[Snyk] Fix for 1 vulnerabilities

[andris9]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: levelup

The new version differs by 137 commits.

• 1f8f898 2.0.0
• a5dc858 Merge pull request #509 from ralphtheninja/master
• aab6c74 fix bad async code example
• a4cd129 Merge pull request #508 from Level/test/deferred-serialization
• fd19855 test: key of queued operation is not serialized
• fc729af smoke-test: levelup without encoding-down
• 1358aae test: json encoding with stream
• 527ab2a test: queued operation is not serialized
• 0325f45 Merge pull request #507 from Level/readme/cleanup
• c5bb02a changelog: add change to error event
• 52f57c9 changelog: escape asterisks
• 0f85ff3 readme: cleanup
• d089b02 Merge pull request #506 from Level/readme/intro
• 911c8b2 readme: rewrite intro and relationship to leveldown
• f0be316 Merge pull request #505 from ralphtheninja/master
• 3663a48 Merge pull request #504 from Level/readme/more-fruit
• a25f84f bump deferred-leveldown
• 25fd252 readme: reduce 'supported platforms' section
• 9fa93e3 readme: 'arbitrary data objects' => 'of any type'
• 7c37879 readme: clarify what excluding callbacks means
• 2a673f6 readme: unquote properties
• 6e12996 Merge pull request #502 from Level/readme/underlying-store
• 63c540e Merge pull request #503 from ralphtheninja/badges
• bdf23f5 update badges

See the full diff

Package name: restify

The new version differs by 250 commits.

• 2053ef6 chore(master): release 10.0.0
• 3f94e4f chore: upgrade release-please (please work)
• c21f6a8 chore: remove wrong link from CHANGELOG.md
• 5795223 feat!: support v18.x
• f384900 chore: Update example to allow downgrading to http1
• fa52f60 feat: bump dtrace-provider version to avoid MacOS errors
• e911d17 chore: upgrade send@^0.18.0
• c9e5dfd chore: upgrade mime@^3.0.0
• 15b8458 chore: upgrade semver@^7.0.0
• 1e25d31 chore: upgrade pidusage@^3.0.0
• 70370d9 chore: upgrade pino@^8.0.0
• de36103 chore: upgrade lru-cache@^7.0.0
• c944080 chore: upgrade uuid@^9.0.0
• 50bfac7 chore: upgrade csv@^6.0.0
• 638930c chore(examples): delete bench example in favor of the benchmark script
• a70880e chore(examples): update socket.io
• 23a80ae chore(examples): update todoapp
• 7228b94 chore: bump find-my-way to ^7.2.0
• caba351 updated package.json [ci skip]
• bf2e42a updated CHANGELOG.md [ci skip]
• c15111f chore: drop support for EOL Node.js versions
• d052b7c feat: deprecate req.closed
• 839fb4a chore: bump version of http-signature to ^1.3.6 (#1889)
• cc483e0 chore: remove travis and update github ci (#1878)

See the full diff

Package name: yargs

The new version differs by 98 commits.

• 8515e4f docs: nit in CHANGELOG
• 4b8cfa9 docs: slight tweaks to CHANGELOG
• c809cbe chore(release): 10.0.0
• fc13dcd chore: new translations for command API overhaul (#976)
• 7269531 feat: .usage() can now be used to configure a default command (#975)
• 3757194 chore: add id translation to #976 (#986)
• 47b3078 chore: update Dutch Translation (#981)
• 20bb99b feat: replace /bin/bash with file basename (#983)
• 5a9c986 feat(translation): Update pl-PL translations (#985)
• 02cc11d docs: whoops, forgot to call out a breaking change introduced into parse()
• 7e58453 fix: the positional argument parse was clobbering global flag arguments (#984)
• a06b67d chore: update tr.json (#982)
• b2d11b3 chore: add ja translations (#979)
• 1598a7f docs: switch to using .positional() in example (#973)
• 280d0d6 feat: hidden options are now explicitly indicated using "hidden" flag (#962)
• 8c1d7bf fix: less eager help command execution (#972)
• db77c53 chore: switch to find-up from read-pkg-up (#970)
• cb16460 feat: introduce .positional() for configuring positional arguments (#967)
• 3bb8771 fix: config and normalise can be disabled with false (#952)
• c649415 chore(release): 9.1.0
• 7b22203 fix(command): Run default cmd even if the only cmd (#950)
• 74a38b2 feat: multiple usage calls are now collected, not replaced (#958)
• d1b23f3 chore(release): 9.0.1
• ac8088b fix: implications fails only displayed once (#954)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)