[Snyk] Security upgrade yeoman-generator from 5.10.0 to 6.0.0

[matrix-compute]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • superset-frontend/packages/generator-superset/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	220/1000 Why? Confidentiality impact: High, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00043, Social Trends: No, Days since published: 0, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 7.84, Likelihood: 2.81, Score Version: V5	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: yeoman-generator

The new version differs by 88 commits.

• 5e59844 6.0.0
• 4296f50 6.0.0-rc.6
• b224faa fix typo
• 7f1f8e1 allow to customize queueTransformStream priority
• 0eb085f 6.0.0-rc.5
• 232587e Run own or immediately extended beforeQueue ([sqllab] add autocomplete to AceEditor for table and column names apache/superset#1475)
• 1938e71 Bump actions/checkout from 3 to 4 (Celery errors out with MySQL server gone away. apache/superset#1473)
• 2d8b8b1 Bump execa from 7.1.1 to 8.0.1 (run_specific_test: take the test as parameter apache/superset#1469)
• 5b729fe Bump read-pkg-up from 9.1.0 to 10.1.0 (faq: document database engine for caravel backend options apache/superset#1470)
• 465aea2 6.0.0-rc.4
• df635f1 Fix composeLocallyWithOptions with a factory
• 7e6b0c0 6.0.0-rc.3
• 5291e9c allow to ignore 'This Generator is empty' error
• 454b3ec Bump c8 from 7.13.0 to 8.0.0 (Chris/sankey refresh apache/superset#1457)
• 077c6e9 6.0.0-rc.2
• 02e6785 don't emit error at environment, environment's queueTask to handle failures.
• a75dbf8 6.0.0-rc.1
• 7fa5597 replace lodash with lodash-es
• fbae307 use TestAdapter from @ yeoman/adapter
• 580ba5c add spawn/spawnSync
• 66fd6be bump got package
• 9428e88 Revert "disable spawn-command test due to got package bug."
• 1d2889d make test compatible with environment 4
• 1a11e03 6.0.0-rc.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Server-side Request Forgery (SSRF)

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (aa3c3c5) 69.19% compared to head (d603940) 69.17%.

Additional details and impacted files

@@            Coverage Diff             @@
##           master      #48      +/-   ##
==========================================
- Coverage   69.19%   69.17%   -0.02%     
==========================================
  Files        1946     1946              
  Lines       75969    75969              
  Branches     8469     8469              
==========================================
- Hits        52564    52552      -12     
- Misses      21219    21231      +12     
  Partials     2186     2186              

Flag	Coverage Δ
hive	53.67% <ø> (ø)
mysql	?
postgres	78.18% <ø> (ø)
presto	53.63% <ø> (ø)
python	82.83% <ø> (-0.04%)	⬇️
sqlite	76.84% <ø> (ø)
unit	55.79% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.