[Snyk] Fix for 3 vulnerabilities

[matrunchyk]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution SNYK-JS-DOTPROP-543489	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASHSET-1320032	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @commitlint/config-conventional

The new version differs by 225 commits.

• 3982e5a v10.0.0
• 0a70592 chore: update dependency eslint to v7.7.0 (#2063)
• 5be34ec chore: update dependency @ types/jest to v26.0.10 (#2064)
• 7b7f9a8 chore: update dependency @ types/semver to v7.3.2 (#2062)
• 25d42f4 fix: update dependency find-up to v5 (#2060)
• 74d54d0 chore: update dependency ts-jest to v26.2.0 (#2059)
• 0772b27 chore: update typescript-eslint monorepo to v3.9.0 (#2058)
• 4895d5f Use read dafult export - requiring with CommonJS (#2057)
• da0c75d build(deps): bump prismjs from 1.20.0 to 1.21.0 (#2055)
• 0329e09 chore: update dependency conventional-changelog-angular to v5.0.11 (#2056)
• d8b6bd6 chore: update dependency @ types/node to v12.12.54 (#2054)
• 08bd3db chore: update dependency @ types/lodash to v4.14.159 (#2053)
• 13382ec chore: update dependency @ types/jest to v26.0.9 (#2052)
• 46c3982 chore: update babel monorepo (#2050)
• 163a789 chore: update typescript-eslint monorepo to v3.8.0 (#2045)
• f4db933 fix: update dependency cosmiconfig to v7 (#2044)
• ca63602 chore: update dependency eslint to v7.6.0 (#2042)
• 964876e chore: update dependency @ types/jest to v26.0.8 (#2041)
• 62f4772 chore: update babel monorepo (#2037)
• ebb57d2 chore: update dependency eslint-plugin-jest to v23.20.0 (#2034)
• 1efce79 chore: update dependency ts-jest to v26.1.4 (#2031)
• 1784ef2 chore: use non-fixed lerna version (#2026)
• 0b08b4d chore: update dependency eslint-plugin-jest to v23.19.0 (#2030)
• 3beacfc chore: update typescript-eslint monorepo to v3.7.1 (#2029)

See the full diff

Package name: danger

The new version differs by 29 commits.

• 5d5db62 Release 11.0.2
• 91c0c94 More version faff
• d1119d3 Merge branch 'main' of https://github.com/danger/danger-js into main
• 8655391 Prepare for 2nd shot at a release
• 0dd1379 Release 11.0.0
• 65130b5 Prepare for release
• fff2201 Merge pull request #1204 from danger/fb/bump-octokit-rest
• fbac092 Handle a mocking issue in the ts upgrade
• 248f8c1 Use published memfs
• 50ae51c Bump @ octokit/rest from v16.43.1 to v18.12.0
• 0253cf2 Bump TypeScript from v3.9.7 to v4.5.5
• e22faa1 Upgrade new Buffer to Buffer.from (node v10+)
• 202d727 Release 10.9.0
• 34fe471 Prepare for release
• 06928e3 Merge branch 'adjust-structured-diff-return-value' into main
• fb66c81 Merge pull request #1201 from berlysia/adjust-structured-diff-return-value
• 6303c88 Lock node-fetch to the latest 2.x
• 9049848 Merge pull request #1198 from jonny133/jonny133-node-fetch-2_6_7
• dc54972 now structuredDiffForFile is well-typed
• 0b5865f make structuredDiffForFile for BitBucketServer the same as the others
• ab77e3c Resolve node-fetch to 2.6.7
• a7355a3 Merge pull request #1197 from danger/fb/fix-moved-json-crash
• 3411074 Cleanup debug log
• 99e19f7 Don't crash when danger.git.JSONDiffForFile encounters a moved JSON file

See the full diff

Package name: jest

The new version differs by 250 commits.

• be16e47 v27.0.0
• 63102ec chore: update changelog for release
• 564694a docs(blog): Jest 27 blog post (#11131)
• b68d91b feat(pretty-print): add option `printBasicPrototype` (#11441)
• 2226742 chore: minor simplify format results error (#11432)
• 78eb25d chore: remove needless assign (#11433)
• 696c455 chore: update lockfile after publish
• e2eb9ae v27.0.0-next.11
• 3b253f8 Wait for closed resources to actually close before detecting open handles (#11429)
• 27bee72 fix: run GC before collecting open handles (#11278)
• 50451df feat: use fallback if prettier not found (#11400)
• 150dbd8 chore: update lockfile after publish
• 6f44529 v27.0.0-next.10
• cbcec7d Upgrade fsevents in jest-haste-map (#11428)
• 9633a26 feat: support reporters written in ESM (#11427)
• 59f42d8 fix: do not cache modules that throw during evaluation (#11263)
• 57e32e9 Detect open handles with done callbacks (#11382)
• a397607 Document and test dontThrow for custom inline snapshot matchers (#10995)
• 4fa3a0b feat: custom haste (#11107)
• 2047a36 chore: bump deps (#11419)
• a4358d6 chore: run prettier on changelog
• bdd6282 Move all default values into `jest-config` (#9924)
• db643a1 Link to Jest config (#11106)
• b16082c Fix locale issue #10014 (#11412)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution