[Snyk] Fix for 2 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	Yes	Proof of Concept
	778/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.7	Server-side Request Forgery (SSRF) SNYK-JS-NETMASK-1089716	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: snyk

The new version differs by 250 commits.

• 7d81923 Merge pull request #800 from snyk/fix/fix-yarn-release
• 5571ce7 fix: leave proxy-agent as bundled only to fix yarn install
• e6568ec Merge pull request #797 from snyk/test/remove-bad-test
• f365660 test: skip test that uses previous bad version
• 0c6026e Merge pull request #795 from snyk/fix/https-agent-vuln
• c918814 fix: add packed dependency to prevent download from git
• ed05431 Merge pull request #790 from snyk/fix/https-agent-vuln
• 8815e84 fix: address https-proxy-agent vulnerability
• 18bcfb8 Merge pull request #784 from snyk/fix/improve-marker-expression-parsing
• f6e31a2 Merge pull request #783 from snyk/fix/https-proxy-agent
• e85691f fix: Improve parsing for marker expressions for python projects
• 244d0e0 fix: ignoring SNYK-JS-HTTPSPROXYAGENT-469131
• c965884 Merge pull request #772 from snyk/chore/introduce-prettier
• 9917da8 chore: apply prettier rules
• 9d9506f chore: add prettier configuration
• f75bb70 Merge pull request #782 from snyk/fix/docs-spelling
• 8506395 Merge pull request #781 from snyk/fix/remediation-package-text-color
• 7802663 Merge pull request #780 from snyk/feat/cocoapods
• a73c5ea fix: correct docs spelling
• b9867a3 fix: remediation package name color from cyan to default (grey)
• 2306a8c Merge pull request #768 from snyk/sfat-patch-1-1
• 4bbcc3c feat: add CocoaPods support
• 825666d Merge pull request #779 from snyk/fix/remove-stringly-typed-boolean-option-values
• 1efdee3 refactor: no need to use lodash to retrieve strictOutOfSync

See the full diff

Package name: tap

The new version differs by 250 commits.

• bc49fb7 15.0.0
• 4378608 remove publishConfig beta tag
• 2c2e75f provide mkdirRecursive polyfill for old node versions
• 8f4c855 correctly specify 10.0.x versions
• 5e61672 update deps
• c44c418 Support 10.0 and test in CI
• dc5c841 tcompare@5.0.4
• 385b6d2 Add .taprc.yml/yaml handling to change log
• 4f87466 just run regular test script as snap script
• 315a921 delete FORCE_COLOR/NO_COLOR rather than setting to '0'
• 564e96f Add detection for .yaml and .yml
• 75bae93 update cli doc
• c1289bf 15.0.0-3
• d6fe32f Do not CI on node 10
• d2e0428 do not use equals() alias in self-test
• 3f787c4 tell npm to be colorful in CI
• 1512818 run tests with color on github actions
• 4626fa1 Docs: update documentation for tap v15
• 02d536b libtap@1.0.1
• f7c7c58 update cli doc
• 2aa497c 15.0.0-2
• 8d7f62e Add support for overriding libtap's internal settings
• 29eed63 new snapshot folder layout
• 3a28d4d update libtap git ref to isaacs/tap-v15-prep branch

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic