[Snyk] Fix for 2 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1085630	Yes	No Known Exploit
	481/1000 Why? Recently disclosed, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: copy-webpack-plugin

The new version differs by 26 commits.

• 517433e chore(release): 5.0.0
• d332212 test: empty from (#343)
• 1f511b8 refactor: debug option (#342)
• e808aa2 fix: copy only modified files when you use patterns with difference to (#341)
• fbe43cb test: space in directory (#340)
• 8f5e638 fix: normalize path segment separation (#339)
• a1c5372 feat: emit warning instead error if file doesn't exist (#338)
• f551c0d feat: supports copy nested directories/files in symlink (#335)
• 2f3ee34 refactor: use `Error` class for error (#336)
• 49a28f0 fix: handles new files when you in watch mode (#333)
• 11c9aef refactor: `fromArgs` option (#332)
• e870664 refactor: migrate on Set (#331)
• 9e1c35e refactor: code (#330)
• ab9439a refactor: break compatibility with < webpack 4 (#329)
• 61dfe52 fix: handle `[contenthash]` as template (#328)
• 6ea72d7 refactor: rewrite on class (#327)
• cbeac0f test: cjs (#326)
• f82ed7e chore: update webpack-defaults (#325)
• 6e508f5 chore(deps): update (#324)
• f80d235 docs: improve (#323)
• daccb2f chore: migrate on jest (#322)
• 2fa2dbe chore: integrate husky and lint-staged (#321)
• 050a5bb chore: drop support for node < 6.9 (#320)
• 488b848 chore: integrate prettier and eslint (#319)

See the full diff

Package name: node-pre-gyp

The new version differs by 39 commits.

• 2844fa4 bump to v0.8.0 with N-API support
• b22612c remove node-pre-gyp dep from app7 package.json
• 9bb97af Merge pull request #345 from inspiredware/napi-support
• c31cce4 Merge branch 'master' into napi-support
• cf3ebb6 bump to v0.7.1 with tar v4.x
• 9bc1ff3 avoid double declare of tape in devDeps
• b1ce220 fix package.json syntax
• e9fb2e5 Merge pull request #299 from isaacs/master
• 81f2e60 Merge branch 'master' into master
• e7bb6cd bump to v0.7.0 / drop node v0.10.x support
• 837c48b update versions
• af507d1 Merge pull request #347 from krotscheck/hawk
• eda90e0 Remove dependency on hawk, upgrade request
• 9684ef6 Another CI build tweak
• 9870491 Addresses CI build errors
• b2ed35a update with latest versions
• e352a05 kick travis
• 37eb637 bump to v0.6.40
• 8f7c497 CI tweaks
• 488ac7b Fix for code cleanup
• 82a641e Code cleanup.
• f0719bd Fix for reveal command
• 1122fdb Fixes clean and app7 for automated testing
• 411f5be Windows fixes

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic