[Snyk] Fix for 1 vulnerabilities

[WontonSam]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	125/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.01055, Social Trends: No, Days since published: 0, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.08, Score Version: V5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @semantic-release/npm

The new version differs by 128 commits.

• 4b04ffd Merge pull request #671 from semantic-release/renovate/npm-10.x
• 6413130 feat(node-versions): raised the minimum required node version to v18.17 and dropped v19 support
• 819f257 fix(deps): update dependency npm to v10
• f2bc9e7 fix(deps): update dependency aggregate-error to v5 (#676)
• e65bea2 chore(deps): update dependency sinon to v16 (#675)
• 05e60ea chore(deps): lock file maintenance (#674)
• cc64b42 ci(action): update actions/checkout action to v4 (#673)
• 74629b6 chore(deps): lock file maintenance (#672)
• 1827a33 chore(deps): update dependency prettier to v3.0.3 (#669)
• fbe23f1 chore(deps): lock file maintenance (#668)
• c0ca7a5 chore(deps): lock file maintenance (#667)
• 15893ca chore(deps): update dependency p-retry to v6 (#666)
• 33f0cf7 chore(deps): update dependency semantic-release to v21.1.1 (#665)
• cf8273a ci(action): update actions/checkout digest to f43a0e5 (#664)
• 8953ace chore(deps): update dependency semantic-release to v21.1.0 (#663)
• 13fbd09 chore(deps): lock file maintenance (#662)
• 4505736 chore(deps): update dependency semantic-release to v21.0.9 (#661)
• c814a84 chore(deps): update dependency semantic-release to v21.0.8 (#660)
• 502d5ba fix(deps): update dependency execa to v8 (#659)
• c949dfc ci(action): update actions/setup-node digest to 5e21ff4 (#658)
• 5413d5e chore(deps): update dependency prettier to v3.0.2 (#657)
• 31d0644 ci(action): update actions/setup-node digest to bea5baf (#656)
• 234ce91 chore(deps): lock file maintenance (#655)
• 0f16407 chore(deps): lock file maintenance (#653)

See the full diff

Package name: semantic-release

The new version differs by 221 commits.

• 11788ed Merge pull request #2934 from semantic-release/beta
• b93bef4 feat(node-versions): raised the minimum supported node version w/in the v20 range to v20.6.1
• 6604153 Merge branch 'master' of github.com:semantic-release/semantic-release into beta
• e623cc6 feat(node-versions): raised the minimum node v20 requirement to v20.6
• 42f7b82 chore(deps): update dependency testdouble to v3.19.0 (#2961)
• 1017e1a fix(deps): update dependency aggregate-error to v5 (#2956)
• a23b718 fix(deps): upgraded to the latest version of the npm plugin with npm v10
• fb850ff Merge branch 'master' of github.com:semantic-release/semantic-release into beta
• b9f294d feat(node-versions): raised the minimum required node version to v18.17 and dropped v19 support
• 03a687b fix(deps): updated to the latest beta of the commit analyzer plugin
• 86a639d ci(action): update github/codeql-action action to v2.21.7 (#2958)
• da56201 chore(deps): update dependency sinon to v16 (#2954)
• 89d51e7 ci(action): update github/codeql-action action to v2.21.6 (#2953)
• de8e4e0 fix(deps): updated to the latest betas of the commit-analyzer and release-notes-generator plugins
• 0fd3bb8 chore(deps): lock file maintenance (#2948)
• c39513f ci(action): update actions/upload-artifact action to v3.1.3 (#2943)
• 6a5d961 docs(plugins): add @ terrestris/maven-semantic-release (#2939)
• 19c0965 ci(action): update actions/checkout action to v4 (#2938)
• 32a2480 chore(deps): lock file maintenance (#2936)
• 72ab317 feat: defined exports for the package
• 07a79ea feat(conventional-changelog-presets): supported new preset format
• 0d92579 chore(deps): update dependency prettier to v3.0.3 (#2930)
• cb6613e ci(action): update github/codeql-action action to v2.21.5 (#2928)
• 9e10e44 chore(deps): lock file maintenance (#2923)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.