[Snyk] Fix for 3 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-CSSWHAT-3035488	No	Proof of Concept
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Arbitrary File Write via Archive Extraction (Zip Slip) SNYK-JS-DECOMPRESS-557358	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: hexo

The new version differs by 250 commits.

• c749815 Hexo 6.0.0 (fix: adding redirect from root to docs cypress-io/cypress-documentation#4750)
• 5977928 chore: bump actions/stale from 3 to 4 (Document CT changes for v11 cypress-io/cypress-documentation#4828)
• 8ac908a Cleanup dependabot (cy.session option cacheAcrossSpecs is documented but not supported in all versions cypress-io/cypress-documentation#4820)
• 11b145c Switch to picocolors (feat: add warning about v8 snapshots to troubleshooting guide cypress-io/cypress-documentation#4825)
• 3ed6fd9 fix(post): escape swig full tag with args (Document domain option for cookie commands cypress-io/cypress-documentation#4824)
• 902cd70 chore: bump sinon from 11.1.2 to 12.0.1 (fix: Type fix cypress-io/cypress-documentation#4810)
• 0c6380c refactor: native Array.flat() (Improve CT Examples cypress-io/cypress-documentation#4806)
• ed0f239 perf(tag/helper): memoize (Update cy.origin dependencies / remove Cypress.require() cypress-io/cypress-documentation#4789)
• 2ec4f63 chore: bump eslint from 7.32.0 to 8.0.0 (Update typescript-support.md cypress-io/cypress-documentation#4799)
• 0f534b2 chore: bump hexo-log from 2.0.0 to 3.0.0 (Update CT Quickstart guides to mention support of other frameworks cypress-io/cypress-documentation#4794)
• 098cf0a perf(external_link): optimize regexp (10.11.0 cypress-io/cypress-documentation#4790)
• 02cbfe3 fix(processor): remove race condition failsafe (Improve CT discoverability on mobile devices  cypress-io/cypress-documentation#4791)
• 9edbc99 fix(fix: removing vertical space in code tabs cypress-io/cypress-documentation#4780): empty tag name correction (cy.origin Technical Blog post cypress-io/cypress-documentation#4786)
• b56ba65 refactor/perf: use nanocolors (Create CT Quickstart Apps Repo cypress-io/cypress-documentation#4788)
• b3bd7d4 chore: bump husky from 4.3.8 to 7.0.2 (Update configuration & include v10 note cypress-io/cypress-documentation#4763)
• 9c9b2a5 fix(fix: removing vertical space in code tabs cypress-io/cypress-documentation#4780): curly brackets (Style error message inline TOC cypress-io/cypress-documentation#4784)
• a342422 perf: overall improvements (Update quickstart.md cypress-io/cypress-documentation#4783)
• 6f702fc feat: load hexo plugin in the theme's package.json (docs: removing next.js global style workaround in ct troubleshooting … cypress-io/cypress-documentation#4771)
• a2ec6b2 feat(open_graph): different URLs for og:image and twitter:image (docs: Update Priorities Page to Point to Project Board cypress-io/cypress-documentation#4748)
• 0c979bf refactor(post): use state machine to escape swig tag (fix: removing vertical space in code tabs cypress-io/cypress-documentation#4780)
• 67fc844 doc: add homebrew install (Example about GitHub Action parallelization will not even run cypress-io/cypress-documentation#4724)
• 6164db1 chore: bump sinon from 10.0.1 to 11.1.2 (10.9.0 Release cypress-io/cypress-documentation#4747)
• c18d575 chore: bump mocha from 8.4.0 to 9.1.1 (Update Jira screenshot cypress-io/cypress-documentation#4765)
• bb61f15 chore: drop Node 10 (docs: removing Cookies.defaults/preserveOnce cypress-io/cypress-documentation#4779)

See the full diff

Package name: hexo-filter-cleanup

The new version differs by 12 commits.

• a99a924 fix: fix travis
• c8f5999 fix: fix travis
• efeda85 feat: enhance travis ci
• 7cfc453 fix: fix travis
• b34c571 docs: update readme
• 322fb59 docs: update readme
• f53a118 fix: fix bugs on file generation
• d66e21c feat: add html generation for favicons
• 1449890 chore: add the missing .sgcrc and yarn.lock
• 22982d3 feat: add semantic-release
• 8d9f2da update uglify options to adopt uglify3
• 4dc99f6 upgrade dependencies and bump up version

See the full diff

Package name: hexo-server

The new version differs by 120 commits.

• 0ffb748 chore: bump version from 2.0.0 to 3.0.0 (Fix its apostrophe cypress-io/cypress-documentation#195)
• 2f6e4b8 chore(docs): update badges (Improve aliases and references doc cypress-io/cypress-documentation#194)
• 9d582d6 refactor: use the WHATWG URL API instead of `url.format` (Add example to cy.stub() for stubbing window.prompt behavior cypress-io/cypress-documentation#193)
• b79c72b chore(deps): bump mime from 2.5.2 to 3.0.0 (Issue 176 cypress-io/cypress-documentation#181)
• 00c2027 chore: drop nodejs 10.x (Updates to tutorials structure cypress-io/cypress-documentation#192)
• 6db91dc chore(deps-dev): bump sinon from 11.1.2 to 12.0.1 (Get branch without using gift cypress-io/cypress-documentation#183)
• 04dd7d6 chore(deps-dev): bump eslint from 8.1.0 to 8.5.0 (document CYPRESS_BINARY_VERSION close #121 cypress-io/cypress-documentation#190)
• 799dd34 chore(deps-dev): bump hexo from 5.4.0 to 6.0.0 (Issue 160 - Add tutorials section to docs cypress-io/cypress-documentation#191)
• a253e04 chore(deps): bump open from 8.3.0 to 8.4.0 (Update 'setting up projects to record' to be more clear with the new 1.0 workflow cypress-io/cypress-documentation#179)
• bf2da7a Cleanup dependant config
• f33dc00 chore(deps-dev): bump mocha from 8.4.0 to 9.1.3 (Core Concept: Conditional Testing cypress-io/cypress-documentation#176)
• 207ae51 chore(deps-dev): bump eslint from 7.32.0 to 8.1.0 (Update Dashboard docs to more clearly explain 'adding project' from new npm workflow cypress-io/cypress-documentation#178)
• 27efa8d chore(deps-dev): bump sinon from 10.0.1 to 11.1.2 (SEO tweaks cypress-io/cypress-documentation#167)
• 7adcfca Switch to picocolors (Write introduction for build & test app tutorial cypress-io/cypress-documentation#177)
• ecb1a5d chore(deps): bump open from 8.2.1 to 8.3.0 (Create tutorial for Build and Test an App cypress-io/cypress-documentation#172)
• 01ef59c refactor: replace chalk with nanocolors (Use @cypress/deploy-bits cypress-io/cypress-documentation#171)
• 6048415 feat: check if header has already been set (Move 'userland extensions' doc to a section w/in Examples cypress-io/cypress-documentation#49)
• 14f5592 chore(deps-dev): bump supertest from 5.0.0 to 6.1.3 (Develop cypress-io/cypress-documentation#147)
• c3294cf fix: send correct MIME for rss file (Remove package-lock.json cypress-io/cypress-documentation#145)
• cc1ff81 chore(deps): bump open from 7.4.2 to 8.0.9 (Add docs around file watching rules.  cypress-io/cypress-documentation#159)
• 5a786bd chore(deps-dev): bump sinon from 9.2.4 to 10.0.1 (outside work -> outside world cypress-io/cypress-documentation#154)
• 95ec110 Upgrade to GitHub-native Dependabot (Footer does not display properly in mobile view cypress-io/cypress-documentation#157)
• 571d235 chore(deps-dev): bump supertest from 4.0.2 to 5.0.0 (remove code leftover from when we had 'comments' in docs cypress-io/cypress-documentation#141)
• 5693469 Merge pull request replace <record_key> with example key because '<' was not escaping properly. close #128 cypress-io/cypress-documentation#140 from curbengh/v2.0.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)