[Snyk] Fix for 2 vulnerabilities

[twilio-product-security]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • angular/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	631/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.2	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: css-loader

The new version differs by 9 commits.

• 43179a8 chore(release): 1.0.0
• 3d53968 Merge remote-tracking branch 'origin/master'
• 240db53 version 1.0 (#742)
• 1b7acf7 Merge remote-tracking branch 'origin/master'
• 1703721 docs(README): add more context to `localIdentName` (#711)
• 1c51265 docs(README): fix malformed emoji (#701)
• 50f8ec0 Merge remote-tracking branch 'origin/master'
• 07444ad tests: css custom variables (#709)
• 3de8aa7 tests: css custom variables (#709)

See the full diff

Package name: node-sass

The new version differs by 90 commits.

• 3b556c1 7.0.2
• c716359 Bump sass-graph@^4.0.1 (#3292)
• 24741b3 docs(readme): fix docpad plugin link
• 1523330 feat: Drop Node 12
• 365d357 update https://registry.npm.taobao.org to https://registry.npmmirror.com
• 1456114 build(deps): bump actions/upload-artifact from 2 to 3
• b465b69 chore: bump GitHub Actions to Windows 2019 (#3254)
• e6194b1 build(deps): bump make-fetch-happen from 9.1.0 to 10.0.4
• 4edf594 build(deps): bump node-gyp from 8.4.1 to 9.0.0
• 29e2344 build(deps): bump actions/checkout from 2 to 3
• 85b0d22 build(deps): bump actions/setup-node from 2 to 3
• 3bb51da Use make-fetch-happen instead of request (#3193)
• adc2f8b build(deps): bump true-case-path from 1.0.3 to 2.2.1 (#3000)
• 77d12f0 chore: disable Apline for Node 16/17 builds
• 308d533 ci: use Python 3 for Node 12
• c818907 ci: unpin actions/setup-node to v2
• 99242d7 7.0.1
• 77049d1 build(deps): bump sass-graph from 2.2.5 to 4.0.0 (#3224)
• c929f25 build(deps): bump node-gyp from 7.1.2 to 8.4.1 (#3209)
• 918dcb3 Lint fix
• 0a21792 Set rejectUnauthorized to true by default (#3149)
• e80d4af chore: Drop EOL Node 15 (#3122)
• d753397 feat: Add Node 17 support (#3195)
• dcf2e75 build(deps-dev): bump eslint from 7.32.0 to 8.0.0

See the full diff

Package name: webpack

The new version differs by 250 commits.

• c8732c8 3.4.0
• d1619d4 Merge pull request #4856 from matthewmeyer/hashDependantModuleIds
• b159ec2 Merge pull request #5180 from webpack/feature/improve-module-concat-bailout-messages
• 32264b8 Merge branch 'master' into feature/improve-module-concat-bailout-messages
• 4b12c56 Merge pull request #5369 from webpack/bugfix/scope-hoisting-dll
• 440b5df use original request as libIdent for delegated modules
• 35c8097 Make sure it's a real module when choosing for ModuleConcatenation
• d4f3bc3 Merge pull request #5150 from webpack/test/benchmark
• bb0f41a Merge pull request #5362 from webpack/deps/minor-updates
• 544fee4 fix lint problem
• 3598359 update stats test for larger file
• 378ad46 update all dependencies to latest compatible version
• 008ac78 Merge pull request #5353 from webpack/deps/extract-text-webpack-plugin
• ee358bd Merge pull request #5351 from webpack/deps/supports-color
• 91332b6 Merge pull request #5356 from webpack/deps/i18n-webpack-plugin
• 838d416 Merge branch 'master' into deps/extract-text-webpack-plugin
• 98a7cb6 Merge branch 'master' into deps/i18n-webpack-plugin
• e72a88a Merge pull request #5355 from webpack/deps/file-loader
• f296790 update stats tests
• 7d5916c make child names relative
• ea8e4d0 Merge pull request #5354 from webpack/deps/yargs
• 42af3d2 Merge pull request #5347 from webpack/cleanup/aggressive-splitting
• 732c85c fix extract-text-plugin arguments
• 8c3c75e upgrade supports-color

See the full diff

Package name: webpack-dev-server

The new version differs by 19 commits.

• 6e1d886 3.0.0
• eedf10f Try again at fixing CI by upping timeout (necessary for node v6)
• dfe137c Hopefully fix failing CI tests (the hacky way)
• 1e7acca Actually make the yargs version test do something
• cdd10fa Stop testing node v4 on travis ci
• 7378e3e Merge branch 'webpack-4'
• dbea323 Update deps
• f4f14ce Fix support for DynamicEntryPlugin (#1319)
• 398c773 3.0.0-beta.2
• cdc7288 Simplify build webpack configs thanks to webpack 4
• e603e0d Allow no publicPath or entry point (#1310)
• 9852a5f 3.0.0-beta.1
• 6db2e85 Fix tests after webpack v4 upgrade
• eb2f0a9 Fix option rename in webpack-dev-middleware
• 8bc0e45 Don't rely on webpack's webpack-cli installed check
• 087bf04 Fix bundling client files with webpack v4
• 86de93e Require node v6+ since webpack-dev-middleware is now v6+ too
• c004349 Explain webpack-serve in doc
• a02c083 Initial webpack v4 compatibility

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)