[Snyk] Fix for 1 vulnerabilities

[aliceUnhinged613]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: addons-linter

The new version differs by 250 commits.

• 129b5f2 5.32.0
• 70488df chore(deps): bump deepmerge from 4.3.0 to 4.3.1 (#4763)
• 14bd5e2 chore(deps-dev): bump webpack from 5.76.1 to 5.76.2 (#4761)
• a0aa412 chore(deps): bump glob from 8.1.0 to 9.3.0 (#4759)
• eaeb34f chore(deps-dev): bump @ babel/core from 7.21.0 to 7.21.3 (#4757)
• c58fec3 chore(deps-dev): bump @ babel/eslint-parser from 7.19.1 to 7.21.3 (#4758)
• 7e28680 chore(deps): bump @ mdn/browser-compat-data from 5.2.41 to 5.2.42 (#4760)
• 679b910 chore(deps): bump eslint from 8.35.0 to 8.36.0 (#4756)
• 8b5e457 chore(deps-dev): bump sinon from 15.0.1 to 15.0.2 (#4755)
• b6d2a0e chore(deps): bump @ fluent/syntax from 0.18.1 to 0.19.0 (#4754)
• e55a4ff chore(deps): bump espree from 9.4.1 to 9.5.0 (#4750)
• d0e026b chore(deps-dev): bump webpack from 5.76.0 to 5.76.1 (#4753)
• e614b6c chore(deps): bump @ mdn/browser-compat-data from 5.2.40 to 5.2.41 (#4751)
• 637f687 Pontoon: Update Korean (ko) localization of AMO Linter
• 3aa928b chore(deps-dev): bump webpack from 5.75.0 to 5.76.0 (#4747)
• 7c7a9b0 chore(deps-dev): bump babel-jest from 29.4.3 to 29.5.0 (#4743)
• 6af90f9 chore(deps): bump @ mdn/browser-compat-data from 5.2.39 to 5.2.40 (#4744)
• a0c72d4 chore(deps-dev): bump jest from 29.4.3 to 29.5.0 (#4742)
• 52afee4 5.31.0
• 8e771b8 fix: Set a custom no-unsanitized config for dynamic import calls (#4739)
• 22124bd chore: Add test + comment for version_added: "preview" (#4741)
• d90f83c Pontoon: Update Catalan (ca) localization of AMO Linter
• 9ba3e44 chore(deps): bump addons-scanner-utils from 8.4.0 to 8.5.0 (#4734)
• 0f13e4e chore(deps): bump @ mdn/browser-compat-data from 5.2.38 to 5.2.39 (#4736)

See the full diff

Package name: chrome-launcher

The new version differs by 17 commits.

• 7907523 0.14.0 (Update yargs to version 4.7.0 🚀 mozilla/web-ext#240)
• b00fa22 tests(mac): longer timeout for finding installations (Update babel-plugin-transform-class-properties to version 6.8.0 🚀 mozilla/web-ext#238)
• ac1f4af move to minimum node 12; remove rimraf (Update babel-plugin-transform-es2015-modules-commonjs to version 6.8.0 🚀 mozilla/web-ext#237)
• 673da08 tests: add mac/win bots to ci (Update es6-error to version 2.1.1 🚀 mozilla/web-ext#232)
• dec646c deps: replace mkdirp.sync with fs.mkdirSync (Update babel-plugin-transform-flow-strip-types to version 6.8.0 🚀 mozilla/web-ext#234)
• a5f6eb2 Add additional chrome flags (Update flow-bin to version 0.24.0 🚀 mozilla/web-ext#227)
• df9d564 tests(ci): migrate from travis to github actions (Update eslint to version 2.9.0 🚀 mozilla/web-ext#228)
• 3a90c21 docs(chrome-flags-for-tools): fixup a few links
• 8429ca9 docs(chrome-flags-for-tools): add feature flags description
• 21db5f9 docs: update chrome-flags-for-tools.md (Update flow-bin to version 0.24.1 🚀 mozilla/web-ext#231)
• e45b100 docs(chrome-flags-for-tools): minor tweaks to headless & others
• 3a7c961 retitle CHROME_PATH message
• 83ab178 Require Node.js 10+ (Automatically build/reinstall/reload extension as you edit the source mozilla/web-ext#222)
• 4b98587 docs(chrome-flags-for-tools): massive update and refactor (fix: Fixed error on unknown commands mozilla/web-ext#226)
• b1b8dc7 fix: rename TranslateUI to Translate to match Chrome (Support interrupting the file watcher on windows mozilla/web-ext#225)
• beb4136 chore: update dependencies and test targets (Reloading extension silently fails when remote debugger is disabled mozilla/web-ext#221)
• a700ae0 Fix getInstallations() section (Cannot auto-reload an add-on after some time mozilla/web-ext#212)

See the full diff

Package name: firefox-profile

The new version differs by 26 commits.

• 08a4e4c version 4.2.0
• 94b7279 Drop `uuid` and just use native `mkdtemp` (Update es6-error to version 2.1.0 🚀 mozilla/web-ext#122)
• 5761816 Drop lazystream (Save built Firefox extension to a firefox directory mozilla/web-ext#121)
• 456c99f Drop `archiver` (Run an extension in a linked profile for persistence mozilla/web-ext#123)
• 604f8da Update dependencies + version bump
• e3a6328 fix: remove deprecated jetpack-id dependency (Package also for chrome mozilla/web-ext#119)
• 940bedb Bump ini from 1.3.5 to 1.3.6 (Update babel-istanbul-loader to version 0.1.0 🚀 mozilla/web-ext#114)
• 3429330 Drop `async` (Change --firefox-binary to --firefox mozilla/web-ext#116)
• 60c1f61 Drop lodash (Document how to install / run web-ext from source mozilla/web-ext#115)
• cd63285 Merge pull request chore(): switch to more concise ES6 syntax mozilla/web-ext#113 from saadtazi/archiver-upgrade
• 4bdc619 update changelog and bump major
• b6322a5 remove "broken" tests
• 5bcd9bd some packages update
• e8534d5 prettier updates
• 2bd8e21 update archiver to v5.0
• 7aae99a Merge pull request Define all commands as yargs modules mozilla/web-ext#103 from saadtazi/dependabot/npm_and_yarn/stringstream-0.0.6
• 8713d0f Merge pull request Remove all flow adapters, use flow in all tests mozilla/web-ext#108 from saadtazi/dependabot/npm_and_yarn/minimist-1.2.3
• dbc296d Merge pull request Update babel-plugin-transform-flow-strip-types to version 6.6.5 🚀 mozilla/web-ext#109 from saadtazi/dependabot/npm_and_yarn/websocket-extensions-0.1.4
• a103206 Merge pull request Update eslint to version 2.3.0 🚀 mozilla/web-ext#111 from saadtazi/drop-nodejs-support-v6-v8
• f93d56b no more coveralls... to old :-(
• 635542e drop support for nodejs 6 & 8. test 10, 12 & 14.
• 71c3bcb Bump stringstream from 0.0.5 to 0.0.6
• 55956ef Merge pull request Update babel-core to version 6.6.5 🚀 mozilla/web-ext#110 from saadtazi/dependabot/npm_and_yarn/lodash-4.17.19
• bc55584 Bump lodash from 4.17.15 to 4.17.19

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.