[Snyk] Fix for 1 vulnerabilities

[mongoloidkhulmikuki366385]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: copy-webpack-plugin

The new version differs by 40 commits.

• 46af20a chore(release): 7.0.0
• 5d5635f refactor: code (Fix default GPG key type github/docs#567)
• c6f68a5 refactor: code
• 4cea28b refactor: next
• 6c11e21 chore(release): 6.4.0
• db53937 feat: added the `info` option
• 9bc5416 feat: added type `Function` for the `to` option (Fix the autoupdatebranch Action github/docs#563)
• 7167645 chore(release): 6.3.2
• 7b58fd9 fix: watching directories (Ensure that the Actions Skipper never errors out github/docs#558)
• 5215721 chore(release): 6.3.1
• c92b5ee style: default prettier options (repo sync github/docs#556)
• b996923 fix: watching (Move GitHub Action versions to shas github/docs#555)
• fa5aa1b chore(release): 6.3.0
• bc2833e refactor: fix cache (Incorrect type for labels parameter: "array of undefineds" github/docs#549)
• 87a8486 chore(deps): update (Revert "repo sync" github/docs#547)
• b827c6e refactor: logger (Issue.md github/docs#545)
• f98be10 refactor: handle errors (Read.md github/docs#544)
• b971374 refactor: code (/articles/reviewing-proposed-changes-in-a-pull-request github/docs#543)
• db2e3bf feat: added the `sourceFilename` info (original source filename) to assets info (add slack to github integrations list github/docs#542)
• c892451 feat: persistent cache between compilations (webpack@5 only) (chore: Add Markdownlint checking and CI github/docs#541)
• 93936a0 chore(deps): update (Update dmca-takedown-policy.md github/docs#540)
• 36ff46a ci: updated webpack versions Update and rename content/github/getting-started-with-github/githubs-… github/docs#536
• bd09a24 ci: updated webpack versions
• fb60b9b chore(release): 6.2.1

See the full diff

Package name: del

The new version differs by 26 commits.

• cd0543e 6.0.0
• 6c99805 Require Node.js 10
• 1df5280 Readme tweaks
• 4acd962 Add tip about deleting subdirectories (#116)
• 1a0c36c Add mention of GitHub Sponsors
• 1e0d705 Tidelift tasks
• 892ce2a Make it clear that it recursively deletes directories (Show new node.js version github/docs#113)
• 728cb7c Fix benchmark
• 557c1fa 5.1.0
• 12c443d Meta tweaks
• 01da91f Allow non-glob patterns with backslash on Windows (repo sync github/docs#100)
• 9c72270 Add benchmarks (repo sync github/docs#101)
• 1299747 Use graceful-fs (repo sync github/docs#108)
• f509a89 Update dependencies (repo sync github/docs#109)
• ca05c65 Sort removed files (repo sync github/docs#102)
• 51662ac Reverse order back for the returned paths (repo sync github/docs#99)
• 902b594 Meta tweaks
• ffbf4c4 Fix the `cwd` option (Add config.yml for behaviorbot/welcome (#55) github/docs#96)
• 8efdbcd Prevent race condition on macOS when deleting files (repo sync github/docs#95)
• 9e7550b Add note about backward-slashes
• c071180 5.0.0
• a73462c Meta tweaks
• 6f96d2d Update globby to version 10 (#64)
• 6e23f6a Tidelift tasks

See the full diff

Package name: jest

The new version differs by 250 commits.

• 75006e4 v29.0.0
• 7c82a9f chore: update jest-watch-typeahead again
• 352ff29 chore: update changelog for release
• 33ad8c3 docs: Jest 29 blog post (Bas github/docs#13103)
• dda77e5 docs: collapse 28.0 and 28.1 docs (repo sync github/docs#13104)
• c0dc84c chore: update jest-watch-typeahead
• 05f6217 fix: support deep CJS re-exports when using ESM (repo sync github/docs#13170)
• 490fd88 chore: update yarn (github/doc github/docs#13169)
• 98936a2 docs: Update Enzyme links to use new URL (Rename .github/workflows/add-review-template.yml to .github/workflows… github/docs#13166)
• 187566a feat(pretty-format): allow to opt out from sorting object keys with `compareKeys: null` (https://github.com/github/docs/tree/main/translations github/docs#12443)
• ae2bed7 chore: tweak regex used in e2e tests (repo sync github/docs#13129)
• 8c56d74 docs: Update Configuration.md for added special notes on usage scenarios for pnpm. (Duplicate description on customization github/docs#13115)
• fb1c53d feat(jest-config)!: remove undocumented `collectCoverageOnlyFrom` option (Add note on macOS latest in GitHub hosted runners github/docs#13156)
• 075b489 fix: ignore `EISDIR` when resolving symlinks (repo sync github/docs#13157)
• 3bef02e feat(@ jest/test-result, @ jest/types)!: replace `Bytes` and `Milliseconds` types with `number` (repo sync github/docs#13155)
• 4def94b v29.0.0-alpha.6
• 0f00d4e fix: replace non-CLI `rimraf` usage (repo sync github/docs#13151)
• 6a90a2c fix: Allow updating inline snapshots when test includes JSX (Mention Case Sensitivity In CODEOWNERS Docs github/docs#12760)
• 983274a feat: Let `babel` find config when updating inline snapshots (Game Platform github/docs#13150)
• d2ff18a chore: make prettierPath optional in `SnapshotState` (repo sync github/docs#13149)
• 7d8d01c feat(circus): added each to failing tests (repo sync github/docs#13142)
• a5b52a5 chore(types): separate MatcherContext, MatcherUtils and MatcherState (repo sync github/docs#13141)
• 79b5e41 chore: get rid of peer dep warning in website
• 812763d chore: enable 'no-duplicate-imports' (Fix: Fixed small typo in script/README file github/docs#13138)

See the full diff

Package name: linkinator

The new version differs by 128 commits.

• 4310692 feat!: require node.js 16 and up (Fixed broken links in README.md github/docs#550)
• 1a58441 fix(deps): update dependency htmlparser2 to v9 (Revert "repo sync" github/docs#547)
• 18780cb fix(deps): upgrade to glob 9.x (add slack to github integrations list github/docs#542)
• b85bbb3 chore(deps): update dependency semantic-release to v21 (chore: Add Markdownlint checking and CI github/docs#541)
• eca2440 chore(deps): update dependency typescript to v5 (Update dmca-takedown-policy.md github/docs#540)
• 6b2d1d4 chore(deps): update dependency execa to v7 (Specify ssh shell is required to enable dependency graph github/docs#538)
• 2f030bd chore(deps): update dependency semantic-release to v20 (Add more details about workflow_run github/docs#531)
• bd44773 build(deps): bump json5 from 2.2.1 to 2.2.3 (Run windows tests on public repo github/docs#532)
• e3d929b fix(deps): upgrade to the latest meow (App github/docs#530)
• 4396179 chore(deps): update dependency sinon to v15 (example to echo out put from previous step fails github/docs#528)
• ca3f275 fix: remove file import prefix to please ncc (repo sync github/docs#526)
• b39f10b chore(deps): update dependency @ types/node to v18 (link "contributing docs" is missing  github/docs#525)
• 1013780 feat(Config): Support for Javascript based config files (Do installation and installation_repository payloads have the property installation 100% of the times? github/docs#516)
• 7f7f302 chore(deps): update dependency @ types/mocha to v10 (Best MBA College in NCR -Delhi github/docs#521)
• 90fa80e fix: remove update-notifier (Elaborate on how to escape multiple labels in issue templates github/docs#519)
• 9025714 chore(deps): update dependency @ types/glob to v8 (repo sync github/docs#518)
• c5178d2 chore(deps): update dependency @ types/mime to v3 (Update github-developer-program.md github/docs#514)
• fefb5b6 fix: address srcset parsing with multiple spaces (repo sync github/docs#512)
• 15687a1 docs: Update README with https (Update access-permissions-on-github.md github/docs#509)
• 9a8a83c fix: properly parse srcset attribute ($ sudo apt-get update $ sudo apt-get install \ apt-transport-https \ ca-certificates \ curl \ gnupg-agent \ software-properties-common github/docs#510)
• 2cab633 feat: create new release with notes (Missed slash in "if" and minor formatting github/docs#508)
• a376199 fix!: stream CSV results (repo sync github/docs#507)
• 18d808c chore(deps): update dependency @ types/update-notifier to v6 (repo sync github/docs#503)
• 0ee27e0 chore(deps): update dependency got to 11.8.5 [security] (Update testing-webhooks.md github/docs#505)

See the full diff

Package name: puppeteer

The new version differs by 250 commits.

• a07ff12 chore: use scoped tags for publishing (Android phone media TV reeves RWE #545 #544 #171 #88202 #85541 #17132 #480 #61 #93 #09 #1 #57548 #90806 #85541 #90809 #88 #8 #5 github/docs#9055)
• ee1272e chore: release main (repo sync github/docs#9052)
• bafdb47 chore: update pin_dependencies.py (repo sync github/docs#9051)
• d4c6ff1 chore: update pin dependencies (escape('abc123'); // "abc123" escape('äöü'); // "%E4%F6%FC" escape('ć'); // "%u0107" // special characters escape('@*_+-./'); // "@*_+-./"  github/docs#9050)
• d1b61cf chore: update generate sources ([email protected] Update quickstart.md github/docs#9049)
• 9b28a3b chore: use file dependencies at root (repo sync github/docs#9048)
• a359873 chore: pin dependencies on pre-release (Update caching-your-github-credentials-in-git.md github/docs#9046)
• 469ac02 chore: fix release-please (repo sync github/docs#9044)
• f42336c feat: separate puppeteer and puppeteer-core (repo sync github/docs#9023)
• 3aee641 chore(main): release 18.1.0 (repo sync github/docs#9042)
• 022fbde feat(chromium): roll to Chromium 107.0.5296.0 (r1045629) (#9039)
• b7b07e3 chore: add documentation to xpath prefix and deprecated page.waitForTimeout (repo sync github/docs#9014)
• 5dbd69e chore: type in waitForRequest function description (example for self-hosted runners in the wild github/docs#9015)
• c0c7878 chore: initiate monorepo migration (repo sync github/docs#9022)
• 2a21896 chore: rename vendor to third_party (repo sync github/docs#9021)
• f8de7b1 chore: bundle vendor code (repo sync github/docs#9016)
• d06a905 chore: update deps (Update about-community-profiles-for-public-repositories.md github/docs#9013)
• 023ebd8 chore: enable firefox tests on Mac (repo sync github/docs#9002)
• a00d466 chore: add strategy.fail-fast=false (repo sync github/docs#9007)
• 5a1b8d2 chore: add headful support for Firefox (Syntax for GitHub's form schema is incorrect with relation to IDs github/docs#9004)
• c21c3ba chore: remove environment variable that forces WebRender to be disabled in Firefox (repo sync github/docs#9001)
• a6f4584 chore: clarify build instructions (repo sync github/docs#9000)
• 3939d55 chore: enable continue on error (Fix wording in CodeSpaces Deep Dive github/docs#9003)
• ddc567a chore(main): release 18.0.5 (repo sync github/docs#8997)

See the full diff

Package name: rimraf

The new version differs by 46 commits.

• 3b6b098 4.0.0
• e0cffea ci: reduce workload even more
• 0e6646d ci: remove unnecessary lint filter
• 546e017 update action versions
• 6d88a65 tone down benchmark intensity
• 842a8d2 fix benchmark workflow yaml
• 1b91697 chore: add copyright year to license
• 08bbb06 rewrite in TS, export hybrid, update changelog, docs
• 1b3f46e drop support for node versions below 14
• 2e1f003 gh actions workflow for benchmarks
• 52f9370 tests for retry-busy behavior
• 188e3ed don't test on very old node versions
• d1d5495 test for fix-eperm
• e7501cd prettier formatting
• 40f64ec windows: only fall back to move-remove when absolutely necessary
• b6f7819 update tap
• 99496cd test: run posix test on windows, why not?
• 51d43c1 benchmarks
• 6b8aa29 doc: correct os.tmp default
• 4b228c9 do not ever actually try to rmdir /
• 2442655 consolidate all the spellings of 'opt' into one
• d4eec2e add cli script
• 0c82d74 accept strings, arrays of strings, and no other types
• ad4f2db Do not rimraf /, override with preserveRoot:false

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[performance-testing-bot]

Unable to locate .performanceTestingBot config file

[pull-request-quantifier-deprecated]

This PR has 12 quantified lines of changes. In general, a change size of upto 200 lines is ideal for the best PR experience!

---

Quantification details

Label      : Extra Small
Size       : +6 -6
Percentile : 4.8%

Total files changed: 1

Change summary by file extension:
.json : +6 -6

Change counts above are quantified counts, based on the PullRequestQuantifier customizations.

Why proper sizing of changes matters

Optimal pull request sizes drive a better predictable PR flow as they strike a
balance between between PR complexity and PR review overhead. PRs within the
optimal size (typical small, or medium sized PRs) mean:

• Fast and predictable releases to production:
  • Optimal size changes are more likely to be reviewed faster with fewer
    iterations.
  • Similarity in low PR complexity drives similar review times.
• Review quality is likely higher as complexity is lower:
  • Bugs are more likely to be detected.
  • Code inconsistencies are more likely to be detected.
• Knowledge sharing is improved within the participants:
  • Small portions can be assimilated better.
• Better engineering practices are exercised:
  • Solving big problems by dividing them in well contained, smaller problems.
  • Exercising separation of concerns within the code changes.

What can I do to optimize my changes

• Use the PullRequestQuantifier to quantify your PR accurately
  • Create a context profile for your repo using the context generator
  • Exclude files that are not necessary to be reviewed or do not increase the review complexity. Example: Autogenerated code, docs, project IDE setting files, binaries, etc. Check out the Excluded section from your prquantifier.yaml context profile.
  • Understand your typical change complexity, drive towards the desired complexity by adjusting the label mapping in your prquantifier.yaml context profile.
  • Only use the labels that matter to you, see context specification to customize your prquantifier.yaml context profile.
• Change your engineering behaviors
  • For PRs that fall outside of the desired spectrum, review the details and check if:
    • Your PR could be split in smaller, self-contained PRs instead
    • Your PR only solves one particular issue. (For example, don't refactor and code new features in the same PR).

How to interpret the change counts in git diff output

• One line was added: +1 -0
• One line was deleted: +0 -1
• One line was modified: +1 -1 (git diff doesn't know about modified, it will
  interpret that line like one addition plus one deletion)
• Change percentiles: Change characteristics (addition, deletion, modification)
  of this PR in relation to all other PRs within the repository.

---

Was this comment helpful? 👍  :ok_hand:  :thumbsdown: (Email)
Customize PullRequestQuantifier for this repository.

[vizipi]

Pull request analysis by VIZIPI

Below you will find who is the most qualified team member to review your code.
This analysis includes his/her work on the code included in this Pull request, in addition to their experience in code affected by these changes ( partly found within the list of potential missing files below )   Feedback always welcome

No other active qualified developers found to review these specific changes. You might consider involving more team members with these code segments.

---

Potential missing files from this Pull request

files commonly committed with a subset of this pr, but not committed this time. (click to collapse)

File	Percentile	rate
package-lock.json	72.76 %	187 out of 257 times

---

Committed file ranks

(click to expand)

100.00%[package.json]