[Snyk] Fix for 12 vulnerabilities

[plmercereau]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	No	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASH-1040724	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-450202	No	Proof of Concept
	731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2	Prototype Pollution SNYK-JS-LODASH-567746	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-608086	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-73638	No	Proof of Concept
	541/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-73639	No	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-VUEAPOLLO-474013	No	No Known Exploit
	550/1000 Why? Has a fix available, CVSS 6.5	Cross-site Scripting (XSS) SNYK-JS-VUETIFY-474604	No	No Known Exploit
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	No	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:vue:20180222	No	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Cross-site Scripting (XSS) npm:vue:20180802	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: vue-apollo

The new version differs by 250 commits.

• 8a55533 docs(readme): docs link
• 428b5cb docs(readme): move link
• a35f50d docs(readme): contributing guide
• 5420630 chore: add test:ssr to test script
• 4d15268 Create CONTRIBUTING.md
• dc138f2 chore: Create CODE_OF_CONDUCT.md (#839)
• 87785af chore: Update issue templates
• b95388f fix: security issue
• 198b383 test(e2e): manual add smart query: loadingKey
• 14ea90a fix(ci): generate schema files
• 4f9bba4 test(ci): fix yarn cache id
• 73e970a test(ci): fix install
• 6afceec test(e2e): SSR
• af0b69d Merge branch 'dev' of github.com:Akryum/vue-apollo into dev
• c3b840c fix(ssr): memory leak, closes https://github.com/Memory leak with Smart Query nuxt-modules/apollo#231
• 94bbb52 chore(deps-dev): bump vue-cli-plugin-apollo in /tests/demo
• b7e214b chore(deps-dev): bump rollup from 1.24.0 to 1.25.1
• 7733edc test(e2e): rename test.js to chat.js
• 8da4777 test(e2e): errorPolicy support
• ae4713e fix(smart query): handling errorPolicy, closes #526
• ef9c7a0 docs(smart query): new `error` args
• 932c5b9 feat(errorHandler): added options arg
• aea6c93 feat(errorHandler): added vm, key, type arguments
• b7642cd fix(ts): DataDef not defined error?!?

See the full diff

Package name: vuetify

The new version differs by 250 commits.

• 5b1cff5 chore(release): publish v1.5.20
• 7ae69a5 chore: modify release scripts to target stable tag
• 9fd5e0a fix(VMesssages): apply escapeHTML to provided values
• 79e50a9 chore: fix deployment script
• 9dd3785 chore(release): publish v1.5.19
• 996d148 chore(deploy.sh): update tag with lerna publish
• a7df4cc fix(elevatable): fix elevation 0 not being accepted (#9173)
• 80a2bdb docs(HomeFooter): fix overlapped display
• 4f14ba7 chore(release): publish v1.5.18
• a2fccb4 fix(DataIterable): do not update selection if totalItems is set (#7396)
• a03714b chore(release): publish v1.5.17
• c40919b Merge branch 'stable' of github.com:vuetifyjs/vuetify into stable
• e99cfb4 chore(lerna.json): allow publishing from stable branch
• 1af26df Merge branch 'stable' of github.com:vuetifyjs/vuetify into stable
• cf8cbb2 fix(VMenu): ignore click outside if component is being destroyed (#8471)
• 3f96592 fix(goTo): get clientHeight from <html> when target is <body>
• d9b6867 chore: restrict vuetify and other libs version to current major (#8002)
• 43d83bb chore: restrict vuetify version in cdn to 1.5
• 7cdb481 docs: update branch for 1.5 docs
• 3bf0fa0 docs: remove irrelevant information, update some links, setup ci
• 13d4c25 docs(notify): remove core snackbar
• 28c808c revert: fix(VDialog): focus the first child when tab leaves the dialog
• 7a65960 docs: remove irrelevant information, update some links, setup ci
• 4ae06b1 docs(Validatable): fix a typo (#7851)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)
🦉 Regular Expression Denial of Service (ReDoS)
🦉 Regular Expression Denial of Service (ReDoS)
🦉 More lessons are available in Snyk Learn