[Snyk] Fix for 7 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Breaking Change	Exploit Maturity
	Prototype Pollution SNYK-JS-MINIMIST-559764	Yes	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOCHA-561476	Yes	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	Yes	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:diff:20180305	Yes	Proof of Concept
	Arbitrary Code Injection npm:growl:20160721	Yes	No Known Exploit
	Denial of Service (DoS) npm:superagent:20170807	Yes	No Known Exploit
	Information Exposure npm:superagent:20181108	Yes	No Known Exploit

Commit messages

Package name: chai-http

The new version differs by 54 commits.

• d9a8d1f 4.0.0 (#202)
• a315dd0 chore(package): fixed license typo (#199)
• 832f6c2 docs: add note about agent server not closing (close #188) (#190)
• cee5dbd Merge pull request #184 from chaijs/fix-178
• 3d7ab70 feat(node-request): close connections after request
• d3d9ec6 chore(package): update devdependencies
• e2e80ce chore(package): update all package versions
• 80c880c chore(package): update superagent to 3.7 (#183)
• 80b4efb docs: add chai.expect usage to readme (#173)
• 2604c3b mention login in the persistent session guide (#167)
• 77a7a93 docs: fix form test example in README (#166)
• 6e88c38 Merge pull request #131 from meeber/chai-v4
• 7426715 Update for Chai v4.0
• cf52191 Merge pull request #160 from mcky/patch-1
• dfffa63 Add to.not.redirect example to README
• 1ea9265 Merge pull request #154 from tonymet/issue/147
• ad0c3be revise error message
• 6ab3b9a revert whitespace change
• 7eef16a add 307,308 to redirect assertion HTTP 307 and 308 status codes are not treated as redirects chaijs/chai-http#147
• 3a37080 Merge pull request #133 from yashsriv/fix/agent-cookies
• 12ddde4 Merge pull request #149 from vieiralucas/drop-old-node
• 1436147 chore: update supported Node versions
• d6e1294 Merge pull request #142 from chaijs/vieiralucas-patch-1
• 4470f99 Fix some bad semicolon placements at README.md

See the full diff

Package name: mocha

The new version differs by 250 commits.

• eb781e2 Release v6.2.3
• 10dbe94 update CHANGELOG for v6.2.3 [ci skip]
• 848d6fb security: update mkdirp, yargs, yargs-parser
• 843a322 6.2.2
• aec8b02 update CHANGELOG for v6.2.2 [ci skip]
• 7a8b95a npm audit fixes
• cebddf2 Improve reporter documentation for mocha in browser. (#4026)
• 3f7b987 uncaughtException: report more than one exception per test (#4033)
• ee82d38 modify alt text of image from Backers to Sponsors inside Sponsors section in Readme (#4046)
• e9c036c special-case parsing of "require" in unparseNodeArgs(); closes #4035 (#4063)
• 954cf0b Fix HTMLCollection iteration to make unhide function work as expected (#4051)
• 816dc27 uncaughtException: fix double EVENT_RUN_END events (#4025)
• 9650d3f add OpenJS Foundation logo to website (#4008)
• f04b81d Adopt the OpenJSF Code of Conduct (#3971)
• aca8895 Add link checking to docs build step (#3972)
• ef6c820 Release v6.2.1
• 9524978 updated CHANGELOG for v6.2.1 [ci skip]
• dfdb8b3 Update yargs to v13.3.0 (#3986)
• 18ad1c1 treat '--require esm' as Node option (#3983)
• fcffd5a Update yargs-unparser to v1.6.0 (#3984)
• ad4860e Remove extraGlobals() (#3970)
• b269ad0 Clarify effect of .skip() (#3947)
• 1e6cf3b Add Matomo to website (#3765)
• 91b3a54 fix style on mochajs.org (#3886)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic