[Snyk] Fix for 1 vulnerabilities

[Billywildhig]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • workspaces/arborist/test/fixtures/audit-all-severities/package.json
  • workspaces/arborist/test/fixtures/audit-all-severities/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	125/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.01055, Social Trends: No, Days since published: 0, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.08, Score Version: V5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: node-weakauras-parser

The new version differs by 21 commits.

• e127d43 Switch to Node-API
• 02bd852 Update dependencies
• 6479ddd ci: pre-build for Node v16
• 22e74ec Update dependencies
• 3f85863 Update neon to 0.6
• c565719 Try to represent maps with numeric keys as arrays when decoding if possible
• 472871a Fix clippy warnings
• 00180bc Use a LibSerialize-compatible algorithm in encode()
• a8d4f8c Update JS dependencies
• af0dd1a Implement decoding of strings generated by WA 2.18+
• 639062a Make first letters of error messages uppercase
• 804d1f7 Update dependencies, switch to zlib-ng
• 6065c16 Implement a configurable memory usage limit for decompression
• 64dad67 Add some sanity checks for Huffman decompression
• 7bce56a Update dependencies, switch to zlib fork from Cloudflare
• 56d9819 Remove redundant imports
• 908f271 ci: pre-build for Node v14, drop Node v8
• 10a6b21 Convert infinite numbers to null when deserializing
• 23a479c Remove target-cpu=native, pre-build for Haswell
• 6887943 ci: migrate to GitHub Actions
• bc146da Fix the possibility of a usize overflow

See the full diff

Package name: nyc

The new version differs by 173 commits.

• bebf4d6 chore(release): 15.0.0
• 2931730 chore: Update to final releases of dependencies (Isaacs/install finish npm/cli#1245)
• d44ff19 chore: Update node-preload and use process-on-spawn ([BUG] npm config get prefix super slow npm/cli#1243)
• 5258e9f feat: Filenames relative to project cwd in coverage reports (npm install expo-cli npm/cli#1212)
• 6039f29 chore: Unpin test-exclude, update to latest pre-releases (i am getting below error when i do npm install. does anyone know any solution? npm/cli#1240)
• f3c9e6c chore: Temporarily pin test-exclude ([BUG] npm ERR! cb() never called! npm/cli#1239)
• 28ed746 chore: Lazy load modules that are rarely/never needed in test processes. ([BUG] Local package install fails on exFAT partition npm/cli#1232)
• 7307626 chore: Remove cp-file module (Release 6.14.5 npm/cli#1230)
• dfd629d fix: Better error handling for main execution, reporting ([BUG] When installing a git dependency, prepare script can see dev dependencies, prepack script can not npm/cli#1229)
• 549c953 chore: Update dependencies, pin find-cache-dir ([QUESTION] ETIMEDOUT from npm run build npm/cli#1228)
• a1dee03 chore: Update yargs ([BUG] <Failed to build standalone app err: Error: yarn exited with non-zero code: 1> npm/cli#1224)
• 8078a79 chore: Fix 404 in README.md. (cb() never called! npm/cli#1220)
• 7a02cb7 chore: Add enterprise language ([BUG] Replace deprecated "request" by "got" npm/cli#1217)
• ea94c7f chore: Remove unused functions (npm 上传组件 样式丢失 npm/cli#1218)
• 53c66b9 docs: `npm home nyc` goes to github master branch README ([BUG] <ExFat file system installs fail when updating packages> npm/cli#1201)
• cf5e5d3 chore: Update dependencies
• 8411a26 fix: Correct handling of source-maps for pre-instrumented files ([FEATURE] Add ability to install only the packages in package.json without any of their dependencies npm/cli#1216)
• f890360 docs: Fix URL to default excludes in README.md ([BUG] npm ci fails with git based dependencies npm/cli#1214)
• 3726bbb chore: Update to async version of istanbul-lib-source-maps (#1199)
• 0efc6d1 chore: Tweak arguments for async coverage data readers (Unexpected end of JSON input while parsing near '... ^5.0.0"},"dist":{"in' npm/cli#1198)
• cc77e13 chore: Add `use strict` to all except fixtures ([FEATURE] Support signed releases npm/cli#1197)
• bcbe1df chore: Update dependencies ([BUG] npm install script override works like postinstall npm/cli#1196)
• 2735ee2 chore: 100% coverage (Expo not installing npm/cli#1195)
• fd40d49 feat: Use @ istanbuljs/schema for yargs setup (Expo not installing npm/cli#1194)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.