[Snyk] Fix for 2 vulnerabilities

[jahil-khalfe]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	Yes	Proof of Concept
	753/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASH-1040724	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: babel-eslint

The new version differs by 43 commits.

• 0f20099 5.0.0
• 278579f Update README.md
• 11c2f03 Merge pull request Add MDN links to Bonfires freeCodeCamp/freeCodeCamp#255 from deepsweet/npm-ignore
• 3b5f8f4 include only `index.js` in npm package
• c0f1110 delete `.npmignore`
• f399c89 Merge pull request Standardize "steps", "details", "description" across modesl freeCodeCamp/freeCodeCamp#250 from danez/patch-1
• c71392e adjust test to also cover issue unable to login freeCodeCamp/freeCodeCamp#239
• 413b80e 5.0.0-beta10
• 7a038d5 Merge pull request symmetric-difference - inconsistent instructions freeCodeCamp/freeCodeCamp#246 from babel/escope-patterns
• c80a386 fixup tests
• 36f6638 fix typo
• bd4eee9 check using `__esModule`
• b26bc58 Prevent escope referencer from traversing into param pattern type annotations
• 0d30882 5.0.0-beta9
• 71fadf0 Merge pull request Ux improvements freeCodeCamp/freeCodeCamp#244 from christophehurpeau/patch-1
• d8ac8f9 fix Change decay rate of hot stories to 48 hours freeCodeCamp/freeCodeCamp#243
• 3dcb32c 5.0.0-beta8
• ac4d3f0 Add a test for use strict and directive ast change
• 937eceb 5.0.0-beta7
• 880dc03 Merge pull request Add code execute button freeCodeCamp/freeCodeCamp#241 from jmm/rule-strict
• 80f7a48 temporarily remove test
• 04838a2 Add tests for `strict` rule.
• 4a3a35d Merge pull request bonfire more info button arrow needs to change freeCodeCamp/freeCodeCamp#232 from vaibhavmule/patch-1
• 0cf92d3 update Licenses date

See the full diff

Package name: babel-loader

The new version differs by 26 commits.

• 321852e Merge branch 'release/6.0.0'
• e7565ee Add @ malyw 's guide to upgrade babel
• 862b7b1 Update travis badge url
• ff3bc7a Update dependencies.
• fc2bfe4 Merge branch 'shinnn-travis-ci' into develop
• a6f3fc0 Change options to query. Increase timeout interval
• 94d6308 Merge remote-tracking branch 'werk85/master' into develop
• f4e40c5 README updated
• 0823f6a Upgraded to Babel 6
• bb110a8 set up Travis CI
• 5992650 5.3.3
• f723509 pin babel-core version in peerDependencies as it'll try and install babel 6...
• f299837 Merge pull request Update bonfires.json freeCodeCamp/freeCodeCamp#87 from jhnns/patch-1
• 17c7860 Clarify note on deprecated peerDependencies
• f84ef50 Merge branch 'develop' of github.com:babel/babel-loader into develop
• 9f117b5 Bump version. Update CHANGELOG.md
• dc66b2a Don't override existing items in sourcesContent if any
• 719eb70 Merge branch 'hotfix/5.3.1' into develop
• 342375d Merge branch 'hotfix/5.3.1'
• edf2bc3 Bump version. Update changelog
• 9fe6bbc Fix for 'Module build failed: TypeError: Object.keys called on non-object'
• 6b33020 Merge branch 'release/5.3.0' into develop
• e22df89 Merge branch 'release/5.3.0'
• 0156f51 Bump version and update CHANGELOG.md

See the full diff

Package name: cheerio

The new version differs by 106 commits.

• c3ec1cd Release 0.20.0
• ef848ca Add coveralls badge, remove link to old report
• dbcbe90 Merge pull request Bootstrap css link is not on the tutorial description freeCodeCamp/freeCodeCamp#808 from leifhanack/lodash4
• c04ead1 Merge pull request Challenge http://www.freecodecamp.com/challenges/waypoint-scope-your-variables has an issue  freeCodeCamp/freeCodeCamp#668 from rwaldin/prop-method
• b5531bb Merge pull request Challenge http://www.freecodecamp.com/challenges/waypoint-use-clockwise-notation-to-specify-the-margin-of-an-element has an issue  freeCodeCamp/freeCodeCamp#671 from twolfson/dev/fallback.select.content.sqwished
• 9d98bd7 Merge pull request Challenge http://www.freecodecamp.com/challenges/waypoint-add-borders-around-your-elements has an issue  freeCodeCamp/freeCodeCamp#704 from Rycochet/master
• 1b9c5c9 Merge pull request Basic Javascript waypoints translated into ES [WIP] freeCodeCamp/freeCodeCamp#797 from Delgan/641-appendTo_prependTo
• b12cbe8 Update lodash dependeny to 4.1.0
• 8c9b2e0 Merge pull request Blacklist usernames freeCodeCamp/freeCodeCamp#796 from Delgan/fix_780
• b09db31 Fix PR fixed bug where the 'next challenge' button in tablet view couldn't… freeCodeCamp/freeCodeCamp#726 adding 'appendTo()' and 'prependTo()'
• ce8829d Added appendTo and prependTo with tests Fix to issue #633 and a hand full of the other issues related to the challenge freeCodeCamp/freeCodeCamp#641
• 4779762 Fix Set font-family: "Monospace" renders as serif freeCodeCamp/freeCodeCamp#780 by changing options context in '.find()'
• 8dc1cc9 Add an unit test checking the query of child
• b27bed6 fix Minor typo: Challenge http://www.freecodecamp.com/challenges/waypoint-responsively-style-a-radio-buttons has an issue  freeCodeCamp/freeCodeCamp#667: attr({foo: null}) removes attribute foo, like attr('foo', null)
• 70c5608 Include reference to dedicated "Loading" section
• fa70a84 Added load method to $
• 4e8483a update css-select to 1.2.0
• 5f2777a Merge pull request Example app freeCodeCamp/freeCodeCamp#732 from jugglinmike/reinstate-toarray
• 106e42a Merge pull request Challenge isn't checking where code is added freeCodeCamp/freeCodeCamp#776 from dYale/master
• 97149d3 Fixing Grammatical Error
• a1367ee Merge pull request class not working freeCodeCamp/freeCodeCamp#739 from TrySound/npm-files
• 6c73b7a Merge pull request Challenge doesn't accept CSS shorthand freeCodeCamp/freeCodeCamp#773 from JaKXz/patch-1
• 48bb22d Test against node v0.12 --> v4.2
• ec2414d Correct output in example

See the full diff

Package name: sanitize-html

The new version differs by 7 commits.

• 54f05a2 1.7.1: removed lodash in favor of lighter dependencies and polyfills
• 682c160 Merge pull request More graceful merging of different oauth accounts freeCodeCamp/freeCodeCamp#63 from ArtskydJ/master
• b9b213e simplified a bit more
• 89dde7a Removed lodash dependency
• abc4625 1.7.0: allowedSchemesByTag option. Thanks to Cameron Will
• 4dbf43c Merge branch 'cwill747-per-tag-scheme-nowhitespace'
• 3f14ce1 [feat] Add per-tag scheme rules

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic