[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-ASYNC-2441827	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: browserify

The new version differs by 78 commits.

• 26c58a9 forgot the "has" dep
• 9a3864e more changelog info about browser field mappings
• 42c2052 fix now works with the latest resolve
• 29d917e failing browser field file test
• ef257ed remove dnode test, was causing issues
• 16611da some upgrades
• ee3be4a more info on v9 fixes
• e6438ea failing cases in pkg_event
• 145ea52 failing pkg_event test
• 97203b3 upgrades for 9.0.0
• fbd6e2e Merge branch 'fix-expose' of https://github.com/jmm/node-browserify
• dbe2c71 9.0.0
• 53821dd Merge branch 'remove-unused-umd-dep' of https://github.com/zertosh/node-browserify
• f6593fb Update browser-pack to ^4.0.0
• 7ff5676 Merge branch 'remove-unused-umd-dep' of https://github.com/zertosh/node-browserify
• ab4b4b8 Remove unused "umd" dep
• d938408 failing relative dedupe case
• a18657c 8.1.3
• b300f68 Merge branch 'master' of https://github.com/jden/node-browserify
• 6ba8455 8.1.2
• 19dcba9 Support requiring a shimmed module name from an external bundle
• b106b1d ensure use of URL path separators
• 16eef09 Merge pull request #1082 from nikolas/patch-1
• 77eed91 Remove broken link to changelog

See the full diff

Package name: del

The new version differs by 5 commits.

• 11ce3d4 2.0.0
• 458bf78 add XO
• e5d7b96 cleanup and simplify
• af6b528 Merge pull request #29 from wbinnssmith/wbinnssmith/promise-api
• 6589c52 Async: expose a Promise API rather than accepting a callback.

See the full diff

Package name: winston

The new version differs by 250 commits.

• b47d5d5 3.3.0
• b6bc918 Prepare for v3.3.0
• 9354721 doc: fix whitespace and trailing comma. (#1778)
• 3d07a80 docs: add example of uncaughtRejections logging (#1780)
• df25fa2 fix: change property of handleRejections (#1779)
• 950cbcd Add options to request (#1777)
• 1c75292 Update package-lock.json (#1772)
• e7d13d5 Exclude unnecessary files from npm package (#1768)
• 75f7edf Fix removes a logger when pass undefined transport (#1785)
• 4b571ba This adds Node.js 14 and removes Node.js 8 as: (#1793)
• 73ae01f Update Sentry transport `require` change (#1754)
• 7b67eb0 Fix typo (#1750)
• 1679c49 Fix Issue where winston removes transport on error (#1364) (#1714)
• 0e0cf14 Fix #1690 (#1691)
• 85a250a Node 12 is LTS now
• bea9c34 Update README.md (#1743)
• 319abf1 Add defaultMeta to Logger index.d.ts (#1736)
• c719706 (typo) Missing label import in example (#1733)
• 8944598 Update index.d.ts (#1729)
• 7bb258c Fix `npm` logging levels on README.md (#1737)
• 64744d7 #1567: document common transport options (#1723)
• ae2335b Add Humio transport link to docs (#1705)
• 785bd9e UPDATE levels on readme (http added) (#1650)
• 4f44acb Add PostgresQL transport to list of community transports (#1697)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution