[Snyk] Fix for 1 vulnerabilities

[skmezanul]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • build/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: asar

The new version differs by 21 commits.

• f2bddcd 0.10.0
• a82040f Merge pull request [Snyk] Security upgrade grunt-lesslint from 0.13.0 to 1.1.2 #57 from bwin/extend-api
• 41453eb Merge pull request [Snyk] Fix for 1 vulnerabilities #59 from bwin/update-license-id
• 6a34266 Merge pull request [Snyk] Security upgrade atom-package-manager from 1.1.1 to 2.0.0 #58 from bwin/rewrite-tests-in-coffeescript
• 3874b2b Refactor tests
• 28d8f2e Add new method `createPackageFromFiles` to asar module
• 41f85a0 Update package.json - refer to license by SPDX license ID
• f4c5fe2 CI: Also test on latest node 4.x & 5.x
• 3331ce6 Rewrite tests in coffeescript
• 54fb6de Update dependencies
• 5a2ad66 0.9.1
• f84faa3 Merge pull request [Snyk] Fix for 1 vulnerabilities #54 from GrabCAD/UnpackDirGlob
• 87958cc Updated README
• d1cc105 Implement "--unpack-dir" to fall back to glob pattern if literal prefix match fails
• 31ea1d8 Add unit tests for multiple unpacked dirs specified by single "--unpack-dir" glob pattern
• 56b62aa Clarify help output for "--unpack" option
• 979aab7 0.9.0
• 07d7920 Fix coffeelint warning
• 1476902 Merge pull request [Snyk] Fix for 2 vulnerabilities #52 from bengotow/asar-perf
• af11fe9 Ensure directories are added first
• 220fbd4 Allow hint file to specify ASAR file ordering

See the full diff

Package name: babel-eslint

The new version differs by 43 commits.

• 0f20099 5.0.0
• 278579f Update README.md
• 11c2f03 Merge pull request Select All doesn't work on eOS. nylas/nylas-mail#255 from deepsweet/npm-ignore
• 3b5f8f4 include only `index.js` in npm package
• c0f1110 delete `.npmignore`
• f399c89 Merge pull request Opens links in Safari when default browser is Chrome nylas/nylas-mail#250 from danez/patch-1
• c71392e adjust test to also cover issue Supporting 'Customize Toolbar' on OS X nylas/nylas-mail#239
• 413b80e 5.0.0-beta10
• 7a038d5 Merge pull request "Syncing mailbox.." runs forever without syncing nylas/nylas-mail#246 from babel/escope-patterns
• c80a386 fixup tests
• 36f6638 fix typo
• bd4eee9 check using `__esModule`
• b26bc58 Prevent escope referencer from traversing into param pattern type annotations
• 0d30882 5.0.0-beta9
• 71fadf0 Merge pull request Select all is not working on mac nylas/nylas-mail#244 from christophehurpeau/patch-1
• d8ac8f9 fix Reset size of letters list panel nylas/nylas-mail#243
• 3dcb32c 5.0.0-beta8
• ac4d3f0 Add a test for use strict and directive ast change
• 937eceb 5.0.0-beta7
• 880dc03 Merge pull request Electron missing after installing RPM nylas/nylas-mail#241 from jmm/rule-strict
• 80f7a48 temporarily remove test
• 04838a2 Add tests for `strict` rule.
• 4a3a35d Merge pull request Keyboard shortuct to open mail message nylas/nylas-mail#232 from vaibhavmule/patch-1
• 0cf92d3 update Licenses date

See the full diff

Package name: github-releases

The new version differs by 3 commits.

• fc3b492 Fix error happend when converting CoffeeScript
• dbfb940 Convert CoffeeScript to JS
• 0ce3644 Update dependencies

See the full diff

Package name: grunt-babel

The new version differs by 4 commits.

• ff01c19 6.0.0
• 54c583e tweaks
• 9772e55 Merge pull request [Snyk] Fix for 2 vulnerabilities #53 from underbyte/update-babel-core
• 9f3149c upgrade babel-core to 6.0.2

See the full diff

Package name: grunt-electron-installer

The new version differs by 20 commits.

• 10359a6 2.0.0
• b81fb98 Merge pull request Usage behind a proxy nylas/nylas-mail#104 from atom/use-winstaller
• 4be5bc6 Merge remote-tracking branch 'origin/master' into use-winstaller
• fd815ea Merge pull request RPM packages for Fedora nylas/nylas-mail#107 from havenchyk/winstaller
• 59d5961 Bump electron-winstaller to 2.0.5
• 661c574 ⬆️ [email protected]
• 92d1c23 Spawn jasmine directly from tests script
• 08321bc Remove unused tasks
• a8fb007 CoffeeScript -> JavaScript
• 51bb9b2 installer-spec.coffee -> installer-spec.js
• bf592f8 Move to tasks/ folder
• 317ce8f Remove coffee linting
• 86e7287 CoffeeScript -> JavaScript
• 75b56ba index.coffee -> index.js
• 0eee7cf Remove unused dependencies
• f7ba48a node 0.10 is ancient
• aa1081d Pin to an exact version of electron-winstaller
• a4be09c 🔥 stuff we don't need
• 0ac6f3f This is now a wrapper for electron-winstaller
• 91b817e Add electron-winstaller

See the full diff

Package name: npm

The new version differs by 250 commits.

• 0ec3f66 3.10.4
• 66b5c43 update AUTHORS
• f99bfa7 doc: update changelog for 3.10.4
• ee5bfb3 test: fix Windows path issue for local shrinkwrap test
• 346bba1 install: Resolve local deps in shrinkwrap relative to top
• afa2133 install: Refactor shrinkwrap specifier lookup into shared function
• 2820b56 inflate-shrinkwrap: Refactor into separate functions
• 4a67fdb install: Load shrinkwrap before arg metadata
• a11a7b2 install: Resolve local args relative to cwd
• c6942a7 doc: Fix typos in CHANGELOG.md
• e63d913 doc: Fix old reference to `doc/install` in comment
• 099d23c doc: correct link to `npm-tag` from tag docs
• 900a5b7 [email protected]
• 69267f4 test: Added tests to verify correct-mkdir race patch
• e5f50ea test: Added tests to verify addLocal race patch
• 2a37c97 cache: ignore enoent on chownr while adding packages to cache
• ea018b9 utils: Fix a Windows corner case with correct-mkdir
• 703ca3a cache: Fixed Windows issue with addLocal
• dd2b5e8 doc: tweak issue template
• 8a5b926 ci: speed up Travis
• c843908 doc: tweak formatting for issue template
• aa977a8 doc: tweak issue template
• 82b1b6e create issue template
• 8c64640 3.10.3

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)