[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • tools/contributor/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: eslint

The new version differs by 250 commits.

• 145aec1 7.16.0
• 83518a5 Build: changelog update for 7.16.0
• a62ad6f Update: fix false negative of no-extra-parens with NewExpression (API link has been changed freeCodeCamp/freeCodeCamp#13930)
• f85b4c7 Fix: require-atomic-updates false positive across await (fixes Update chunk-manifest-webpack-plugin to version 1.0.0 🚀 freeCodeCamp/freeCodeCamp#11954) (I did everything right but can't pass this step freeCodeCamp/freeCodeCamp#13915)
• 301d0c0 Fix: no-constant-condition false positives with unary expressions (Title Case a Sentence: Unclear what the tests want as output of the function freeCodeCamp/freeCodeCamp#13927)
• 555c128 Fix: false positive with await and ** in no-extra-parens (fixes [beta] es6 challenge: import-vs-require-whats-the-difference test not working freeCodeCamp/freeCodeCamp#12739) (setting the object property using dot notation to the variable did not yield a passing result...only using bracket notation did freeCodeCamp/freeCodeCamp#13923)
• d93c935 Docs: update JSON Schema links (dataset is already declared freeCodeCamp/freeCodeCamp#13936)
• 8d0c93a Upgrade: table@6.0.4 (Fix es6 scopes challenge freeCodeCamp/freeCodeCamp#13920)
• 9247683 Docs: Remove for deleted npm run profile script (API Application error freeCodeCamp/freeCodeCamp#13931)
• ab240d4 Fix: prefer-exponentiation-operator invalid autofix with await (No Duplicating #Target5 into Left-Well? freeCodeCamp/freeCodeCamp#13924)
• dc76911 Chore: Add .pre-commit-hooks.yaml file (Profile Lookup issue freeCodeCamp/freeCodeCamp#13628)
• 2124e1b Docs: Fix wrong rule name ("BETA" ES6: Use the Spread Operator to Evaluate Arrays In-Place freeCodeCamp/freeCodeCamp#13913)
• 06b5809 Sponsors: Sync README with website
• 26fc12f Docs: Update README team and sponsors
• 902a032 7.15.0
• 6356778 Build: changelog update for 7.15.0
• 5c11aab Upgrade: @ eslint/esintrc and espree for bug fixes (refs Add Borders Around your Elements freeCodeCamp/freeCodeCamp#13878) (Nest an Anchor Element Coding Help freeCodeCamp/freeCodeCamp#13908)
• 0eb7957 Upgrade: file-entry-cache@6.0.0 (Size your Images freeCodeCamp/freeCodeCamp#13877)
• 683ad00 New: no-unsafe-optional-chaining rule (fixes [beta] Test error: Intermediate Algorithm Challenge - Missing Letters freeCodeCamp/freeCodeCamp#13431) (Size your Images challenge freeCodeCamp/freeCodeCamp#13859)
• cbc57fb Fix: one-var autofixing for export (fixes fix test pass spread-operator freeCodeCamp/freeCodeCamp#13834) (i am finding an issue in this challenge freeCodeCamp/freeCodeCamp#13891)
• 110cf96 Docs: Fix a broken link in working-with-rules.md (Fading an Element from Left to Right allows incorrect solution (BETA) freeCodeCamp/freeCodeCamp#13875)
• 0cb81a9 7.14.0
• fb3a594 Build: changelog update for 7.14.0
• 5f09073 Update: fix 'skip' options in no-irregular-whitespace (fixes projet freeCodeCamp/freeCodeCamp#13852) (Increment not happens in JavaScript freeCodeCamp/freeCodeCamp#13853)

See the full diff

Package name: lerna

The new version differs by 183 commits.

• 4582c47 chore(release): v4.0.0
• 2d0a97a fix(version): Ensure --create-release environment variables are present during initialization
• 63f18ba test(version): Assert on mocked releases, not calls
• 1f17e0c chore(lerna): Set top-level package tag -> next
• 80a072e chore(lerna): Enable --temp-tag during publish
• e00779a chore: Add release script
• 255c2ea docs(version): Move changelogPreset examples
• 7acf883 Merge branch 'next' into 'main'
• c3814b5 test(child-process): Avoid windows bullshit
• 671ddef chore: Reset lockfile
• affed1c feat(deps): Bump dependencies
• 126676a chore(scripts): Support --no-install flag
• d8100fd feat(deps): execa@^5.0.0
• 187cd58 chore(deps): Bump devDependencies
• ce232c8 chore: remove volta pins, annoying
• d181863 chore: Bump volta pins
• 42ab453 feat(prompt): Remove ambiguous exports
• 4acff59 refactor: Synchronize import ChildProcessUtilities -> childProcess
• a02e12e refactor(test): Refactor mockPromptChoices() -> promptSelectOne.chooseBump()
• 69bb2e4 refactor: Decompose PromptUtilities namespace import
• a08bafb refactor(test): Use unambiguous mockPromptChoices() method
• 3c67f15 refactor: Migrate to unambiguous promptConfirmation()
• 5d05d95 refactor: Migrate to unambiguous promptSelectOne()
• e9237f3 refactor: Migrate to unambiguous promptTextInput()

See the full diff

Package name: nodemon

The new version differs by 16 commits.

• ee92ee4 test: split require tests
• 33ae6da test: fix failing test when required
• a4490e2 fix: package.json & package-lock.json to reduce vulnerabilities
• 9bd07eb docs: changed verbose logging and CLI documentation to reflect support single file watch functionality
• c279760 test: make sigint test to actually check child pid (Challenge not completing when proper work is shown freeCodeCamp/freeCodeCamp#1656)
• cd45d74 test: fix fork test
• 496c335 chore: undo change to spawn code
• 47dfb8b fix: pipe stderr correctly
• ed91703 fix: ubuntu loop waiting for sub processes
• 9a67f36 feat: update chokidar to v3
• 6781b40 docs: add license file
• 0e6ba3c fix: wait for all subprocesses to terminate (fixes issue inadequate tests - function is correct, yet regex is off freeCodeCamp/freeCodeCamp#1476)
• b58cf7d chore: Merge branch 'master'
• 95a4c09 docs: add to faq
• 3a2eaf7 choe: merge master
• 3d90879 chore: add logo to site

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic