[Snyk] Fix for 2 vulnerabilities

[alfxp]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
• package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	Yes	Proof of Concept
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @ngx-rocket/core

The new version differs by 52 commits.

• f6dccf3 chore(release): 6.1.0 [skip ci]
• 1a180f6 feat: provide features param to base constructor
• 5ad22b0 feat: restore install actions
• 8689f58 ci: update to Node v12
• 28a158d feat!: update to yeoman-generator@5
• 008d8f3 fix: update deps
• 4d6ad7a build(deps): bump hosted-git-info from 2.7.1 to 2.8.9
• ab58fdc build(deps): bump lodash from 4.17.20 to 4.17.21
• 81a639e build(deps): bump ws from 7.4.2 to 7.4.6
• f0d4429 ci: update trigger for PRs
• f226a7b ci: use dedicated bot for release commit
• 500913b chore(release): 6.0.1 [skip ci]
• ee8f38c ci: set release branch
• edd1e46 ci: change check to main branch
• 96760f1 ci: add branch check
• 4f839e8 ci: fix aggregate job
• d7f1767 ci: rework ci
• 619a61a chore: prettier fixes
• fb9d8b9 ci: fix automated release
• 6b6f08c docs: update node version badge
• c7a7301 ci: update workflow
• 1df4686 refactor: remove npmignore
• db8f0a8 chore: add editorconfig
• 69cf9ee chore: update year

See the full diff

Package name: yeoman-environment

The new version differs by 250 commits.

• af27719 3.0.0
• 554971a Bump yeoman-generator to 5.0.0
• 07f6bed Let the generator calculate it's own id.
• 7278483 3.0.0-rc.1
• 8e089ec Adjusts for backwards compatibility
• d420ab0 Catch error at runGenerator
• 887d32c Drop support for kebab case options.
• f29a2ea Drop arguments from Environment constructor.
• 48e942d Implement experimental cli
• 694583d Change conflicter constructor api.
• 5b88e8a Add progress bar to applyTransform.
• 13ef6d4 Adjusts to package-manager logs.
• bff0e87 Add cwd option to Conflicter
• 2e7195d Empty conflicter queue before continuing.
• 6dccc95 Increase Environment max listeners
• 71b70b1 Fix override every file answer.
• 3cb26e1 Change package-manager logs.
• 3e00c4b Implement support for singleton generator using identifiers.
• fbea0e8 Refactor namespace and import by default.
• 1db8db1 Bump peter-evans/create-pull-request from v3.8.1 to v3.8.2 (Updated dependencies ngx-rocket/generator-ngx-rocket#269)
• 8a7ca93 3.0.0-rc.0
• 5a3a4ea Improve createYoResolveTransform
• 9805a00 Fixes to applyTransforms.
• 6923fca Add test for getConflicterStatusForFile

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncontrolled resource consumption