[Snyk] Fix for 6 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	584/1000 Why? Has a fix available, CVSS 7.4	Directory Traversal SNYK-JS-ADMZIP-1065796	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	626/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.1	Man-in-the-Middle (MitM) SNYK-JS-HTTPSPROXYAGENT-469131	No	Proof of Concept
	899/1000 Why? Mature exploit, Has a fix available, CVSS 9.4	Arbitrary File Write via Archive Extraction (Zip Slip) npm:adm-zip:20180415	Yes	Mature
	796/1000 Why? Mature exploit, Has a fix available, CVSS 8.2	Uninitialized Memory Exposure npm:https-proxy-agent:20180402	No	Mature
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:jasmine-core:20180216	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: chalk

The new version differs by 53 commits.

• 3fca615 2.0.0
• f66271e Add tagged template literal (Adding Protractor to Yeoman generator-angular angular/protractor#163)
• 23ef1c7 fix linter errors
• c015568 add rainbow example
• 09fb2d8 Re-implement `chalk.enabled` (How to set attributes of the object using protractor angular/protractor#160)
• 608242a spoof supports-color
• 18f2e7c add host information output
• 523b998 Revert "TEMPORARY: emergency travis CI fix (see comments)"
• 54975fb TEMPORARY: emergency travis CI fix (see comments)
• 1d73b21 Improve readme
• 6f4d6b3 Bump dependencies
• 8702496 Remove `chalk.styles`
• 0412cdf Minor code improvements
• 249b9ac ES2015ify the codebase
• cb3f230 Add RGB (256/Truecolor) support (how to read text value of a element angular/protractor#140)
• dbae68d Update dependent package count in the readme (Jasmine .not is not working? angular/protractor#154)
• 9b60021 Drop support for Node.js 0.10 and 0.12
• 0d21449 check parent builder object for enabled status (Track down potential issues with setting a timeout on an $http request angular/protractor#142)
• 5a69476 add XO badge
• 492f11f add example file
• 4ce73b6 make XO happy
• 7c02cf4 Add log statement to chalk examples (Exception "javascript error: Cannot call method 'get' of undefined" on any ptor method  angular/protractor#129)
• 835ca3d You've just reached 10,000 dependent modules. (onPrepare not being passed to tests angular/protractor#122)
• 74c087d minor doc improvements (How do I get the current url from protractor? angular/protractor#120)

See the full diff

Package name: jasmine

The new version differs by 20 commits.

• 33c5f8c bump version to 3.1
• bdc7ab4 Tell Jasmine-core not to handle load errors itself
• ea0c23e better error reporting when an invalid --reporter is specified
• 74d3e96 bump version to 3.0
• b8cf9aa Merge branch 'master' into 3.0-features
• b831ccf Add --fail-fast to help message
• 375b7aa Support stopping jasmine execution on first spec failure
• 9aea4e9 Add ability to pass `--reporter` on the command line
• 76f9fa2 Print full details for suite failures
• 38d5568 Report how to re-run Jasmine with the current seed
• 9af225e Run specs in random order by default
• 1e5a1f6 Merge branch 'master' into 3.0-features
• f55808f Updated node.js versions
• ca8e39b Ignore vim swap files
• a17e3f9 Depend on core 3.0
• 5643389 Added an editorconfig file
• 894f6c3 Treat suites with focused specs as failures
• dcca51c Removed deprecated completion callback from console reporter
• 19ca208 Update dependencies
• 44e28d6 Removed 0.10.x compatibility code

See the full diff

Package name: saucelabs

The new version differs by 10 commits.

• ed77e8c Bump version to 1.5.0
• f359d8d Update node versions on Travis
• e261232 Merge pull request Sleep() or Pause() functionality  angular/protractor#39 from qiyigg/master
• 922686a Update https-proxy-agent to the latest version for security reason
• aa10e2e 1.4.0
• 168cd2f Merge pull request feature request: mocha adapter support angular/protractor#35 from ericmacfa/master
• 63d0b6c Merge pull request Should retry if angular isn't found on the page angular/protractor#2 from ericmacfa/add-method-getSubAccounts
• 914ded7 Added getSubAccounts method with associated unit test and README updates
• e284873 Merge pull request [Snyk] Fix for 6 vulnerabilities #1 from ericmacfa/add-method-getSubAccountList
• 2e8992d Added getSubAccountList method with associated unit test and README updates

See the full diff

Package name: webdriver-js-extender

The new version differs by 13 commits.

• e29179a Merge pull request Scripts for easy download of selenium / webdriverjs angular/protractor#12 from NickTomlin/protractor-4148
• ba0e5fd chore: Update minimum node to 6.x to match protractor core
• 753ad8b chore: Remove unused import
• fd370b0 Revert "chore(specs): Refactor specs to work with new return payload from driver"
• b117331 chore(specs): Refactor specs to work with new return payload from driver
• 09aae00 chore: Bump version to indicate breaking changes
• a75eac4 chore: Remove unused deferred_executor
• a989baf breaking(typings): Update typings and remove patch since we are now using selenium 3.x
• 517ad1d chore(build): Compile to es6 now that protractor has dropped <6 support
• 52f1f3b chore(typos): Clean up typos in README and index.ts
• 0cc8161 chore(docs): document commands better
• 23bc89a chore(npm): version bump
• 3c4cceb chore(refactor): clean up some imports (Should wrap webdriver's 'isElementPresent' angular/protractor#11)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Directory Traversal