[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Breaking Change	Exploit Maturity
	Prototype Pollution SNYK-JS-LODASH-567746	No	Proof of Concept

Commit messages

Package name: knex

The new version differs by 250 commits.

• 40c80b3 release 0.11.0
• 415d008 Prepare for 0.11.0
• 8a303f1 Merge pull request #1342 from h0vhannes/mssql-conn-urls
• 9903e7d Merge pull request #1372 from mdrmuhaimin/patch-1
• 4d88e1d Update package.json to use latest node-postures
• d990708 Merge pull request #1362 from wolfgang42/mssql-fixes
• a7f609a mssql dialect: Fix integration tests that check for quoted wrappers.
• aa3c1c2 mssql dialect: make createTableIfNotExists actually work.
• 85403e8 Merge pull request #1343 from wubzz/bugfix/pool.ping_for_mssql
• 14eca7a Fix MSSQL ping function, calling resource.request().query instead of resource.query.
• 8e41a33 Add parse URL connection string tests for MSSQL
• e49b0d4 Correct connection URL parsing for MSSQL
• 1f09df8 Merge pull request #1296 from wubzz/default_pool_ping_fn_and_rollback_handler
• a223858 Increase rollback timeout to 5secs
• abfff60 Update documentation regarding default `ping` function.
• fa12571 A default `ping` fn in default pool settings, and silently ignore errors when querying 'ROLLBACK' on a dead connection by using Promise.Timeout.
• a104cc0 Merge pull request #1315 from wubzz/bugfix/missing_error_event_for_mysql2
• bb9663f Merge pull request #1326 from wubzz/bugfix/renameCol_drops_default_value
• d3b1fcc Fixed test, forgot ES6 is not supported in the test suite.
• 0b45356 .renameColumn should not drop defaultValue or nullable state. Currently this happens for mysql. Fixes #933
• 2fad6d1 Mysql2 should also listen to 'error' events.
• b8c8572 Merge pull request #1313 from jurko-gospodnetic/code-cleanup
• 34d9a76 Merge pull request #1269 from wubzz/bugfix/fix_valuesForUndefined_actual_query
• e9ebf6f touch up wording in warning message about manually removing migration locks

See the full diff

Package name: noflo

The new version differs by 225 commits.

• 575ed20 Bump
• 5cf44e2 Merge pull request #439 from noflo/greenkeeper-fbp-1.3.0
• 18b6958 chore(package): update fbp to version 1.3.0
• fdb05b3 Mention case sensitive mode
• b1353fb Merge pull request #435 from ifitzpatrick/case-sensitive
• 0c6b213 Disambiguation, refs #130
• f0c0870 Add support for stream datatype in ports, fixes #130
• 0572800 Merge pull request #440 from noflo/greenkeeper-fbp-manifest-0.1.8
• 88ab4ce chore(package): update fbp-manifest to version 0.1.8
• c890f61 Go to tilde
• 9a85546 Don't shadow loader var
• eb54d6c Update CHANGES
• b574fca Fix component caching, fixes #427
• 4ed31d8 Pass caseSensitive option to new Graph with an options object
• 57bd943 Merge pull request #432 from noflo/greenkeeper-fbp-1.1.7
• 378bc86 Merge pull request #436 from noflo/greenkeeper-mocha-2.5.2
• 39a6104 No setMaxListeners on browser
• f5d4560 chore(package): update mocha to version 2.5.2
• c1f56f3 Allow arbitrary number of listeners
• c1b9860 Add caseSensitive option to Graph object
• 1fc70fe chore(package): update fbp to version 1.1.7
• 55342d1 Merge pull request #428 from noflo/greenkeeper-babel-core-6.9.0
• 8b92c7c Merge pull request #431 from noflo/greenkeeper-mocha-2.5.1
• 6b26921 chore(package): update mocha to version 2.5.1

See the full diff

Package name: noflo-core

The new version differs by 56 commits.

• 3d5d4d5 Relax NoFlo version requirements even further
• 32e9356 More relaxed NoFlo dep
• b9ec9a3 Bump
• 302c999 Add noflo keyword
• a2a143b Add CoffeeScript dep
• 52012a9 Tilde all the things
• fafe647 Merge pull request [Snyk] Security upgrade noflo-image from 0.2.0 to 0.2.17 #50 from noflo/greenkeeper-grunt-contrib-watch-1.0.0
• 91df22d Merge pull request Support nocache flag imgflo/imgflo-server#72 from noflo/greenkeeper-fbp-spec-0.1.14
• 6ebe2ae Merge pull request Metrics: Add number of pixels processed imgflo/imgflo-server#76 from noflo/greenkeeper-mocha-2.5.1
• fa26e87 Switch to grunt-mocha-test
• b060c92 Update license field
• beb1bb7 Set up Travis autodeploy
• 8044975 Merge pull request [Snyk] Security upgrade webpack from 1.15.0 to 3.0.0 #48 from noflo/greenkeeper-grunt-contrib-coffee-1.0.0
• 5a83630 Modernize test runner
• af10fe7 Expect error
• dc108eb chore(package): update grunt-contrib-watch to version 1.0.0
• 43ed342 chore(package): update fbp-spec to version 0.1.14
• 2e0ec20 chore(package): update grunt-contrib-coffee to version 1.0.0
• 00a6693 Merge pull request [Snyk] Security upgrade sqlite3 from 3.1.13 to 5.0.3 #43 from noflo/greenkeeper-chai-3.5.0
• e0641bb Merge pull request [Snyk] Fix for 1 vulnerabilities #51 from noflo/greenkeeper-grunt-contrib-uglify-1.0.1
• 342c511 Merge pull request [Snyk] Fix for 1 vulnerabilities #46 from noflo/greenkeeper-grunt-coffeelint-0.0.15
• bfd94b3 Test on modern Node.js
• ce0a371 Make browser failures fatal
• 4013282 Merge pull request [Snyk] Fix for 1 vulnerabilities #47 from noflo/greenkeeper-grunt-mocha-phantomjs-3.0.0

See the full diff

Package name: noflo-image

The new version differs by 54 commits.

• 39ea36d Bump
• 443f1a6 Merge pull request #129 from noflo/ungroup-tofullscale
• 8ae3c4e Change tests to caring with groups as metadata
• f88e769 Stop creating a group to identify the url
• a6248a2 Stop creating a group to the original url
• e640763 Do not check groups after new noflo
• bbf1b1b Do not run browser tdd for now
• 348dcab Use the right version range on noflo
• 435d893 Bump
• 10de546 Use version range for noflo and bump deps
• 783fe34 Bump to 0.2.5
• 68986ec Merge pull request Video: Enforce a limit on input video size imgflo/imgflo-server#114 from noflo/canvas2buffer
• 10fc41a Silence it
• babee04 Use the right path to fixture
• 7d73018 Display err and buffer data
• 1690b01 Bump timeout a bit
• 2ad48d2 Require testutils
• 1ebc8b3 Attach the right port
• 45838c1 Create test for canvas 2 buffer component
• e9f93cc Create component to convert canvas to buffers async
• 3da9f97 Add new component to manifest
• 62c1071 Bump to 0.2.4
• 600054b Merge pull request Update to GEGL 0.3.10 imgflo/imgflo-server#103 from noflo/greenkeeper-noflo-core-0.2.0
• 34e9a3c Bump to 0.2.3

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic