This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
#### Vulnerabilities that will be fixed
##### With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity
:-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------
 | **696/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS) [SNYK-JS-ANSIREGEX-1583908](https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908) | Yes | Proof of Concept
 | **681/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 7.2 | Command Injection [SNYK-JS-LODASHTEMPLATE-1088054](https://snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054) | Yes | Proof of Concept
 | **586/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 5.3 | Open Redirect [SNYK-JS-NODEFORGE-2330875](https://snyk.io/vuln/SNYK-JS-NODEFORGE-2330875) | Yes | Proof of Concept
 | **529/1000** **Why?** Has a fix available, CVSS 6.3 | Prototype Pollution [SNYK-JS-NODEFORGE-2331908](https://snyk.io/vuln/SNYK-JS-NODEFORGE-2331908) | Yes | No Known Exploit
 | **494/1000** **Why?** Has a fix available, CVSS 5.6 | Improper Verification of Cryptographic Signature [SNYK-JS-NODEFORGE-2430337](https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430337) | Yes | No Known Exploit
 | **579/1000** **Why?** Has a fix available, CVSS 7.3 | Improper Verification of Cryptographic Signature [SNYK-JS-NODEFORGE-2430339](https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430339) | Yes | No Known Exploit
 | **494/1000** **Why?** Has a fix available, CVSS 5.6 | Improper Verification of Cryptographic Signature [SNYK-JS-NODEFORGE-2430341](https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430341) | Yes | No Known Exploit
 | **646/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 6.5 | Server-side Request Forgery (SSRF) [SNYK-JS-REQUEST-3361831](https://snyk.io/vuln/SNYK-JS-REQUEST-3361831) | No | Proof of Concept
 | **646/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 6.5 | Prototype Pollution [SNYK-JS-TOUGHCOOKIE-5672873](https://snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873) | No | Proof of Concept
 | **589/1000** **Why?** Has a fix available, CVSS 7.5 | Prototype Pollution [SNYK-JS-UNSETVALUE-2400660](https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660) | Yes | No Known Exploit
(*) Note that the real score may have changed since the PR was raised.
Commit messagesPackage name: babel-jest
The new version differs by 22 commits.
f993ab4 Add missing spaces in multiline logs (#2627)
6d38919 Allow cacheKeyWillBeUsed to influence the request method check (#2616)
See the full diff
Check the changes in this PR to ensure they won't cause issues with your project.
------------
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.*
For more information:
🧐 [View latest project report](https://app.snyk.io/org/twilio-47w/project/4d3102f0-55b0-44b0-a37b-5939fdbc2f08?utm_source=github-enterprise&utm_medium=referral&page=fix-pr)
🛠 [Adjust project settings](https://app.snyk.io/org/twilio-47w/project/4d3102f0-55b0-44b0-a37b-5939fdbc2f08?utm_source=github-enterprise&utm_medium=referral&page=fix-pr/settings)
📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities)
[//]: # (snyk:metadata:{"prId":"739dfc5e-5a10-4da7-a72c-af3b0be198d0","prPublicId":"739dfc5e-5a10-4da7-a72c-af3b0be198d0","dependencies":[{"name":"babel-jest","from":"24.9.0","to":"25.0.0"},{"name":"html-webpack-plugin","from":"4.0.0","to":"5.5.0"},{"name":"jest","from":"26.0.0","to":"27.0.0"},{"name":"jest-watch-typeahead","from":"0.4.2","to":"0.5.0"},{"name":"react-dev-utils","from":"11.0.4","to":"12.0.0"},{"name":"start-server-and-test","from":"1.11.0","to":"1.11.1"},{"name":"webpack","from":"4.42.0","to":"5.0.0"},{"name":"webpack-dev-server","from":"3.11.0","to":"4.7.3"},{"name":"workbox-webpack-plugin","from":"4.3.1","to":"6.0.0"}],"packageManager":"npm","projectPublicId":"4d3102f0-55b0-44b0-a37b-5939fdbc2f08","projectUrl":"https://app.snyk.io/org/twilio-47w/project/4d3102f0-55b0-44b0-a37b-5939fdbc2f08?utm_source=github-enterprise&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-ANSIREGEX-1583908","SNYK-JS-LODASHTEMPLATE-1088054","SNYK-JS-NODEFORGE-2330875","SNYK-JS-NODEFORGE-2331908","SNYK-JS-NODEFORGE-2430337","SNYK-JS-NODEFORGE-2430339","SNYK-JS-NODEFORGE-2430341","SNYK-JS-REQUEST-3361831","SNYK-JS-TOUGHCOOKIE-5672873","SNYK-JS-UNSETVALUE-2400660"],"upgrade":["SNYK-JS-ANSIREGEX-1583908","SNYK-JS-LODASHTEMPLATE-1088054","SNYK-JS-NODEFORGE-2330875","SNYK-JS-NODEFORGE-2331908","SNYK-JS-NODEFORGE-2430337","SNYK-JS-NODEFORGE-2430339","SNYK-JS-NODEFORGE-2430341","SNYK-JS-REQUEST-3361831","SNYK-JS-TOUGHCOOKIE-5672873","SNYK-JS-UNSETVALUE-2400660"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[696,681,586,529,494,579,494,646,646,589],"remediationStrategy":"vuln"})
---
**Learn how to fix vulnerabilities with free interactive lessons:**
🦉 [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lesson/redos/?loc=fix-pr)
🦉 [Open Redirect](https://learn.snyk.io/lesson/open-redirect/?loc=fix-pr)
🦉 [Prototype Pollution](https://learn.snyk.io/lesson/prototype-pollution/?loc=fix-pr)
🦉 [More lessons are available in Snyk Learn](https://learn.snyk.io/?loc=fix-pr)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json - package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **696/1000****Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-ANSIREGEX-1583908](https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908) | Yes | Proof of Concept  | **681/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.2 | Command Injection
[SNYK-JS-LODASHTEMPLATE-1088054](https://snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054) | Yes | Proof of Concept  | **586/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 5.3 | Open Redirect
[SNYK-JS-NODEFORGE-2330875](https://snyk.io/vuln/SNYK-JS-NODEFORGE-2330875) | Yes | Proof of Concept  | **529/1000**
**Why?** Has a fix available, CVSS 6.3 | Prototype Pollution
[SNYK-JS-NODEFORGE-2331908](https://snyk.io/vuln/SNYK-JS-NODEFORGE-2331908) | Yes | No Known Exploit  | **494/1000**
**Why?** Has a fix available, CVSS 5.6 | Improper Verification of Cryptographic Signature
[SNYK-JS-NODEFORGE-2430337](https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430337) | Yes | No Known Exploit  | **579/1000**
**Why?** Has a fix available, CVSS 7.3 | Improper Verification of Cryptographic Signature
[SNYK-JS-NODEFORGE-2430339](https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430339) | Yes | No Known Exploit  | **494/1000**
**Why?** Has a fix available, CVSS 5.6 | Improper Verification of Cryptographic Signature
[SNYK-JS-NODEFORGE-2430341](https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430341) | Yes | No Known Exploit  | **646/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 6.5 | Server-side Request Forgery (SSRF)
[SNYK-JS-REQUEST-3361831](https://snyk.io/vuln/SNYK-JS-REQUEST-3361831) | No | Proof of Concept  | **646/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 6.5 | Prototype Pollution
[SNYK-JS-TOUGHCOOKIE-5672873](https://snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873) | No | Proof of Concept  | **589/1000**
**Why?** Has a fix available, CVSS 7.5 | Prototype Pollution
[SNYK-JS-UNSETVALUE-2400660](https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660) | Yes | No Known Exploit (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: babel-jest
The new version differs by 22 commits.- ff9269b chore: bump most dated deps (#8850)
- 7594141 chore: upgrade to eslint@6 (#8855)
- b33ce0d chore: upgrade to micromatch v4 (#8852)
- d6ff72a chore: add node 12 to CI (#8411)
- 7e9b4ea chore: upgrade jsdom (#8851)
- 4bb7a2d Use `weak-napi` instead of `weak` in `jest-leak-detector`
- ce47c6c Get rid of Node 6 support (#8455)
- bc5c3c7 jest-snapshot: Remove only the added newlines in multiline snapshots (#8859)
- d523fa8 bug.md: highlights placeholder should be removed (#8836)
- 08f109c expect: Display expectedDiff more carefully in toBeCloseTo (#8389)
- b09de2d chore: bump node-notifier for node v6 support
- 557a39f fix(linter): Fix linting failure introduced in #8847 😓 (#8849)
- 012472b fix(docs): Update broken links in docs. (#8847)
- ee2bea1 chore: sort member in imports (#8846)
- 9ba4594 add Chinese Jest work with AngularJS tutorial (#8828)
- 0e5b363 chore: reduce reliance on esModuleInterop (#8842)
- d69f8d3 getTimerCount will not include cancelled immediates (#8764)
- b4bd77b Fix grammar: "your jest's config"->"your Jest..." (#8843)
- 54b3dcf Fix grammar: "a known issues"->"a known issue" (#8844)
- e76c7da docs: update matchMedia methods (#8835)
- 23b9860 chore: roll new version of docs
- 3cdbd55 Release 24.9.0
See the full diffPackage name: html-webpack-plugin
The new version differs by 152 commits.- 873d75b chore(release): 5.5.0
- ddeb774 chore: update examples
- 1e42625 feat: Support type=module via scriptLoading option
- 7d3645b Bump pretty-error to 4.0.0 to fix transitive vuln for ansi-regex CVE-2021-3807
- 79be779 [chore] changes actions to run on pull_requests
- b7e5859 [chore] fixes CI to avoid race conditions
- 48131d3 chore(release): 5.4.0
- 16a841a [chore] rebuild examples
- 3bb7c17 Update index.js
- e38ac97 Update index.js
- f08bd02 [chore] updates fixtures
- d62a10f [chore] upgrades html-minifier-terser@5.0.0 -> 6.0.2
- 2f5de7a Remove archived plugin
- 8f8f7c5 chore(release): 5.3.2
- 053c6e6 chore: update snapshot tests for webpack 5.4.0
- 9c7fba0 Fix security vulnerabilities
- b98fbeb Fix security vulnerabilities
- 25cdfc7 Added inject-body-webpack-plugin to readme
- 0e4c1fb Update README to document actual behavior
- 0a6568d chore(release): 5.3.1
- 82d0ee8 fix: remove loader-utils from plugin core
- 6f39192 chore(release): 5.3.0
- d654f5b feat: allow to modify the interpolation options in webpack config
- 41d7a50 feat: drop loader-utils dependency
See the full diffPackage name: jest
The new version differs by 250 commits.- be16e47 v27.0.0
- 63102ec chore: update changelog for release
- 564694a docs(blog): Jest 27 blog post (#11131)
- b68d91b feat(pretty-print): add option `printBasicPrototype` (#11441)
- 2226742 chore: minor simplify format results error (#11432)
- 78eb25d chore: remove needless assign (#11433)
- 696c455 chore: update lockfile after publish
- e2eb9ae v27.0.0-next.11
- 3b253f8 Wait for closed resources to actually close before detecting open handles (#11429)
- 27bee72 fix: run GC before collecting open handles (#11278)
- 50451df feat: use fallback if prettier not found (#11400)
- 150dbd8 chore: update lockfile after publish
- 6f44529 v27.0.0-next.10
- cbcec7d Upgrade fsevents in jest-haste-map (#11428)
- 9633a26 feat: support reporters written in ESM (#11427)
- 59f42d8 fix: do not cache modules that throw during evaluation (#11263)
- 57e32e9 Detect open handles with done callbacks (#11382)
- a397607 Document and test dontThrow for custom inline snapshot matchers (#10995)
- 4fa3a0b feat: custom haste (#11107)
- 2047a36 chore: bump deps (#11419)
- a4358d6 chore: run prettier on changelog
- bdd6282 Move all default values into `jest-config` (#9924)
- db643a1 Link to Jest config (#11106)
- b16082c Fix locale issue #10014 (#11412)
See the full diffPackage name: start-server-and-test
The new version differs by 6 commits.- 885a60b fix: update dependency wait-on to v5 (#257)
- b5d6cb4 name action job
- 77c490a add github actions badge to readme
- 2c16fde set up semantic release for #270
- e5789e2 add github actions for #270
- 269553a Note for yarn users in readme (#256)
See the full diffPackage name: webpack
The new version differs by 250 commits.- 610f368 5.0.0
- 5ce65c1 update examples
- bbe1230 Merge pull request #11628 from webpack/bugfix/real-content-hash
- 75ecff2 5.0.0-rc.6
- bfc35d6 Merge pull request #11603 from MayaWolf/master
- 76e8cbd Merge pull request #11622 from webpack/dependabot/npm_and_yarn/types/node-13.13.25
- 9fd1be2 chore(deps-dev): bump @ types/node from 13.13.23 to 13.13.25
- 36bcfaa Merge pull request #11621 from webpack/bugfix/11619
- 9130d10 fix called variables with ProvidePlugin
- 3e42105 Merge pull request #11620 from webpack/bugfix/11617
- 4709719 skip connections copied to concatenated module
- 57b493f 5.0.0-rc.5
- 1658e2f Merge pull request #11618 from webpack/bugfix/11615
- a8fb45d fixes crash in SideEffectsFlagPlugin
- 84b196d emit error instead of crashing when unexpected problem occurs
- 5573fed Merge pull request #11601 from Hornwitser/improve-suggested-polyfill-config
- 9b5cce9 Merge pull request #11609 from snitin315/export-types
- 37c495c export type RuleSetUseItem
- 39faf34 export type RuleSetUse
- e5fd246 export type RuleSetConditionAbsolute
- 660baad export RuleSetCondition types
- 13e3ca5 Merge pull request #11602 from webpack/bugfix/shared-runtime-chunk
- 9c0587e Merge pull request #11606 from webpack/dependabot/npm_and_yarn/simple-git-2.21.0
- 502d166 Merge pull request #11607 from webpack/dependabot/npm_and_yarn/acorn-8.0.4
See the full diffPackage name: webpack-dev-server
The new version differs by 250 commits.- 5280ee7 docs: fix typo
- d834582 chore(release): 4.7.3
- 7b8c85b chore(deps): update `selfsigned` (#4170)
- d598325 chore: fix lint
- c1907f1 refactor: remove redundant `if` statements (#4158)
- e535f25 ci: debug (#4144)
- 75999bb chore(release): 4.7.2
- 90a96f7 ci: fix (#4143)
- f6bc644 fix: compatible with `onAfterSetupMiddleware`
- 317e4b9 docs: fix testing instructions (#4133)
- ff4550e test: remove redundant test cases related to 3rd party code (#4131)
- 0dd1ee6 test: add e2e tests for `setupExitSignals` option (#4130)
- afe4975 chore(release): 4.1.7
- 4e5d8ea fix: droped `url` package (#4132)
- b0c98f0 chore(release): 4.7.0
- 3138213 chore(deps): update (#4127)
- 8f02c3f feat: added types
- f4fb15f fix: update description of `onAfterSetupMiddleware` and `onBeforeSetupMiddleware` options (#4126)
- 37b73d5 test: add e2e test for `WEBPACK_SERVE` env variable (#4125)
- f5a9d05 chore(deps-dev): bump eslint from 8.4.1 to 8.5.0 (#4121)
- c9b959f chore(deps): bump ws from 8.3.0 to 8.4.0 (#4124)
- 42208aa chore(deps-dev): bump lint-staged from 12.1.2 to 12.1.3 (#4122)
- f440f84 chore(deps): bump express from 4.17.1 to 4.17.2 (#4120)
- c13aa56 feat: added the `setupMiddlewares` option (#4068)
See the full diffPackage name: workbox-webpack-plugin
The new version differs by 250 commits.- 9cbed27 v6.0.0
- e2bae90 Misc. webpack changes (#2683)
- f2ef912 Re-enable yarn test
- 1567f16 rc.0
- 43c375f v6.0.0-rc.0
- 5692d74 Update the stage at which the webpack plugin runs (#2675)
- 666f7e4 Make use of AssetInfo in webpack build (#2673)
- 06e51db Feature/workbox recipes (#2664)
- 57ad215 Add declare to WorkboxPlugin interface (#2657)
- c2eddf4 Mark BackgroundSyncPlugin options param as optional (#2656)
- df93286 Don't update data: sourcemaps (#2654)
- ed69eca Updates for html-webpack-plugin and webpack v5 (#2651)
- bf8c949 networkTimeoutSeconds in NetworkOnly (#2620)
- d62c185 Version bumps
- f78cfb8 Remove importScriptsViaChunks JSDoc (#2650)
- 00ba074 v6.0.0-alpha.3
- 4669bdc Task needs to be async
- cbb18c8 webpack v5 compatibility (#2641)
- ff9d868 Adjust PrecacheEntry type to allow null revisions (#2645)
- ae29e17 Warn when an async matchCallback is used (#2591)
- a6751b9 Precaching updates for v6 (#2639)
- bb21e82 Add gulp build to hint (#2629)
- f993ab4 Add missing spaces in multiline logs (#2627)
- 6d38919 Allow cacheKeyWillBeUsed to influence the request method check (#2616)
See the full diff