[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • deps/npm/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-1019388	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: glob

The new version differs by 64 commits.

• 3a7e71d v5.0.15
• 841fda0 use latest minimatch
• 4ba54a8 Skip some tests on Windows, make others pass
• 3936e1e Build: Add build for node v4
• c47d451 v5.0.14
• 821fac8 Handle ENOTSUP for sync glob as well as async
• 9625618 Test for when readdir raises ENOTSUP
• 0a2b519 Generate fixtures more effectively, with -O instead of eval
• f96190b Use js for benchmark cleanup
• 957fd93 Fix some 'use strict' errors
• bf3381e Treat ENOTSUP like ENOTDIR in readdir
• 507733d v5.0.13
• f5878af Do not emit 'match' events for ignored items
• 9439afd v5.0.12
• 6071f3a Revert "Use graceful-fs if available"
• 38ff16c v5.0.11
• f09292b Use graceful-fs if available
• 4f39b60 Remove duplicate option description
• e3cdccc v5.0.10
• 480da05 ignore .nyc_output, upgrade tap, use coverage, rm fixtures
• 155124b add more sync cb thrower tests
• f7302ca Test base-matching
• 7530e88 v5.0.9
• b185987 reduce cases where tests need to be regenerated

See the full diff

Package name: init-package-json

The new version differs by 13 commits.

• c09029c 1.3.1
• 017da5e updated devDependencies
• 14b18e3 glob@5.0.3
• 08ff26a validate-npm-package-name@2.0.1
• 2747f41 update scope so it assumes the @ is there
• 2717d3e tweak for read-package-json@latest and promzard@3
• e51cdc4 Validate name
• 5327351 1.3.0
• f57d51f test: tweak roving slash
• 9c20a51 Add supporting scope option
• 6c07431 1.2.0
• ad38432 author URLs are now getting normalized
• 561f042 Add support for save-exact flag in npm-init

See the full diff

Package name: minimatch

The new version differs by 10 commits.

• 81edb7c v3.0.2
• 6944abf Handle extremely long and terrible patterns more gracefully
• 8ac560e v3.0.1
• 4f3a8bc update tap
• 9cf2d88 Remove mentions of cache from readme
• 7df236f Use svg instead of png to get better image quality
• 361f803 Fixes spelling mistake from "instanting" to "instantiating"
• ea0c690 update travis
• 270dbea v3.0.0
• 668a1f4 Don't package browser version

See the full diff

Package name: node-gyp

The new version differs by 122 commits.

• d460084 3.4.0
• cc312ca changelog for v3.4.0
• ce5fd04 deps: update minimatch version
• 77383dd Replace fs.accessSync call to fs.statSync
• 0dba4bd test: add simple addon test
• c4344b3 doc: add --target option to README
• cc778e9 Override BUILDING_UV_SHARED, BUILDING_V8_SHARED.
• af35b2a Move VC++ Build Tools to Build Tools landing page.
• f31482e win: work around __pfnDliNotifyHook2 type change
• 3df8222 Allow for npmlog@3.x
• a4fa07b More verbose error on locating msbuild.exe failure.
• 4ee3132 doc: add command options to README.md
• c8c7ca8 Add --silent option for zero output.
• ac29d23 Upgrade to glob@7.0.3.
• 15fd56b Enable V8 deprecation warnings for native modules
• 7f1c1b9 gyp: improvements for android generator
• 0880827 Update Windows install instructions
• 625c151 gyp: inherit CC/CXX for CC/CXX.host
• 3bcb172 Add support for the Python launcher on Windows
• 1dcf356 3.3.1
• a981ef8 gyp: fix android generator
• 7b10467 3.3.0
• a1dde56 Update changelog
• 818d854 Introduce NODEJS_ORG_MIRROR and IOJS_ORG_MIRROR

See the full diff

Package name: read-package-json

The new version differs by 14 commits.

• 74cdfd0 1.3.3
• 6bc4d63 glob@5.0.3
• 9f05db9 test: enforce style rules when testing
• 2ba7a73 src: standardize read-package.json
• 580e759 remove redundant dependencies
• b746f65 fix caching problem
• d307d82 1.3.2
• 52e2808 dep: use a tap made this century
• 89c1148 use json-parse-helpfulerror
• 3e2f7da test: forgot to check in fixture
• 59011e6 1.3.1
• 709976e sometimes the bin mapping is empty
• 81fd5f7 1.3.0
• 35cef90 Validate scripts in 'bin', warn if they don't exist.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic