[Snyk] Fix for 64 vulnerabilities

[lholmquist]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:

  • package.json

• Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches.
  Find out more.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	619/1000 Why? Has a fix available, CVSS 8.1	Prototype Pollution SNYK-JS-AJV-584908	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7	Remote Memory Exposure SNYK-JS-BL-608877	No	Proof of Concept
	704/1000 Why? Has a fix available, CVSS 9.8	Arbitrary File Write via Archive Extraction (Zip Slip) SNYK-JS-DECOMPRESSZIP-73598	No	No Known Exploit
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution SNYK-JS-DOTPROP-543489	No	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-ENGINEIO-1056749	Yes	Proof of Concept
	584/1000 Why? Has a fix available, CVSS 7.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-HAWK-2808852	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	Yes	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASH-1040724	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-450202	Yes	Proof of Concept
	731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2	Prototype Pollution SNYK-JS-LODASH-567746	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-608086	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-73638	Yes	Proof of Concept
	541/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-73639	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASHMERGE-173732	No	Proof of Concept
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution SNYK-JS-LODASHMERGE-173733	No	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKDOWNIT-2331914	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKDOWNIT-459438	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-MERGE-1040469	Yes	No Known Exploit
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-MERGE-1042987	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-1019388	Yes	No Known Exploit
	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Arbitrary File Overwrite SNYK-JS-NPM-537603	Yes	Proof of Concept
	451/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 2.6	Unauthorized File Access SNYK-JS-NPM-537604	Yes	Proof of Concept
	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Arbitrary File Write SNYK-JS-NPM-537606	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Insertion of Sensitive Information into Log File SNYK-JS-NPM-575435	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-NPMUSERVALIDATE-1019352	Yes	No Known Exploit
	671/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7	Prototype Pollution SNYK-JS-PLIST-2405644	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-PRINTF-1072096	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Insecure Defaults SNYK-JS-SOCKETIO-1024859	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-SOCKETIOPARSER-1056752	Yes	Proof of Concept
	624/1000 Why? Has a fix available, CVSS 8.2	Arbitrary File Overwrite SNYK-JS-TAR-1536528	Yes	No Known Exploit
	624/1000 Why? Has a fix available, CVSS 8.2	Arbitrary File Overwrite SNYK-JS-TAR-1536531	Yes	No Known Exploit
	410/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	Yes	No Known Exploit
	639/1000 Why? Has a fix available, CVSS 8.5	Arbitrary File Write SNYK-JS-TAR-1579147	Yes	No Known Exploit
	639/1000 Why? Has a fix available, CVSS 8.5	Arbitrary File Write SNYK-JS-TAR-1579152	Yes	No Known Exploit
	639/1000 Why? Has a fix available, CVSS 8.5	Arbitrary File Write SNYK-JS-TAR-1579155	Yes	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	Yes	Proof of Concept
	484/1000 Why? Has a fix available, CVSS 5.4	XML External Entity (XXE) Injection SNYK-JS-XMLDOM-1084960	Yes	No Known Exploit
	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Arbitrary Code Injection SNYK-JS-XMLHTTPREQUESTSSL-1082936	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Access Restriction Bypass SNYK-JS-XMLHTTPREQUESTSSL-1255647	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:braces:20180219	No	Proof of Concept
	434/1000 Why? Has a fix available, CVSS 4.4	Time of Check Time of Use (TOCTOU) npm:chownr:20180731	Yes	No Known Exploit
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:clean-css:20180306	No	Proof of Concept
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	Yes	No Known Exploit
	369/1000 Why? Has a fix available, CVSS 3.1	SSL Validation disabled by default npm:electron-packager:20160422	Yes	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:hawk:20160119	No	No Known Exploit
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution npm:hoek:20180212	Yes	Proof of Concept
	539/1000 Why? Has a fix available, CVSS 6.5	Timing Attack npm:http-signature:20150122	No	No Known Exploit
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution npm:lodash:20180130	Yes	Proof of Concept
	484/1000 Why? Has a fix available, CVSS 5.4	Cross-site Scripting (XSS) npm:markdown-it:20150702	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:minimatch:20160620	Yes	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:ms:20170412	Yes	No Known Exploit
	554/1000 Why? Has a fix available, CVSS 6.8	npm Token Leak npm:npm:20160418	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Access Restriction Bypass npm:npm:20180222	Yes	No Known Exploit
	676/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.1	Regular Expression Denial of Service (ReDoS) npm:plist:20180219	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Override Protection Bypass npm:qs:20170213	No	No Known Exploit
	469/1000 Why? Has a fix available, CVSS 5.1	Remote Memory Exposure npm:request:20160119	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:tough-cookie:20160722	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Regular Expression Denial of Service (ReDoS) npm:tough-cookie:20170905	No	No Known Exploit
	576/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.1	Uninitialized Memory Exposure npm:tunnel-agent:20170305	No	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Insecure Randomness npm:ws:20160920	Yes	No Known Exploit
	761/1000 Why? Mature exploit, Has a fix available, CVSS 7.5	Denial of Service (DoS) npm:ws:20171108	Yes	Mature

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: electron-packager

The new version differs by 250 commits.

• 5e8526a Remove accidentally committed package lock
• 537c27c 13.0.0
• d977deb Update related package links in readme
• a339b24 Use Travis CI for some Windows CI (#917)
• a533d5f Drop callback support (#916)
• 3cbb080 Remove deprecated target arch API (#915)
• 41bf218 Upgrade eslint-plugin-node to ^8
• c0c8014 Merge pull request #899 from electron-userland/notarize-support
• 229c69f Attempt to fix possible race condition with sinon.spy
• 8b9c16f Note which notarize sub-properties are required
• 5aa3d78 Reorganize some code, clarify docs, add tests
• 58c1453 feat: add support for mojave app notarization
• 3366253 Merge pull request #900 from electron-userland/drop-node-4
• 8be52c0 probot(request-info): check that issues/PRs don't have un-filled-in templates
• 8ea94db Upgrade to ESLint 5
• 20d9462 More package upgrades
• fa519cf Drop support for Node < 6
• b487df2 Merge pull request #823 from jsg2021/asar-filename
• 2183e42 Clean up
• a30d2cc Add prebuiltAsar option
• a5e0f62 12.2.0
• fb1656e Add link to electron-installer-windows (#817)
• 2164e17 Test refactors (#896)
• e3f18ec Don't handle EH/NP Helpers if they don't exist (#894)

See the full diff

Package name: electron-rebuild

The new version differs by 192 commits.

• 67fa3d7 1.8.5
• eff2701 Merge pull request #300 from schneiderl/master
• d3c8e37 Fix typos in readme.md
• 44e607f chore: use the new electronjs.org headers URL (#299)
• 7433977 chore: upgrade dependencies (#285)
• 83aede6 1.8.4
• 75a85da fix: Disable yargs' automatic --version command (#279)
• c5205b1 1.8.3
• 1f7e4ba chore: add yarn lock file
• 6d7ebf7 Use prepare instead of prepublish in package.json scripts (#278)
• 35e7d5d Use npm_config_devdir instead of setting HOME (#273)
• dee80fa chore: upgrade dependencies (#277)
• 04d1d46 chore: fix NPM badge link
• 0470d29 Merge pull request #276 from malept/travis-windows
• d47635f chore: add Travis/NPM badges
• 7b5feca chore: only use the Travis workaround on the Electron org
• 21ab797 chore: remove AppVeyor config
• 9946240 chore: add Windows workers to Travis CI
• db498e0 Merge pull request #274 from malept/update-ci-config
• 654b131 chore: add cache to Travis CI
• 386a892 chore: set longer test timeout on Windows
• 4b6804f chore: drop Node 4 in AppVeyor
• 5fc182d chore: update Travis CI config
• 40ddb24 docs: include Node version requirement (#201)

See the full diff

Package name: ember-cli-babel

The new version differs by 250 commits.

• 0b83e42 7.0.0
• fcf317f Merge pull request #140 from babel/babel-7
• d01d724 Prevent issues with @ babel/preset-env getting unknown options.
• 1ea60c3 Merge branch 'master' into babel-7
• 6955f46 Drop support for ember-cli < 2.13.
• eb03764 Merge changes from master...
• c58ae85 6.17.0
• 5486b3e Add recent releases to changelog...
• ec3f25c Merge pull request #241 from arthirm/master
• af16202 Bumping broccoli-babel-transpiler
• b4528ff Update test to properly match plugin style.
• 2ea0e47 Remove brittle (and unneeded) tests.
• 9671601 7.0.0-beta.5
• 1167211 Remove stray .only.
• cf8f7ee Fix issue with @ babel/polyfill update.
• b4ea00d 7.0.0-beta.4
• e53e927 Update dependencies.
• 1e494d6 Update babel-polyfill -> @ babel/polyfill.
• 7008a5f Use release version of broccoli-babel-transpiler.
• 932a1d0 Merge pull request #239 from dfreeman/green-tests
• a185133 Get tests passing with throwUnlessParallelizable: true
• 6d11f44 Merge pull request #237 from babel/rwjblue-patch-1
• b96e5cb Use correct preset env...
• f9e4f17 Fix file: reference in package.json.

See the full diff

Package name: ember-cli-htmlbars-inline-precompile

The new version differs by 30 commits.

• ae552eb 0.4.0
• 133cd0a Release 0.4.0 final.
• 705f173 0.4.0-beta.2
• 335e4c5 Update CHANGELOG.
• 62e44bd Update minimum version of babel plugin.
• d86edac 0.4.0-beta.1
• 74fd184 Merge pull request #69 from rwjblue/babel-6
• ffafb16 Remove welcome page.
• 99aad43 Add ember-cli-shims back to ember-source scenario.
• 3ae7891 Update min engine version.
• d8cb4a1 Make function properly for babel@6 version.
• f68e8b6 Update minimum versions of deps and devDeps.
• c18f6d3 fixup! Add babel@6 to devDeps for test harness.
• 8f92b23 Remove unused directories.
• 1e9f66e Set ember-cli to 2.11.1.
• edeceaa Add babel@6 to devDeps for test harness.
• c113ff3 fixup! Update minimum node version.
• 06f4fc7 ES6ify
• 1f9d121 Update for babel@6.
• e157867 Update minimum node version.
• a8e851b Merge pull request #68 from samselikoff/patch-1
• d1763d7 Ensure super call is bounded
• 083ae62 Merge pull request #67 from Turbo87/ci-deploy
• 5fa9b15 CI: Enable automatic NPM deployment for tags

See the full diff

Package name: ember-cli-qunit

The new version differs by 91 commits.

• ce97b77 4.0.0
• a047c12 Update yarn.lock.
• 03d7c2c Update CHANGELOG for 4.0.0.
• b5dbd09 Update minimum version of ember-qunit.
• f16f4d1 Merge pull request #180 from mminkoff/patch-1
• f91e04b don't cover open Module drop-down
• c9c0bbf 4.0.0-beta.1
• c9385f2 Add basic upgrading info to README.
• 127600d Update CHANGELOG.
• e1e96a7 Merge pull request #177 from rwjblue/stuff
• 8f77efd Update associated dependencies to Babel 6.
• 99b18ba Death to `var`!
• a1929f2 Merge pull request #175 from rwjblue/update-babel-6
• ea52fd4 Merge pull request #176 from rwjblue/manual-start
• cf5c5a5 Replace autostart behavior with hook to start tests.
• df6a0e9 Update allowed engines in package.json.
• 4b46471 Update to Babel 6.
• fb8127a 3.1.2
• 1714541 Update CHANGELOG for v3.1.2.
• 8adb7ab Merge pull request #173 from rwjblue/prevent-clobbering
• 161ab87 Bump to node@4 in CI.
• 893d0ff Prevent clobbering custom `this.options.babel`.
• f4cbeb9 3.1.1
• f2f997c Merge pull request #170 from hidnasio/override-height-in-fullscreen

See the full diff

Package name: ember-cli-uglify

The new version differs by 22 commits.

• 373aba7 v2.0.0
• dd9a511 Update CHANGELOG
• 315228f Merge pull request [Snyk] Security upgrade ember-cli from 2.4.3 to 3.23.0 #28 from Turbo87/update
• 71d9fec Update "broccoli-uglify-sourcemap" to v2.0.0
• b82b75d 2.0.0-beta.2
• f626ca4 Update CHANGELOG for 2.0.0-beta.2.
• dcc9348 Merge pull request [Snyk] Fix for 3 vulnerabilities #26 from jrjohnson/safari-mangle
• 73707d6 Add a fix for Safari to the default config
• 948d179 Add CHANGELOG
• 4b4c8f7 2.0.0-beta.1
• 4a0813c Merge pull request [Snyk] Fix for 1 vulnerabilities #18 from Turbo87/readme
• e21f7a0 Merge pull request [Snyk] Security upgrade ember-electron from 1.3.2 to 2.9.0 #19 from Turbo87/package-json
• 1285e37 Update README
• 3ea29f2 Use ES6 shorthand method syntax
• 979039f package.json: Adjust repository links
• 9c8d67a package.json: Sort contents
• 8a9aa92 package.json: Update "engines" property to Node 4+
• b567e39 Merge pull request [Snyk] Fix for 1 vulnerabilities #17 from Turbo87/next
• 22e596b Update "broccoli-uglify-sourcemap" to v2.0.0-beta.1
• 122fcb3 Merge pull request [Snyk] Fix for 3 vulnerabilities #15 from ember-cli/greenkeeper/remove-node-0.10
• 5f12f29 chore: drop support for Node.js 0.10
• 211e1bd Add link to community guidelines as CODE_OF_CONDUCT.md

See the full diff

Package name: ember-electron

The new version differs by 250 commits.

• 159415a 2.9.0
• 5550e08 📦 Add a package-lock
• d47826b Merge pull request #355 from jacobq/support-ember-cli-3.2
• 938d1bd Update testem-electron.js (run headless in CI)
• 9ee0f93 Clean-up and use ember-cli v3.3.0
• 77fc9f1 Ensure temp package tarball busts npm cache
• 2b2047b Appease eslint
• 873731c Set testem-electron.js in TestTask::run
• 9ed83e5 Generate & add yarn.lock
• a38cb4d Remove unused dependency socket.io
• 784ce9b Use tarball to install to avoid symlink ember-electron in node_modules
• 63b1920 ember-cli-update (--to 3.2)
• 35b4354 ember-cli-update --to 3.1
• 63e1f32 ember-qunit-codemod
• 9e69b5a ember-cli-update --to 3.0
• 6b26014 ember-cli-update --to 2.18
• c156e29 ember-cli-update --to 2.16
• 8549142 Travis: use system's yarn & node 6,8,10
• dd9227a Merge branch 'master' of https://github.com/felixrieseberg/ember-electron
• 3af91eb Merge pull request #339 from jacobq/patch-3
• dd09655 🚀 Kick the build machine
• 3693346 2.8.0
• 8831174 Merge pull request #342 from jacobq/doc/faq-security
• 36becf4 Add content-security-policy.com link to references

See the full diff

Package name: ember-export-application-global

The new version differs by 7 commits.

• 3641991 Release 2.0.1
• 84999a5 Remove ember-cli-babel dependency.
• 2e335cf 2.0.0
• d8904dd Merge pull request [Snyk] Fix for 2 vulnerabilities #24 from ember-cli/update-babel-6
• cf11f03 Update to Babel 6.
• bf21819 Merge pull request [Snyk] Fix for 1 vulnerabilities #23 from ember-cli/clean-up
• 06605c5 addon cleanup

See the full diff

Package name: ember-resolver

The new version differs by 27 commits.

• ff70a9f 4.0.0
• 1681fe6 Update CHANGELOG for v4.0.0.
• 9966909 Merge pull request #179 from rwjblue/babel-6
• 0bc5fd5 Update to Babel 6.
• 81c3d0b 3.0.1
• 16d5f08 Update CHANGELOG for 3.0.1.
• 10e0c88 Merge pull request #178 from ember-cli/bugfix
• fa83970 Bring in line with addon/ layout changes.
• f80f6de [Fixes #175] restore ability to resolve from modules
• 1fbc09e Merge pull request #177 from 201-created/keys
• c08ccbb No longer need Ember.keys
• 7b423a2 Merge pull request #176 from 201-created/restructure
• 1f656e8 Restructure on disk
• 7362f60 release v3.0.0
• 3d6ae61 Merge pull request #174 from ember-cli/cleanup
• 58bacd8 more cleanup
• 2bc9593 Merge pull request #173 from ember-cli/cleanup
• 6b0727f cleanup
• 15cc4c3 Merge pull request #172 from ember-cli/cleanup
• 4861481 cleanup deps
• 074179a Merge pull request #164 from ember-cli/greenkeeper-ember-cli-2.9.1
• bb65019 Merge branch 'master' into greenkeeper-ember-cli-2.9.1
• 946aa6c Merge pull request #165 from ember-cli/greenkeeper-ember-cli-app-version-2.0.1
• 8f6c55b Merge pull request #169 from daniellawrence/bug/readme-link-update-example

See the full diff

With a Snyk patch:

Severity	Priority Score (*)	Issue	Exploit Maturity
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	No Known Exploit
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution npm:lodash:20180130	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) npm:minimatch:20160620	No Known Exploit
	399/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:ms:20170412	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[//]: # (snyk:metadata:{"prId":"c6ebb6e7-aa3a-458a-b3a9-35807db091fa","prPublicId":"c6ebb6e7-aa3a-458a-b3a9-35807db091fa","dependencies":[{"name":"electron-packager","from":"6.0.0","to":"13.0.0"},{"name":"electron-rebuild","from":"1.1.3","to":"1.8.5"},{"name":"ember-ajax","from":"0.7.1","to":"3.0.0"},{"name":"ember-cli","from":"2.4.3","to":"3.23.0"},{"name":"ember-cli-app-version","from":"1.0.1","to":"2.1.0"},{"name":"ember-cli-babel","from":"5.2.8","to":"7.0.0"},{"name":"ember-cli-htmlbars-inline-precompile","from":"0.3.13","to":"0.4.0"},{"name":"ember-cli-qunit","from":"1.4.3","to":"4.0.0"},{"name":"ember-cli-uglify","from":"1.2.0","to":"2.0.0"},{"name":"ember-data","from":"2.18.5","to":"3.11.0"},{"name":"ember-electron","from":"1.3.2","to":"2.9.0"},{"name":"ember-export-application-global","from":"1.1.1","to":"2.0.1"},{"name":"ember-resolver","from":"2.1.1","to":"4.0.0"}],"packageManager":"npm","projectPublicId":"93692f97-73e4-467b-8a11-19c29036bd28","projectUrl":"https://app.snyk.io/org/lholmquist/project/93692f97-73e4-467b-8a11-19c29036bd28?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":["npm:debug:20170905","npm:lodash:20180130","npm:minimatch:20160620","npm:ms:20170412"],"vulns":["SNYK-JS-AJV-584908","SNYK-JS-ANSIREGEX-1583908","SNYK-JS-BL-608877","SNYK-JS-DECOMPRESSZIP-73598","SNYK-JS-DOTPROP-543489","SNYK-JS-ENGINEIO-1056749","SNYK-JS-HAWK-2808852","npm:hawk:20160119","SNYK-JS-HOSTEDGITINFO-1088355","SNYK-JS-LODASH-1018905","SNYK-JS-LODASH-1040724","SNYK-JS-LODASH-450202","SNYK-JS-LODASH-567746","SNYK-JS-LODASH-608086","SNYK-JS-LODASH-73638","SNYK-JS-LODASH-73639","npm:lodash:20180130","SNYK-JS-LODASHMERGE-173732","SNYK-JS-LODASHMERGE-173733","SNYK-JS-MARKDOWNIT-2331914","SNYK-JS-MARKDOWNIT-459438","n...