[Snyk] Fix for 6 vulnerabilities

[emanchado]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	679/1000 Why? Has a fix available, CVSS 9.3	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962463	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	Proof of Concept
	641/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.4	Prototype Pollution SNYK-JS-JSON5-3182856	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Prototype Pollution SNYK-JS-MINIMIST-2429795	No	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-MINIMIST-559764	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: babel-brunch

The new version differs by 6 commits.

• 67bc0a6 Release 7.0.0.
• 3919b52 7.0 (#67)
• c42c598 Improve pattern example ([Snyk] Fix for 2 vulnerabilities #55)
• df0e92b Refactoring, env, closing a bunch of issues ([Snyk] Security upgrade nodemailer from 6.10.1 to 7.0.11 #53)
• 2cff6ce Merge pull request [Snyk] Security upgrade bcrypt from 5.1.1 to 6.0.0 #50 from kesha-antonov/master
• f0b099b fix typo in readme

See the full diff

Package name: db-migrate

The new version differs by 73 commits.

• 49a849f remove node 6 from build array
• 7cfdb3a 0.11.7
• 8b5beac fix(vuln): backport #679
• e183046 feat(staticLoader): a static loader to support packaging
• cc19a2b resize big image
• cf24965 resize big image
• d6d8cdb add sponsor
• 263db65 add changelog
• e393d36 0.11.6
• 006ef5e fix(plugin): handle non existent dependencies and improve UX
• f27dce0 fix(plugin): allow no package.json
• fae85cf fix(cwd): addition of cwd missed function definition
• 3dae762 fix(plugin): respect options cwd (#618)
• 108087d 0.11.5
• 910f0bc Merge pull request #600 from artemjackson/master
• 4cd5558 fix(lgtm): fix errors
• c851b4a chore(ci): update dependencies
• 9e6bafd chore(ci): adjusting makefile for new testing resources
• 2b57d66 Merge pull request #599 from xcorail/master
• 17a7386 Merge pull request #576 from pc-jedi/exitcode
• 10f84f8 Merge pull request #596 from DanielRuf/ci/test-nodejs-6-8-10-11
• 3c9a175 chore(ci): adjusting makefile for new testing resources
• fcffd62 fix: Added warning on plugin loading failure
• 85450c7 doc: Add LGTM.com code quality badges

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution