[Snyk] Fix for 4 vulnerabilities

[Snugug]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	Proof of Concept
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	Yes	No Known Exploit
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:braces:20180219	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: connect-session-knex

The new version differs by 221 commits.

• 0976205 2.1.1
• 7ad41bd Update Changelog
• 6d3f386 Update packages
• 36eb1bd Fix default export in typings (Update punchcard-content-types to version 0.10.0 🚀 #89)
• d9242c8 Updated for compatability with Knex 0.95.0+ (Feature/sass styleguide #82)
• af5b932 2.1.0
• e91012c Update Changelog
• 6897bf7 Update package.json
• 01d6548 Update Readme.md
• 03bb19e Implemented store.all() method (Developer: Consistent Class Structure #81)
• 03e8aa7 Merge pull request Update Readme #80 from mehmetb/code-linting
• 9d4380a Merge pull request Update punchcard-content-types to version 0.9.0 🚀 #79 from sn1ff/master
• 0e448d3 Merge pull request Developer: Docker for Local Development #78 from medicalminds/master
• a36195e Linted the code
• 6d38312 Added lint and lint-fix scripts to package.json
• e2fd0c2 Add Postgres support for case sensitive custom tablename
• fa0703d disableDbCleanup option to readme / simple test
• 74fffad add disableDbCleanup option
• 9070566 Bump ini from 1.3.5 to 1.3.8 (Add Year and Company to Copyright #76)
• c83b5ec Update dependencies
• 1b4fcb2 Fix typings for createtable option (Update punchcard-content-types to version 0.7.0 🚀 #73)
• 8ad445b 1.7.3
• bc9cd57 Changelog 1.7.3
• 815285f fix: handling datatype in older mysql versions(< 5.7.8) (Basic styling #68)

See the full diff

Package name: knex

The new version differs by 73 commits.

• ca702cf Updated changelog and bumped version up
• 44ccb33 Fixes #1303 (#2458)
• 8771bd4 Use tarn as pool (#2450)
• 053736f Added info about new dialect and about minimal test cases
• 5f81e8a Add redshift support without changing cli or package.json (#2233)
• bf1fa63 Add queryContext to schema and query builders (#2314)
• 09eb126 Update dependencies and fix ESLint warnings accordingly (#2433)
• c1997e9 Fixing issue with add columns on tables failing if using both after and collate (#2432)
• 15706c0 2351 CLI sets exit-code 1 if the command supplied was not parseable (#2358)
• 9f8d2ed Update dependencies (#2422)
• 59f6cba Set toNative() to be not enumerable (#2388)
• 45f5ffb Use wrapIdentifier in columnInfo. fixes #2402 (#2405)
• 82bfdba Disable oracledb tests from non LTS nodes (#2407)
• 3f89701 Shifted returning before joins for updates (MSSQL) (#2399)
• 6ffcaed fixes #2373 (#2374)
• 5e12b23 Incorrectly set UV_THREADPOOL_SIZE (#2372)
• fbf371f Added decimal variable precision / scale support (#2353)
• aac0565 Updated change log + version for 0.14.2
• b5ba51a Fix truncate() on sqlite3 dialect (#2348)
• aeec0a2 Updated package version and changelog
• c0ac107 More pool tests and test on borrow default (#2341)
• 95e5cf8 Support multiple searchPaths while preserving case-sensitive feature … (#2340)
• e405d66 Fixed passing connection errors directly to the query (#2336)
• 211a611 Fixed typo in issue template

See the full diff

Package name: nodemon

The new version differs by 7 commits.

• 9a67f36 feat: update chokidar to v3
• 6781b40 docs: add license file
• 0e6ba3c fix: wait for all subprocesses to terminate (fixes issue #1476)
• b58cf7d chore: Merge branch 'master'
• 95a4c09 docs: add to faq
• 3a2eaf7 choe: merge master
• 3d90879 chore: add logo to site

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution