550)
- e1c3dad Add section on tooling and recommend using ASDF for tool versioning (#2547)
- 062e318 16.0.0
- c339605 fix(2525): ensure non empty message when error of type string is passed, but no message (#2544)
- 8d1f85b Modernize build script syntax slightly (#2546)
- 67a8cea docs(sandbox): fix example that defines a non-function property (#2543)
- baa1aee .define method (#2539)
- 2ddf7ff Bump actions/checkout from 3 to 4 (#2542)
- 5fc17c7 Remove dead code
- fe799e7 Fix issue 2534: spies are not restored (#2535)
- 305fb6c fix: actaully reset 'injectedKeys' (#2456)
- 8186280 Bump word-wrap from 1.2.3 to 1.2.4 (#2526)
See the full diff