[Snyk] Fix for 3 vulnerabilities

[travi]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-COOKIEJAR-3149984	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-HAPISTATEHOOD-2769251	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Prototype Poisoning SNYK-JS-QS-3153490	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @hapi/glue

The new version differs by 6 commits.

• aed1e14 8.0.0
• b5758b2 Merge pull request Update eslint-plugin-react to version 3.9.0 🚀 #142 from damusix/next
• f9bcefd docs: ✏️ document version support
• bc02f66 fix: 🐛 bump hapi 20 dependency
• 1a66913 Merge pull request Update referee to version 1.2.0 🚀 #140 from lloydbenson/master
• 42cfe0b move to validate and upgrade lab

See the full diff

Package name: traverson

The new version differs by 47 commits.

• 2d6c9c3 chore(release): 8.0.1 [skip ci]
• cc5c3d6 fix(deps): update dependency superagent to v7
• c1c60e6 chore(deps): update node.js to v16
• 249d46b chore(deps): update dependency proxyquire-universal to v3
• 3261325 chore(deps): update dependency load-grunt-tasks to v5
• 6e9db9f chore(deps): update dependency husky to v7
• 9b0c81a chore(deps): update dependency grunt-contrib-uglify to v5
• 67bd436 chore(deps): update dependency grunt-browserify to v6
• dae6892 chore(deps): update dependency mocha to v7.2.0
• 9df91d4 chore(deps): update dependency husky to v4.3.8
• 6aa3f3d chore(deps): update dependency grunt-cli to v1.4.3
• d2e5db9 chore(deps): update dependency grunt to v1.4.1
• 4d41177 chore(deps): update dependency chai to v4.3.6
• b566dc5 chore(deps): update dependency yargs-parser to 13.1.2 [security]
• 7cce911 chore(deps): pin dependencies
• 3ade123 chore(deps): update dependency y18n to 4.0.1 [security]
• b8353a0 chore(deps): update dependency trim-off-newlines to 1.0.3 [security]
• a80f1d2 chore(deps): update dependency trim-newlines to 3.0.1 [security]
• df26bf6 chore(deps): update dependency tar to 4.4.18 [security]
• 25e830b chore(deps): update dependency set-value to 2.0.1 [security]
• 9fc2b5c chore(deps): update dependency minimist [security]
• cf05ef5 chore(deps): update dependency lodash.merge to 4.6.2 [security]
• b193ece chore(deps): update dependency kind-of to 6.0.3 [security]
• c36b625 chore(deps): update dependency json-schema to 0.4.0 [security]

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Poisoning