[Snyk] Fix for 3 vulnerabilities

[willmcvay]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/ts-scripts/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Denial of Service (DoS) SNYK-JS-JPEGJS-570039	Yes	No Known Exploit
	520/1000 Why? Has a fix available, CVSS 5.9	Denial of Service SNYK-JS-NODEFETCH-674311	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: copy-webpack-plugin

The new version differs by 31 commits.

• 64e60c2 chore(release): 6.0.0
• dd9ce50 test: coverage
• 29254e3 feat: implement the `directory` option for the `cacheTransform` option
• bebafcf refactor: code
• e3803ce feat: implement the `noErrorOnMissing` option (Design contracts for Journal API #475)
• 8e5bc1b chore(deps): update (Design contracts for Leads API #474)
• 6b85c86 docs: improve (Modularize GraphQL Server Resolvers and Schemas #473)
• 3ef3f25 refactor: drop test option in favor transformPath (refactor: remove login mutation #472)
• 045f629 refactor: code (refactor: move typings for identity-check to identity-check.d.ts #471)
• 20c9ae5 docs: import documentation for the `from` option (fix: handler context for lambda apollo server #468)
• bfb4f0e docs: improve the description for the `toType` option (Update interactive API documentation to include the 'leads API' milestone #467)
• c0c9fa7 test: transform && transformPath (feat: #450 create fetch-ts-definition command for graphql server #470)
• 197b0d8 fix: asset size
• c176d7d feat: concurrency option (Present Leads API in the interactive API explorer #466)
• e5e410a refactor: code (Provide API to allow a new lead to be created #465)
• 0be6470 refactor: remove the `ignore` option in favor globOptions.ignore (Provide API to present filterable listing of lead information #463)
• 6b07a63 refactor: code
• 42194f3 refactor: code (fix: #178 fix horizontal scroll table #459)
• 1e2f3a1 test: refactor (fix: #456 fix icon label on error of validations #458)
• a728675 chore: update globby
• 64b2e1a refactor: remove the global `context` option (Marketplace issues on Internet Explorer (Dev Portal) #453)
• f6da280 refactor: rename the `cache` option to `cacheTransform` (chore: #450 copy types definition into graphql server repo #452)
• aedd2bd refactor: plugin options (chore: #128 remove redundant and restructure dependencies #451)
• 383ff9d refactor: 'from' option (Implement platform version to GraphQL service #450)

See the full diff

Package name: favicons-webpack-plugin

The new version differs by 19 commits.

• ed6c021 chore(release): 4.2.0
• eb11a83 feat: turn favicon into a transitive dependency to allow using upstream bugfixes
• 342beb7 chore(release): 4.1.0
• 6ef0ce4 feat: show current html-webpack-plugin version
• 84be288 chore(release): 4.0.0
• 8848bc2 feat: upgrade favicons
• 01e9f6a chore(deps-dev): bump standard-version from 7.0.1 to 8.0.1 (fix: #53 Add Etag header in GeoDiary app #214)
• 72db9f5 chore: make eslint rules more strict
• 8d59acf fix: remove duplicate test-entry in .travis.yml
• 26895b6 chore: add eslint and prettier to CI pipeline
• 70d207f chore: fine-tune eslint config
• 7f46f6b chore: setup prettier
• b0d0974 chore: setup eslint
• 47bf751 docs: Add example for custom injection
• e6645b8 chore(release): 3.0.1
• bb26179 fix: provide a error message if the plugin is incompatible to the html-webpack-plugin
• 61ffe97 chore(release): 3.0.0
• 15bab27 fix: remove "force" inject option
• 395fc09 feat: add support for html-webpack-plugin v4

See the full diff

Package name: isomorphic-fetch

The new version differs by 12 commits.

• fc5e0d0 3.0.0
• 496fa43 Add version that was previously uncomitted to the package.json due to the previous release process
• 9f5a8b6 Add a list of alternatives
• 49280e6 Resolve minor security issue
• 0f5edd0 Explain why Isomorphic Fetch is needed in docs (chore: #40 finished tidy up of docs #135)
• e32b006 Fix travis (feat: #171 developer installed app graph #190)
• db0aa8c Update to latest version
• 8bf02c4 Bump node-fetch from 1.7.3 to 2.6.1 (fix: #115 remove weird styling caused by bulma css #189)
• 89c7e70 Merge pull request Migrate Custom Mailer repo to Foundations mono-repo #93 from paulmelnikow/fetch_ponyfill
• 25e3cab Add link to fetch-ponyfill
• 8d33aba Merge pull request Migrate Geo Diary repo to Foundations mono-repo #90 from josiah0/update-lintspaces-cli
• c22fcda Update lintspaces-cli

See the full diff

Package name: jest-fetch-mock

The new version differs by 2 commits.

• e0614b8 3.0.0
• a0a22de Conditional (Our NPM dependencies need reviewing #128)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic