[Snyk] Fix for 3 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • resources/load-test/package.json
  • resources/load-test/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	619/1000 Why? Has a fix available, CVSS 8.1	Prototype Pollution SNYK-JS-AJV-584908	No	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	526/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.1	Arbitrary Code Injection SNYK-JS-EJS-1049328	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: eslint

The new version differs by 250 commits.

• 3dd6741 7.0.0
• 9a722f9 Build: changelog update for 7.0.0
• b98d8bd Upgrade: [email protected] (How to view 2 participants continuously. Like when there is 3 participants. Right now it will hide one view which is in large picture. Need to show fixed visible for 2 participants? .  jitsi/jitsi-meet#13271)
• 4c0b028 Fix: remove Node.js and CommonJS category from build process (fix(dev) fix dev server watcher limit on macOS jitsi/jitsi-meet#13242)
• 401a687 Chore: fix rules list for prereleases (chore(deps) lib-jitsi-meet@latest jitsi/jitsi-meet#13230)
• 4ef6158 Breaking: [email protected] (Login screen doesn't log in (on iPad, Jitsi Meet 23.0.0) jitsi/jitsi-meet#13270)
• b5c8d73 Docs: update 7.0.0 migration guide for consistency (fix(dial-in) Make text selectable on Dial In page jitsi/jitsi-meet#13267)
• 356fdb4 Docs: add migration guide (feature: empty token verification allow list jitsi/jitsi-meet#12692)
• 015edf6 Sponsors: Sync README with website
• fdfa364 7.0.0-rc.0
• 8d1b4db Build: changelog update for 7.0.0-rc.0
• 0b1d65a Update: Improve report location for array-callback-return (refs fix(local-recording) Don't use tab audio jitsi/jitsi-meet#12334) (chore(deps) lib-jitsi-meet@latest jitsi/jitsi-meet#13109)
• d85e291 Fix: yoda left string fix for exceptRange (fixes chore(deps) lib-jitsi-meet@latest jitsi/jitsi-meet#12883) (APP_NAME as environment variable jitsi/jitsi-meet#13052)
• 2ce6bed Chore: added tests for nested arrays (fix(external-api): Set ifame.src before adding it. jitsi/jitsi-meet#13145)
• d3aac53 Update: report backtick loc in no-unexpected-multiline (refs fix(local-recording) Don't use tab audio jitsi/jitsi-meet#12334) (ref(TS) Convert some components to TS jitsi/jitsi-meet#13142)
• 8e7a2d9 Fix: func-call-spacing "never" reports wrong message (fixes fix(device-picker) Close picker when another is open jitsi/jitsi-meet#13190) (ref(audio-picker) Styles refactor jitsi/jitsi-meet#13193)
• bcafd0f Update: Add ESLint API (refs New: ESLint Class Replacing CLIEngine eslint/rfcs#40) (Can i run npm install on windows jitsi/jitsi-meet#12939)
• 3eeae56 Upgrade: some (dev) deps (chore(deps) lib-jitsi-meet@latest jitsi/jitsi-meet#13155)
• 6b7030b Chore: Run tests on Node.js v14 ([Android SDK] Screen sharing not working for Android 10, 11, 12 [Edit] jitsi/jitsi-meet#13210)
• ebc28d7 Fix: Remove default .js from --ext CLI option (Update main-vi.json jitsi/jitsi-meet#13176)
• 5c1bdeb Update: Improve report location for getter-return (refs fix(local-recording) Don't use tab audio jitsi/jitsi-meet#12334) (feat(external-api) support assumed bandwidth bps config and command jitsi/jitsi-meet#13164)
• 56d2bee Docs: fix typos (Whiteboard doesn't show when there's more than one person in the meeting jitsi/jitsi-meet#13204)
• e13256e Chore: use espree.latestEcmaVersion in config-initializer (feature: clear base.html jitsi/jitsi-meet#13157)
• e4f57b7 Chore: add nested array tests for array-element-newline (fix: revert base.html clearing jitsi/jitsi-meet#13161)

See the full diff

Package name: style-loader

The new version differs by 14 commits.

• 5d73db7 chore(release): 0.20.0
• 08ce425 chore(package): update dependencies
• 28f603f refactor: remove comments from bundle source code
• dda8b89 test: rename && update HMR tests
• 23c3567 fix(options): add `transform` option validation (`{String}`)
• e0c4b19 fix(options): support passing a `{Function}` (`options.insertInto`)
• ac8430c ci(travis): update `node` v4.3.0...4.8.0
• 0eb8fe7 feat: support passing a `{Function}` (`options.insertInto`) (Can not see anyone else jitsi/jitsi-meet#279)
• 3a4cb53 fix(index): enable HMR in case `locals` (`css-modules`) are unchanged (Get under CI jitsi/jitsi-meet#298)
• 9b46128 fix(addStyles): check if `HTMLIFrameElement` exist (screen sharing support for FF jitsi/jitsi-meet#296)
• a7734e6 chore(package): update repository url (audio not working most of the time, webrtc trouble? jitsi/jitsi-meet#290)
• 6ca2ecb chore(release): 0.19.1
• 2bfc93e fix(addStyles): correctly check `singleton` behavior when `{Boolean}` (`options.singleton`) (Audio/video loss when conference reaches 15 participants and LastN enabled jitsi/jitsi-meet#285)
• 57c457d docs: fixed missing commas in configuration examples (Improve browser version checks jitsi/jitsi-meet#266)

See the full diff

Package name: webpack-bundle-analyzer

The new version differs by 96 commits.

• ee6c7a9 Merge pull request Trouble accessing mic/cam or entering room (logs included) jitsi/jitsi-meet#389 from webpack-contrib/support-webpack-5
• 8d1a752 Update version
• 37ab03e Fix typo
• 2153401 Add `--watch-ignore` flag to `test-dev` npm script
• 35b62db Add `private: true` flag to `package.json` files in `test/webpack-versions`
• ef36924 Add changelog entry
• f819548 Update version
• d8f2dd7 Fix lint issues
• d32cbdb Add changelog for v4.0.0
• 3094dbc Update dependencies
• b85ba7d Add tests for Webpack 5
• c35bda3 Properly parse Webpack 5 entry modules
• 7bbe89f Properly parse Webpack 5 bundle format (except concatenated entry module)
• b34b249 Update package-lock.json
• abc298a Remove Node.js 6 and 8 from .travis.yml
• a81b7b8 - Support multiple Webpack versions in tests
• 591adf1 Add more ignores to .npm-upgrade.json
• d5698f4 Update dependencies
• e4a8974 Merge pull request Merge pull request #1 from jitsi/master jitsi/jitsi-meet#382 from wbobeirne/fix-opener-error
• b0f717b Catch uncaught opener errors
• e4b2677 v3.9.0
• afde5a8 Merge pull request Leak with xmpp authenticate dialog box?  jitsi/jitsi-meet#378 from dabbott/fix-missing-child-bundles
• 0ddc92d Add test for dynamic imports in worker bundles
• b39594c Fix missing child bundles throwing an error

See the full diff

Package name: webpack-cli

The new version differs by 250 commits.

• fb50f76 chore(release): publish new version
• 2c75aeb chore: new version of the packages
• 0d05c30 chore(release): publish %s
• 3f9e151 chore: fix lerna config
• 2c1e34c tests(generator): enhance init generator tests (Beta version of Jitsi Meet jitsi/jitsi-meet#1236)
• 6ee61b9 Fix loader-generator and plugin-generator tests (Fix watermarks config jitsi/jitsi-meet#1250)
• 52956a2 Fixing the typos and grammatical errors in Readme files (Feature request: link to stream broadcast jitsi/jitsi-meet#1246)
• 7faaed2 chore: update Bug_report & Feature_request Templates ([RN] Implement full screen mode while in a conference jitsi/jitsi-meet#1256)
• 7a5b33d feat(webpack-cli): added mode argument (Iframe API - participant count jitsi/jitsi-meet#1253)
• 3715756 tests(webpack-cli): add test case for defaults flag ([RN][iOS] Default to speaker while in a conference jitsi/jitsi-meet#1254)
• a7cba2f chore: project maintanance and typescript fix (Desktop sharing icon not shown in Firefox jitsi/jitsi-meet#1247)
• 7748472 chore: ignore package-lock.json and remove its references (Unsupported browser (feature) jitsi/jitsi-meet#1252)
• a014aa7 docs: fix supported arguments & commands link in README (Feature request: Video Support for SIP Gateway jitsi/jitsi-meet#1244)
• 06129a1 feat(webpack-cli): add progress bar for progress flag (fix(filmstrip_only): JS errors jitsi/jitsi-meet#1238)
• 6cc6a49 chore: post refactor CLI (How to set live stream to youtube jitsi/jitsi-meet#1237)
• 358651e chore: move cli under lerna package (Fix(React/conference): Sets an initial toolbar view timeout jitsi/jitsi-meet#1225)
• 2dc495a fix(init): fix webpack config scaffold (Issue in Jitsi-meet audio jitsi/jitsi-meet#1231)
• 1ab62d2 tests(generator): add tests for plugin generator (Name Redux actions consistently jitsi/jitsi-meet#1235)
• d2dd0c1 tests(sourcemap): fix flaky stats statement (Fixes and adjustments of UI layout jitsi/jitsi-meet#1232)
• f6dc680 tests(loader-generator): add tests for loader generator (Sdp overhaul jitsi/jitsi-meet#1234)
• 35d1381 tests(generator): enable init generator test (how to integrate etherpad into jitsi-meet on an apache webserver jitsi/jitsi-meet#1233)
• 66cdcb6 chore(generator): remove transpiled tests (Rocketchat jitsi/jitsi-meet#1229)
• f29a170 fix(init): fix the invalid package name (Fix(RemoteVideo): Fixes remote video menu icon jitsi/jitsi-meet#1228)
• 8c3a66d chore(cli): updated changelog of v3 (Removes guest parameter when navigating to close page. jitsi/jitsi-meet#1224)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Arbitrary Code Injection

[github-actions]

This PR has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.