[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/bundler/package.json
  • packages/bundler/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Breaking Change	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	Yes	No Known Exploit

Commit messages

Package name: espree

The new version differs by 45 commits.

• b26b202 6.1.0
• a11ad1b Build: changelog update for 6.1.0
• 9870c55 Update: improve error messaging when validating ecmaVersion (Can Anything be Done About Selenium Standalone? Polymer/tools#421)
• 3f49224 Fix: tokenize the latest right curly brace (fixes [polymer-cli] Consider allowing resolution to single package in polymer.json Polymer/tools#403) ([polymer-cli] polymer-3-application contains unnecessary _element files Polymer/tools#419)
• f5e58cc Update: support bigint and dynamic import ([polyserve] Update mime dependency Polymer/tools#415)
• d34c40e 6.0.0
• 1974824 Build: changelog update for 6.0.0
• a988a36 Build: add node 12 ([serve] Support multiple --proxy-path and --proxy-target instances Polymer/tools#414)
• c73fd49 6.0.0-alpha.0
• 4d17109 Build: changelog update for 6.0.0-alpha.0
• 493d464 Breaking: validate parser options (fixes [cli] Add an option to rename "node_modules" folder Polymer/tools#384) (polymer init starter-kit doesn't work and return an error "Template polymer-init-starter-kit:app not found Polymer/tools#412)
• a7895ea 5.0.1
• 5e3f123 Build: changelog update for 5.0.1
• c40e2fc Upgrade: acorn@6.0.7 (Get document URL in esm-amd-loader Polymer/tools#407)
• b7f65a3 5.0.0
• b3ca44e Build: changelog update for 5.0.0
• 1bcd563 Breaking: remove attachComment (web-component-tester, test fail: Cannot define class using reflection Polymer/tools#405)
• 35623ee Chore: update linting config (How to modify rollup.config.js? Needed for using Redux. Polymer/tools#406)
• 4b86a7d Build: add node 11 ([cli] Support typescript compilation for component source Polymer/tools#400)
• 7c278d6 Fix: build failing due to incorrectly super() call (fixes Babel v7 (rc) prevents the custom elements polyfill from finding element definitions. Polymer/tools#398) (Hoist typescript and tslint to top-level package.json Polymer/tools#399)
• 6ebc219 Upgrade: eslint & eslint-config-eslint ([wct] Use gts for linting and formatting Polymer/tools#387)
• d3f123e 4.1.0
• a67c1c9 Build: changelog update for 4.1.0
• 8eadb88 Upgrade: acorn 6, acorn-jsx 5, and istanbul (ES modules inside HTML imports rewritten to AMD do not have the correct import.meta.url set Polymer/tools#391)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic