[Snyk] Fix for 1 vulnerabilities

[Cryptix720]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: glob

The new version differs by 114 commits.

• a68703e 9.0.0
• 58159ca test: cwd can be a url
• a547a9c more docs
• 42a3ac7 link to bash manual for Pattern Matching
• 474172d update readme with cwd URL support
• ad3904d update readme with posix class support
• b22fc7d minimatch@7.3.0
• cdd1627 update all the things, remove unused mkdirp types
• 75c6416 Merge branch 'v9'
• fa0cd77 cwd can be a file:// url
• d03ed0a typedoc github action
• 9a5a45a put bench results in readme
• 20b2f88 docs, fix benchmark script
• 4829c88 upgrade ci actions
• 5cbacdd minimatch@7.2.0
• 210310b omit symlinks on windows
• d34c8d5 full test coverage, clean up signals and remove extranous code
• 5f21b46 adding lots of tests, clean up types
• b12e6ba slashes on nodir test
• 75f74b0 more windows test slashes
• 3aa1abd more windows test affordances
• 3e68a7b some windows test affordances
• 8c2e082 feature complete and tests passing
• c3be35a correct ** vs ./** behavior

See the full diff

Package name: npm

The new version differs by 250 commits.

• 30a9844 7.21.0
• 0b2cd9d update AUTHORS
• 06461ec docs: changelog for v7.21.0
• 771a1cb chore(tests): fix snapshots
• 71cdfd8 spdx-license-ids@3.0.10
• 94f92de make-fetch-happen@9.0.5
• 7ac621c smart-buffer@4.2.0
• 218caca is-core-module@2.6.0
• ff6626a fix(docs): update npm-publish access flag info
• b6f40b5 tar@6.1.10
• e9e5ee5 @ npmcli/arborist@2.8.2
• 991a3bd read-package-json@4.0.0
• f077724 init-package-json@2.0.4
• 68a19bb fix(error-message): look for er.path not er.file
• ff34d6c feat(cache): initial implementation of ls and rm
• 8183976 normalize-package-data@3.0.3
• df57f0d @ npmcli/run-script@1.8.6
• 487731c fix(logging): sanitize logged argv
• 7a58264 chore(ci): check that docs are up to date in ci
• 22f3bbb chore(docs): add more 'autogenerated' comments
• 4314490 fix(docs): revert auto-generated portion of docs
• 32e88c9 fix(did-you-mean): switch levenshtein libraries
• 59b9851 7.20.6
• 2591e67 update AUTHORS

See the full diff

Package name: npm-registry-fetch

The new version differs by 207 commits.

• 8f61d95 chore: release 14.0.0 (#139)
• c1a2c5a chore: bump cacache from 16.1.3 to 17.0.0 (#147)
• b5aeed0 deps: bump make-fetch-happen from 10.2.1 to 11.0.0 (#146)
• c1c203e chore: postinstall for dependabot template-oss PR
• dcff56f chore: bump @ npmcli/template-oss from 4.4.4 to 4.5.1
• 8762c37 chore: postinstall for dependabot template-oss PR
• 428d241 chore: bump @ npmcli/template-oss from 4.3.2 to 4.4.4
• 104a51f feat!: postinstall for dependabot template-oss PR
• 36f576a chore: bump @ npmcli/template-oss from 3.6.0 to 4.3.2
• ed6304c chore: postinstall for dependabot template-oss PR
• 4a08dd4 chore: bump @ npmcli/template-oss from 3.5.0 to 3.6.0
• de64201 chore(main): release 13.3.1 (#128)
• c9a8727 fix: linting
• a72fb7c chore: rimraf@3.0.2
• 79bddb9 chore: mkdirp@1.0.4
• 8d40cbb chore(main): release 13.3.0 (#126)
• 42d605c feat: respect registry-scoped certfile and keyfile options (#125)
• 43c91f5 chore(main): release 13.2.0 (#124)
• 893ea1c chore: bump @ npmcli/template-oss from 3.4.2 to 3.4.3 (#121)
• ff4ed65 feat: set 'npm-auth-type' header depending on config option (#123)
• 0db6cf8 chore: postinstall for dependabot template-oss PR
• 0c1795e chore: bump @ npmcli/template-oss from 3.4.1 to 3.4.2
• 5f9f823 chore: bump @ npmcli/template-oss from 3.3.2 to 3.4.1 (#119)
• b9848ba chore(main): release 13.1.1 (#110)

See the full diff

Package name: pacote

The new version differs by 250 commits.

• abd1ecb chore: release 15.0.1 (#219)
• 74821c2 deps: bump @ npmcli/run-script from 4.2.1 to 5.0.0 (#229)
• a9844d0 deps: bump @ npmcli/promise-spawn from 3.0.0 to 4.0.0 (#226)
• f3f9970 chore: bump @ npmcli/template-oss from 4.5.1 to 4.6.0 (#225)
• 1058177 deps: bump read-package-json from 5.0.2 to 6.0.0
• 0f5ef8a deps: bump @ npmcli/installed-package-contents from 1.0.7 to 2.0.0
• 7e3b4b5 deps: bump ssri from 9.0.1 to 10.0.0
• 4e7536d deps: bump @ npmcli/git from 3.0.2 to 4.0.0
• 3bc7550 deps: bump npm-pick-manifest from 7.0.2 to 8.0.0
• 41fab27 deps: bump proc-log from 2.0.1 to 3.0.0
• 1e1c58c chore: bump @ npmcli/eslint-config from 3.1.0 to 4.0.0
• 4abf24a deps: bump npm-registry-fetch from 13.3.1 to 14.0.0 (#218)
• e562ba3 chore: release 15.0.0 (#214)
• 43ae022 feat: do not alter file ownership (#216)
• 2ac3980 deps: bump read-package-json-fast from 2.0.3 to 3.0.0
• 48282d2 chore: postinstall for dependabot template-oss PR
• d63b004 chore: bump @ npmcli/template-oss from 4.4.4 to 4.5.1
• e660b7a chore: release 14.0.0
• ee16f1f feat: set as release
• 828f402 chore: postinstall for dependabot template-oss PR
• 538ab4c chore: bump @ npmcli/template-oss from 4.4.2 to 4.4.4
• 5aa45e5 chore: release 14.0.0-pre.3
• d6ef5dc feat: require arborist constructor to be passed in for preparing git dirs (#204)
• 7e7a1e2 chore: release 14.0.0-pre.2

See the full diff

Package name: rimraf

The new version differs by 56 commits.

• 3b6b098 4.0.0
• e0cffea ci: reduce workload even more
• 0e6646d ci: remove unnecessary lint filter
• 546e017 update action versions
• 6d88a65 tone down benchmark intensity
• 842a8d2 fix benchmark workflow yaml
• 1b91697 chore: add copyright year to license
• 08bbb06 rewrite in TS, export hybrid, update changelog, docs
• 1b3f46e drop support for node versions below 14
• 2e1f003 gh actions workflow for benchmarks
• 52f9370 tests for retry-busy behavior
• 188e3ed don't test on very old node versions
• d1d5495 test for fix-eperm
• e7501cd prettier formatting
• 40f64ec windows: only fall back to move-remove when absolutely necessary
• b6f7819 update tap
• 99496cd test: run posix test on windows, why not?
• 51d43c1 benchmarks
• 6b8aa29 doc: correct os.tmp default
• 4b228c9 do not ever actually try to rmdir /
• 2442655 consolidate all the spellings of 'opt' into one
• d4eec2e add cli script
• 0c82d74 accept strings, arrays of strings, and no other types
• ad4f2db Do not rimraf /, override with preserveRoot:false

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.