[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	589/1000 Why? Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-1019388	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: browserify

The new version differs by 104 commits.

• e19f256 12.0.0
• c881c07 update devdeps
• c77bf33 update glob and shell-quote
• c35f73e update builtins deps
• da949a1 update deps for streams3
• e3fbe7d update module-deps & fix symlink bug (also uses streams3)
• df43933 remove unused deps
• dca78a6 update browser-pack & fix charset bug (also uses streams3)
• 46aba9f use latest node in travis
• 76b60a9 remove node 0.8 from travis
• f5a82d8 Merge pull request #1362 from mnichols/master
• 185be39 Merge pull request #1393 from emilbayes/patch-1
• d48ec61 Merge pull request #1396 from stevemao/patch-3
• d847221 travis: test on node4 not "4.0.0"
• a212016 Links to the wrong querystring module
• b7cf5be 11.2.0
• bb2a99d Merge pull request #1361 from substack/fix-bare
• e781d9d Merge pull request #1377 from demohi/patch-2
• 05d7861 update package.json version
• 85e4b9d 11.1.0
• c1c6b72 browserify adds the '.' in case you forget it
• 97a122e Update travis Node.js version & remove io.js
• 1b73d9b bump buffer to 3.4.3 to fix maximum call stack exceeded errors
• cf32d77 Exclude "process" and "buffer" when "bundleExternal === false"

See the full diff

Package name: minimatch

The new version differs by 10 commits.

• 81edb7c v3.0.2
• 6944abf Handle extremely long and terrible patterns more gracefully
• 8ac560e v3.0.1
• 4f3a8bc update tap
• 9cf2d88 Remove mentions of cache from readme
• 7df236f Use svg instead of png to get better image quality
• 361f803 Fixes spelling mistake from "instanting" to "instantiating"
• ea0c690 update travis
• 270dbea v3.0.0
• 668a1f4 Don't package browser version

See the full diff

Package name: polyfill-service

The new version differs by 250 commits.

• 0578e0a 3.10.0
• 3eabab2 3.10.0-0
• 4ea247d update compat.json
• 93c0bff Update dependencies and shrinkwrap (wrap wd-methods in bluebirdQ gemini-testing/gemini#832)
• fd69c35 install UserTiming polyfill via third-party mechanism (Full page screenshot collapse on IE8 gemini-testing/gemini#830)
• 89a1831 Fix closing code tags in docs/contributing/common-scenarios.html (chore: qemitter -> async-emitter gemini-testing/gemini#828)
• 7cef3c6 Update README.md
• 8585d44 Sourcemaps issue (Programmatic API: test didn't get executed gemini-testing/gemini#821)
• 94a1845 Merge tag 'v3.9.0'
• aa016a0 3.9.0
• ae361ff Merge tag 'v3.9.0-rc5'
• d26ba62 Add array.of via new third party install method (firefox scroll error gemini-testing/gemini#805)
• a87a1fa 3.9.0-rc5
• 5353b56 Set browser to Unknown if below baseline version (Use 'prepublishOnly' hook instead 'prepublish' to prepare calibrate script gemini-testing/gemini#819)
• db9afff Set browser to Unknown if below baseline version (Use 'prepublishOnly' hook instead 'prepublish' to prepare calibrate script gemini-testing/gemini#819)
• c66b968 Revert "Revert "Need to set Picture polyfill IE to 7+ to support Methode"" (update configparser version to 0.4.0 gemini-testing/gemini#804)
• 6c137e9 Add atob btoa via new third party install method (Can not install on Windows 10 gemini-testing/gemini#806)
• 70c1e55 Merge branch 'update-tests'
• 9ec51ab update test to remove unused function
• 82aa6dc update tests to use proclaim
• 73c2511 Switch from expect.js to Proclaim (fix: pass current image path to reference image error gemini-testing/gemini#813)
• cef23e4 Remove a not own property constraint for iterators in Array.from (Error install gemini on Ubuntu gemini-testing/gemini#817)
• cc0a47d Add html5shiv via new third party install method (Can I use gemini for localhost that has a pre-login step? gemini-testing/gemini#807)
• 0483794 Add AudioContext via new third party install method (Not a png : gemini doesn't create screenshots gemini-testing/gemini#808)

See the full diff

Package name: wd

The new version differs by 24 commits.

• b44ca4e 1.0.0
• 4237774 fixing tests
• 294a896 skipping byName tests in ios
• 819013e newer appium config for tests
• 7692f38 making unit test pass
• 20c85d3 upgrade + fixes
• bf83d43 more upgrades
• ff2c8dd Update link to capabilities doc
• a1375ad restoring chronological order
• 023e2c1 BrowserStack test examples
• a23d650 deps + node upgrade
• 0fadc4c deps update
• 4d71c70 Update dependencies.
• ee0c2a0 Giving bromann some love.
• b03145c Print https://saucelabs.com/jobs/SESSIONID link when running on Saucelabs.
• 3df66b5 Add getDeviceTime method
• 0274692 Merge pull request Feature: Add xml or JSON report gemini-testing/gemini#403 from ertrzyiks/ertrzyiks-patch-1
• a0f3562 0.4.0
• 899ecc3 Merge pull request Update chalk to version 1.1.3 🚀 gemini-testing/gemini#411 from imurchie/isaac-performtouch
• 4e10682 Wrap touch action array in object
• c79c4f6 Update jsonWire doc about scroll command
• 3cdf23e Merge pull request npm install issues on Windows 7 64 bit gemini-testing/gemini#396 from bronzehedwick/patch-1
• f60bbca Fix broken link to mobile emulator docs
• 4543ab8 cleaning up makefiles, configuring colored mocha

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic