[Snyk] Fix for 11 vulnerabilities

[dmfarcas]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342073	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342082	Yes	Proof of Concept
	520/1000 Why? Has a fix available, CVSS 5.9	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-584281	Yes	No Known Exploit
	624/1000 Why? Has a fix available, CVSS 8.2	Arbitrary File Overwrite SNYK-JS-TAR-1536528	No	No Known Exploit
	624/1000 Why? Has a fix available, CVSS 8.2	Arbitrary File Overwrite SNYK-JS-TAR-1536531	No	No Known Exploit
	410/1000 Why? Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	No	No Known Exploit
	639/1000 Why? Has a fix available, CVSS 8.5	Arbitrary File Write SNYK-JS-TAR-1579147	No	No Known Exploit
	639/1000 Why? Has a fix available, CVSS 8.5	Arbitrary File Write SNYK-JS-TAR-1579152	No	No Known Exploit
	639/1000 Why? Has a fix available, CVSS 8.5	Arbitrary File Write SNYK-JS-TAR-1579155	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: materialize-css

The new version differs by 250 commits.

• d639775 v0.99.0 Release
• f95d361 fixed getActiveElement docs
• e70fe10 Merge pull request #4749 from fedyk/patch-1
• fcff7c5 Cleaned up .gitignore
• 237701d Merge pull request #4850 from DanielRuf/patch-test-lorempixel-https
• e12fa5f use https for lorempixel images
• e03c84e Merge pull request #4832 from Dogfalo/switch-to-github-download-docs
• 642d816 Remove templates from gitignore, because it is redundant
• db059ff Only ignore html files in the root folder
• 13b16d2 Merge pull request #4665 from artur99/patch-1
• c4bdc72 Merge pull request #4827 from DanielRuf/patch-modal-footer-buttons-alignment
• b820d58 Merge pull request #4808 from rennanoliveira/patch-1
• cb1cbe1 Merge pull request #4677 from arunkp/master
• 0c48dc1 Update switch style
• 0b171e9 added quotes to attribute selector for jquery
• 2c5c94d Added jquery.hammer.js and bummed up jquery.easing version
• 16a31e0 Ignore everything beneath bin/
• e861717 Added lock file for npm v5
• 3fb0d07 Changed download path to github
• 7d88d30 Update .editorconfig
• 98cd2bd Merge branch 'master' of https://github.com/Dogfalo/materialize
• 99a189e Update devDependendcies
• caaf1d5 align buttons in modal footer in the right order
• e4c4f2b Merge pull request #4823 from DanielRuf/patch-docs-sidenav-search-padding

See the full diff

Package name: node-notifier

The new version differs by 63 commits.

• 14b4725 Removes WIP flag for v5. It's here 🎉
• 8010548 v5.0.0
• 60053e5 Adds linting as prestep for tests
• b62fd0b Fixes linting issues
• a0d78bb Removes travis tests for older versions of Node to support jest
• 810b2e9 Changes mocha and should to jest for testing
• 5e39a90 Fixes linting issues
• aeaedd3 Fixes formatting of all files
• 29fe519 Adds new toaster options to changelog
• 77c84b5 Removes docs on cli
• 993229a Adds example gif
• 776a424 Changes resolution for windows image
• a5c4e2d Updates windows image example
• 58e3043 Updates docs for toasters
• 9667d26 Adds icon to toaster example
• 9e1b99a Adds ability to close toasters
• cc1f223 Adds support for all toaster flags
• ec8826a Fixes sound false case for toasters
• 6501e36 Fixes issue with sound bool opt for toasters
• ed9f690 Fixes sound override for cross platform
• 4698b9a Fixes output for new toaster vendor
• 3a999bf Fixes windows integration with new toaster vendor
• 49d09a4 Fixes tests on windows
• 0cbaa92 Adds note on wait for notification center

See the full diff

Package name: rimraf

The new version differs by 52 commits.

• 3b6b098 4.0.0
• e0cffea ci: reduce workload even more
• 0e6646d ci: remove unnecessary lint filter
• 546e017 update action versions
• 6d88a65 tone down benchmark intensity
• 842a8d2 fix benchmark workflow yaml
• 1b91697 chore: add copyright year to license
• 08bbb06 rewrite in TS, export hybrid, update changelog, docs
• 1b3f46e drop support for node versions below 14
• 2e1f003 gh actions workflow for benchmarks
• 52f9370 tests for retry-busy behavior
• 188e3ed don't test on very old node versions
• d1d5495 test for fix-eperm
• e7501cd prettier formatting
• 40f64ec windows: only fall back to move-remove when absolutely necessary
• b6f7819 update tap
• 99496cd test: run posix test on windows, why not?
• 51d43c1 benchmarks
• 6b8aa29 doc: correct os.tmp default
• 4b228c9 do not ever actually try to rmdir /
• 2442655 consolidate all the spellings of 'opt' into one
• d4eec2e add cli script
• 0c82d74 accept strings, arrays of strings, and no other types
• ad4f2db Do not rimraf /, override with preserveRoot:false

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Arbitrary File Overwrite