[Snyk] Fix for 4 vulnerabilities

[adamlaska]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-MERGE-1040469	No	No Known Exploit
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-MERGE-1042987	No	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Internal Property Tampering SNYK-JS-TAFFYDB-2992450	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @google/clasp

The new version differs by 183 commits.

• d6fbaae chore: release 2.4.0 (#840)
• f717e34 chore: bump dependencies
• d9e8a93 chore: bump dependencies
• 03f7bcf chore: bump dependencies
• fdf6cd6 chore: bump dependencies (#846)
• 44e1e7d Fix local auth support for run command (#844)
• 003d422 Migrate from watch to chokidar (#843)
• 7d1db04 Update CHANGELOG.md
• 1f1d576 Delint previous merge
• 64ea033 Merge branch 'master' of github.com:google/clasp
• d8c5101 Merge branch to migrate from CJS to ESM
• 16ee82c delint merge
• 5126ae0 chore: bump dependencies
• 2ac6f7b chore: bump dependencies
• 3741f71 fix: unnecessary code caused `help` command to crash
• c7b35fb chore: prettier
• 8063851 fix: handle cjs specifics
• c294fc9 chore: prettier
• b9aed32 fix: support legacy cjs config files
• 5055865 feat: switch from cjs to esm
• 0240652 Add *working* github CI badge :)
• dd4a2f0 Switch CI badge from travis to github
• a254691 Merge branch 'PopGoesTheWza-forked'
• 409f3cc delint - Use single quotes for strings

See the full diff

Package name: eslint

The new version differs by 242 commits.

• 80b8d5d 5.5.0
• b68e403 Build: changelog update for 5.5.0
• 6e110e6 Fix: camelcase duplicate warning bug (fixes #10801) (#10802)
• 5103ee7 Docs: Add Brackets integration (#10813)
• b61d2cd Update: max-params to only highlight function header (#10815)
• 2b2f11d Upgrade: babel-code-frame to version 7 (#10808)
• 2824d43 Docs: fix comment placement in a code example (#10799)
• 10690b7 Upgrade: devdeps and deps to latest (#10622)
• 80c8598 Docs: gitignore syntax updates (fixes #8139) (#10776)
• cb946af Chore: use meta.messages in some rules (1/4) (#10764)
• a857cd9 5.4.0
• 8dee250 Build: changelog update for 5.4.0
• a70909f Docs: Add jscs-dev.github.io links (#10771)
• 034690f Fix: no-invalid-meta crashes for non Object values (fixes #10750) (#10753)
• 11a462d Docs: Broken jscs.info URLs (fixes #10732) (#10770)
• 985567d Chore: rm unused dep string.prototype.matchall (#10756)
• f3d8454 Update: Improve no-extra-parens error message (#10748)
• 562a03f Fix: consistent-docs-url crashes if meta.docs is empty (fixes #10722) (#10749)
• 6492233 Chore: enable no-prototype-builtins in codebase (fixes #10660) (#10664)
• 137140f Chore: use eslintrc overrides (#10677)
• 2af6f4f 5.3.0
• 11e70c7 Build: changelog update for 5.3.0
• dd6cb19 Docs: Updated no-return-await Rule Documentation (fixes #9695) (#10699)
• 6009239 Chore: rename utils for consistency (#10727)

See the full diff

Package name: gulp-eslint

The new version differs by 3 commits.

• 40d004f 5.0.0
• 72c3599 use destructuring assignment to simplify the code
• aed571b update dependencies and devDependencies (Add non-nullable modifier to return type of functions never returning null googleworkspace/apps-script-oauth2#224)

See the full diff

Package name: jsdoc

The new version differs by 17 commits.

• 0842185 4.0.0
• b018408 chore!: replace taffydb package with @ jsdoc/salty
• dc48aa6 3.6.11
• cccfd3d chore(deps): resolve dependency vulnerability
• ff5963a fix(deps): rollback klaw to 3.x (#2002)
• 2bf9f88 3.6.10
• ffa07da remove `npm preinstall` script (#1971)
• aab7b50 3.6.9
• 24c1354 fix installation error when installing via npm (#1970)
• c5ea65a 3.6.8
• a024054 update dependencies
• e1f1919 3.6.7
• f7a64bd chore(deps): update selected dependencies
• 3f5c462 3.6.6
• 95e3192 fix: correctly track interface members
• ef05a69 3.6.5
• a59b5cd fix: prevent circular refs when params have the same type expression

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.