[Snyk] Fix for 6 vulnerabilities

[Woodpile37]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • src/chains/filecoin/filecoin/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Breaking Change	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342073	No	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342082	No	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	No	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOCHA-2863123	Yes	No Known Exploit
	Information Exposure SNYK-JS-NANOID-2332193	No	Proof of Concept
	Sandbox Bypass SNYK-JS-WEBPACK-3358798	No	Proof of Concept

Commit messages

Package name: mocha

The new version differs by 53 commits.

• 5f96d51 build(v10.1.0): release
• ed74f16 build(v10.1.0): update CHANGELOG
• 51d4746 chore(devDeps): update 'ESLint' to v8 (#4926)
• 4e06a6f fix(browser): increase contrast for replay buttons (#4912)
• 41567df Support prefers-color-scheme: dark (#4896)
• 61b4b92 fix the regular expression for function `clean` in `utils.js` (#4770)
• 77c18d2 chore: use standard 'Promise.allSettled' instead of polyfill (#4905)
• 84b2f84 chore(ci): upgrade GH actions to latest versions (#4899)
• 023f548 build(v10.0.0): release
• 62b1566 build(v10.0.0): update CHANGELOG
• fbe7a24 chore: update dependencies (#4878)
• 2b98521 docs: replace 'git.io' short links (#4877) [ci skip]
• 007fa65 chore(ci): add Node v18 to test matrix (#4876)
• f6695f0 chore(esm): remove code for Node v12 (#4874)
• 59f6192 chore(ci): conditionally skip 'push' event (#4872)
• b863359 docs: fix 'fgrep' url (#4873)
• baaa41a chore(ci): ignore changes to docs files (#4871)
• ac81cc5 refactor!: drop support of 'growl' notification (#4866)
• 3946453 chore(deps)!: upgrade 'minimatch' (#4865)
• 592905b refactor!: rename 'bin/mocha' to 'bin/mocha.js' (#4863)
• b7b849b refactor!: remove deprecated Runner signature (#4861)
• 0608fa3 chore(site): fix supporters' download (#4859)
• 785aeb1 chore(test): drop AMD/'requirejs' (#4857)
• ed640c4 chore(devDeps): upgrade 'coffee-script' (#4856)

See the full diff

Package name: typedoc

The new version differs by 26 commits.

• 0cdc5a8 Bump version to 0.22.11
• 08c0321 Upgrade dependencies
• 3bc9c78 Merge pull request #1851 from stefanobaghino-da/bump-to-marked-4.0.10
• d959b71 Restore v2 lockfile
• 7732d3c Bump marked from 3.0.8 to 4.0.10
• 70633ed Merge pull request #1849 from adeniszczyc/bug/anchor-links-offset-top
• 3f501a3 Fix offset on member anchor links
• d28c224 Update changelog to reflect recent commits
• 05e32d3 Merge pull request #1843 from adeniszczyc/feat/anchor-links-hover-members
• 59d312d Add support for anchor links on hover on members
• a67e40b Merge pull request #1826 from dragomirtitian/feat-improve-index-loading-perf
• 2767ae9 Changed how index is loaded to improve performance
• 7ec2b26 Fix identical background for code and text
• 4597587 Merge branch 'gh1832'
• be3f5cb Merge pull request #1834 from matteobruni/issue-1803
• 3c71fa7 build: added entry on changelog
• 52c8c4f Fix namespaced names passed to addUnknownSymbolResolver
• cc0e509 build: restored some files
• cbe7292 feat: added cname options for CNAME file
• 3f0dbea Merge pull request #1806 from srmagura/heading-line-height
• 9548c4e Fix changelog entry under the wrong release
• 7d4bc90 Merge pull request #1805 from srmagura/fix-example-typescript
• e218745 Set line-height of all headings to 1.2
• 3959776 Upgrade dependencies of example

See the full diff

Package name: webpack

The new version differs by 250 commits.

• 5d64468 Merge pull request #16792 from webpack/update-version
• 67af5ec chore(release): 5.76.0
• 97b1718 Merge pull request #16781 from askoufis/loader-context-target-type
• b84efe6 Merge pull request #16759 from ryanwilsonperkin/real-content-hash-regex-perf
• c98e9e0 Merge pull request #16493 from piwysocki/patch-1
• 5f34acf feat: Add `target` to `LoaderContext` type
• b7fc4d8 Merge pull request #16703 from ryanwilsonperkin/ryanwilsonperkin/fix-16160
• 63ea82d Merge branch 'webpack:main' into patch-1
• 4ba2252 Merge pull request #16446 from akhilgkrishnan/patch-1
• 1acd635 Merge pull request #16613 from jakebailey/ts-logo
• 302eb37 Merge pull request #16614 from jakebailey/html5-logo
• cfdb1df Improve performance of hashRegExp lookup
• 4d561a6 Add test for behaviour of filesystem-cached assets with loaders
• dfaa3b4 lint: remove trailing comma
• dcc3e71 Serialize code generator data to support generated assets
• b67626c Merge pull request #16491 from lvivski/main
• d957cdf Fix formatting
• 6011163 Fix formatting
• ea5e864 Fix HTML5 logo in README
• 2112f9b Replace TypeScript logo in README
• 5513dd6 Merge branch 'webpack:main' into patch-1
• 4b4ca3b Merge pull request #16500 from Jack-Works/avoid-cross-realm-object
• 4f39c9f fix: type error
• c922ee1 chore: revert breaking change

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[changeset-bot]

⚠️ No Changeset found

Latest commit: febf920

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR