[Snyk] Fix for 16 vulnerabilities

[leonardoadame]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • deps/npm/node_modules/console-control-strings/package.json
  • deps/npm/node_modules/console-control-strings/.snyk

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	619/1000 Why? Has a fix available, CVSS 8.1	Prototype Pollution SNYK-JS-AJV-584908	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	584/1000 Why? Has a fix available, CVSS 7.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-HAWK-2808852	Yes	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Denial of Service (DoS) SNYK-JS-JSYAML-173999	Yes	No Known Exploit
	619/1000 Why? Has a fix available, CVSS 8.1	Arbitrary Code Execution SNYK-JS-JSYAML-174129	Yes	No Known Exploit
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Prototype Pollution SNYK-JS-MINIMIST-2429795	Yes	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-MINIMIST-559764	Yes	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-YARGSPARSER-560381	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:braces:20180219	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:eslint:20180222	Yes	Proof of Concept
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution npm:hoek:20180212	Yes	Proof of Concept
	576/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.1	Uninitialized Memory Exposure npm:tunnel-agent:20170305	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: standard

The new version differs by 250 commits.

• a599426 authors
• 4b7fac5 11.0.0
• 76bf851 [email protected]
• 22673fc test: add --fix flag to attempt fixing packages before failing
• 50c466c remove hardcoded npm run test scripts
• cc79290 .npmignore
• 7b5e482 .npmignore
• 538f087 [email protected]
• 0147989 [email protected]
• 7ff022f [email protected]
• c9e8503 changelog
• a5333eb changelog
• 98f513c test style
• 8376af6 don't peg CPU when running tests
• 47489da update changelog
• 4ff2152 eslint-plugin-node@6
• 78be324 [email protected]
• c2bd85c Merge pull request [Snyk] Security upgrade tap from 7.1.2 to 12.0.2 #1054 from standard/greenkeeper/initial
• 5edd7c3 chore: adapt code to updated dependencies
• aef406a copy
• ff379a0 add stdlib sponsor logo
• c1770a9 readme tweaks
• 4acfb74 Merge pull request [Snyk] Security upgrade rollup-plugin-babel from 2.7.1 to 4.4.0 #1057 from sonicdoe/patch-1
• e1c58fb Fix typo

See the full diff

Package name: tap

The new version differs by 250 commits.

• eaa0084 14.6.8
• e7cff4d update deps to node >=8 requirements
• b9e53c2 update cli doc
• 9917a7a 14.6.7
• 125aae3 [email protected]
• ce0c629 update cli doc
• eb2bded 14.6.6
• 7f453f5 Set nyc color watermarks based on check-coverage levels
• 28e7db5 update cli doc
• fb852ee 14.6.5
• eeb423a [email protected]
• 5b83028 watch: add --no-clean to nyc args on change tests
• 6a4d64b track thrown error when timeout/throws happen during promise waiting
• 5b977e1 update cli doc
• 49e9df0 14.6.4
• 6d37040 update deps, remove npm-shrinkwrap.json
• d19ab3d update cli doc
• 1436f4f 14.6.3
• a266e30 Fail if error is thrown while awaiting a Promise
• 73e7496 update cli doc
• 443786c 14.6.2
• 36d6dc5 Properly handle test aborts when awaiting promises
• 28cd2ff update cli doc
• 8d280c3 14.6.1

See the full diff

With a Snyk patch:

Severity	Priority Score (*)	Issue	Exploit Maturity
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:hawk:20160119	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Timing Attack npm:http-signature:20150122	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:mime:20170907	No Known Exploit
	469/1000 Why? Has a fix available, CVSS 5.1	Remote Memory Exposure npm:request:20160119	No Known Exploit
	576/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.1	Uninitialized Memory Exposure npm:tunnel-agent:20170305	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution
🦉 Regular Expression Denial of Service (ReDoS)
🦉 Arbitrary Code Execution
🦉 More lessons are available in Snyk Learn

[stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 327c4cf

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR