[Snyk] Fix for 1 vulnerabilities

[capasky]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	703/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.2	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: archiver

The new version differs by 133 commits.

• 5d3f168 bump version for release
• cdeca7f Update CHANGELOG.md
• 624d54c Update CHANGELOG.md
• a4c4507 Replaced glob with readdir-glob to be memory efficient, and ensure readdir stream is paused when archiving is on-going (#433)
• 9b03ec5 Bump zip-stream from 4.0.0 to 4.0.2 (#431)
• 2c1a76c Update dependabot.yml
• a8195a6 Bump zip-stream from 3.0.1 to 4.0.0 (#430)
• ea4b518 Update appveyor.yml
• 2c44bdc Update dependabot.yml
• 77c962a Bump mocha from 6.2.3 to 8.0.1 (#424)
• b676035 Bump tar from 4.4.13 to 6.0.2 (#426)
• 1c14722 Bump tar-stream from 2.1.2 to 2.1.3 (#427)
• 2fc3bbe Update package.json
• 081abcb Bump rimraf from 2.7.1 to 3.0.2 (#425)
• f55a3ff Delete .travis.yml
• 0350420 Update appveyor.yml
• e19b218 Bump actions/setup-node from v1 to v2.1.0 (#428)
• 704e3d1 Bump actions/checkout from v1 to v2.3.1 (#429)
• b4dbfb8 Update nodejs.yml
• 791a6db Rename .github/.github/dependabot.yml to .github/dependabot.yml
• 646e096 Create dependabot.yml
• 2bbaca9 ci: test node 14.x
• ff7a9b0 Bump lodash from 4.17.15 to 4.17.19 (#423)
• f646f86 Update package-lock.json

See the full diff

Package name: fs-extra

The new version differs by 47 commits.

• 2da7def README: Node v0.12 deprecation notice.
• f074627 1.0.0
• 3b48231 CHANGELOG: add issues
• d722ae9 Merge pull request #286 from agnivade/walkSync
• 87dd3c8 Merge pull request #307 from jprichardson/coverage
• 7448648 Fix coverage
• 597a98f Merge pull request #305 from jprichardson/coveralls
• 9d19da7 Merge pull request #306 from jprichardson/deps
• ab3c29c Update devDeps, fix lint error
• 662b78b Re-add Coveralls
• 6f3caef Merge pull request #304 from jprichardson/path-is-absolute
• bebbe78 Remove path-is-absolute
• d71d9b3 Merge pull request #303 from jprichardson/docs-copySync
• 916462b Document copySync filter inconsistency
• 0314876 Merge pull request #300 from jprichardson/rimraf
• a837927 Inline rimraf
• 071f8ce Fix typo
• f31b88e Merge pull request #301 from jprichardson/copySync-chmod
• ac6f688 Remove chmod call from copySync
• 23b2096 Merge pull request #299 from jprichardson/filter
• 9da4958 Warn when filter is a RegExp
• 7632804 Merge pull request #294 from jprichardson/ncp
• abfe0be Merge pull request #293 from jprichardson/travis
• 620992b Merge pull request #295 from jprichardson/filter-docs

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.