[Snyk] Upgrade: uuid, , , axe-core, fast-stats, find-up, cli-color, coach-core, dayjs, fs-extra, influx, jstransformer-markdown-it, junit-report-builder, os-name, p-limit, pug, recursive-readdir

[Stanislav1975]

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

Name	Versions	Released on

uuid
from 8.3.2 to 10.0.0 | 4 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 3 months ago
on 2024-06-09
@google-cloud/storage
from 5.8.3 to 7.12.1 | 95 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a month ago
on 2024-08-07
@tgwf/co2
from 0.6.1 to 0.16.0 | 36 versions ahead of your current version | 2 months ago
on 2024-07-01
axe-core
from 4.3.3 to 4.10.0 | 490 versions ahead of your current version | a month ago
on 2024-07-29
fast-stats
from 0.0.6 to 0.0.7 | 1 version ahead of your current version | a month ago
on 2024-08-06
find-up
from 5.0.0 to 7.0.0 | 5 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 10 months ago
on 2023-11-16
cli-color
from 2.0.0 to 2.0.4 | 4 versions ahead of your current version | 6 months ago
on 2024-02-29
coach-core
from 6.4.3 to 8.0.2 | 13 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-08-31
dayjs
from 1.10.4 to 1.11.12 | 17 versions ahead of your current version | 2 months ago
on 2024-07-18
fs-extra
from 9.1.0 to 11.2.0 | 7 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 9 months ago
on 2023-11-28
influx
from 5.6.3 to 5.9.3 | 7 versions ahead of your current version | 3 years ago
on 2022-02-09
jstransformer-markdown-it
from 2.1.0 to 3.0.0 | 1 version ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 2 years ago
on 2022-07-19
junit-report-builder
from 1.3.3 to 5.0.0 | 11 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a month ago
on 2024-08-01
os-name
from 4.0.0 to 6.0.0 | 5 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 10 months ago
on 2023-11-24
p-limit
from 2.2.2 to 6.1.0 | 9 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 2 months ago
on 2024-07-08
pug
from 3.0.2 to 3.0.3 | 2 versions ahead of your current version | 4 months ago
on 2024-05-24
recursive-readdir
from 2.2.2 to 2.2.3 | 1 version ahead of your current version | 2 years ago
on 2022-10-25

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Infinite loop SNYK-JS-MARKDOWNIT-6483324	479	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKDOWNIT-2331914	479	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKDOWNIT-459438	479	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	479	No Known Exploit

Release notes

Package name: uuid

• 10.0.0 - 2024-06-09
  

  chore: typo in CHANGELOG

• 9.0.1 - 2023-09-12
  

  chore(release): 9.0.1

• 9.0.0 - 2022-09-05
  

  chore(release): 9.0.0

• 9.0.0-beta.0 - 2022-08-05
• 8.3.2 - 2020-12-08
  

  chore(release): 8.3.2

from uuid GitHub release notes

Package name: @google-cloud/storage

• 7.12.1 - 2024-08-07
  

  7.12.1 (2024-08-07)

  Bug Fixes

  • deps: Update fast-xml-parser to 4.4.1 due to security vulnerability (#2505) (b97d474)
• 7.12.0 - 2024-07-15
  

  7.12.0 (2024-07-15)

  Features

  • Add function to allow user to set destination in transfer manager (#2497) (dc1e488)
• 7.11.3 - 2024-07-09
  

  7.11.3 (2024-07-09)

  Bug Fixes

  • Error serialization in resumable-upload.ts (#2493) (c2e555c)
  • Handle unhandled error in startResumableUpload_ (#2495) (d5257ba)
  • Make CreateBucketRequest extend from BucketMetadata to allow all… (#2489) (013a5a4)
• 7.11.2 - 2024-06-07
  

  7.11.2 (2024-06-07)

  Bug Fixes

  • Support uint8array in file.save (#2480) (1477fe1)
• 7.11.1 - 2024-05-21
  

  7.11.1 (2024-05-21)

  Bug Fixes

  • Add missing projectIdentifier to GetServiceAccountOptions (#2468) (d49e9d2)
  • Allow files in directories to be downloaded onto local machine (#2199) (9f62429)
  • Do not set customEndpoint if apiEndpoint === default (#2460) (b4dbd73)
  • Improve GetFilesResponse interface (#2466) (918db28)
• 7.11.0 - 2024-05-06
  

  7.11.0 (2024-05-03)

  Features

  • Add ability to enable hierarchical namespace on buckets (#2453) (4e5726f)
• 7.10.2 - 2024-04-26
  

  7.10.2 (2024-04-26)

  Bug Fixes

  • Use correct indices for file.from and fix tests to verify names (#2449) (d4240fa)
• 7.10.1 - 2024-04-22
  

  7.10.1 (2024-04-22)

  Bug Fixes

  • Change copyoptions type (#2439) (2ebd7ac)
  • Expand types of custom metadata within FileMetadata (#2442) (1d434a9)
• 7.10.0 - 2024-04-15
  

  7.10.0 (2024-04-15)

  Features

  • Add ability to create a File object from URL (#2432) (1b71fcc)
  • Allow setting contentEncoding during compose (#2431) (6e81e05)

  Bug Fixes

  • Destroy pipeline streams when returned stream errors (#2437) (fe1ac65)
  • Remove extraneous mime-types package in favor of mime (#2435) (63a71f2)
• 7.9.0 - 2024-03-18
  

  7.9.0 (2024-03-18)

  Features

  • Add ability to configure and utilize soft-delete and restore (#2425) (7da5a7d)
• 7.8.0 - 2024-03-07
• 7.7.0 - 2023-11-30
• 7.6.0 - 2023-11-08
• 7.5.0 - 2023-10-30
• 7.4.0 - 2023-10-26
• 7.3.2 - 2023-10-24
• 7.3.1 - 2023-10-19
• 7.3.0 - 2023-10-12
• 7.2.0 - 2023-10-05
• 7.1.0 - 2023-09-07
• 7.0.1 - 2023-08-07
• 7.0.0 - 2023-08-03
• 6.12.0 - 2023-07-13
• 6.11.0 - 2023-06-05
• 6.10.1 - 2023-05-10
• 6.10.0 - 2023-05-02
• 6.9.5 - 2023-03-30
• 6.9.4 - 2023-03-02
• 6.9.3 - 2023-02-15
• 6.9.2 - 2023-02-06
• 6.9.1 - 2023-01-24
• 6.9.0 - 2023-01-04
• 6.8.0 - 2022-12-07
• 6.7.0 - 2022-11-03
• 6.6.0 - 2022-10-25
• 6.5.4 - 2022-10-20
• 6.5.3 - 2022-10-18
• 6.5.2 - 2022-09-23
• 6.5.1 - 2022-09-21
• 6.5.0 - 2022-09-15
• 6.4.2 - 2022-09-01
• 6.4.1 - 2022-08-15
• 6.4.0 - 2022-08-10
• 6.3.0 - 2022-08-01
• 6.2.3 - 2022-07-13
• 6.2.2 - 2022-06-29
• 6.2.1 - 2022-06-27
• 6.2.0 - 2022-06-22
• 6.1.0 - 2022-06-08
• 6.0.1 - 2022-05-25
• 6.0.0 - 2022-05-24
• 5.20.5 - 2022-05-19
• 5.20.4 - 2022-05-18
• 5.20.3 - 2022-05-17
• 5.20.2 - 2022-05-17
• 5.20.1 - 2022-05-16
• 5.20.0 - 2022-05-16
• 5.19.4 - 2022-04-28
• 5.19.3 - 2022-04-20
• 5.19.2 - 2022-04-14
• 5.19.1 - 2022-04-11
• 5.19.0 - 2022-04-06
• 5.18.3 - 2022-03-28
• 5.18.2 - 2022-02-16
• 5.18.1 - 2022-01-26
• 5.18.0 - 2022-01-19
• 5.17.0 - 2022-01-10
• 5.16.1 - 2021-12-01
• 5.16.0 - 2021-11-09
• 5.15.6 - 2021-11-08
• 5.15.5 - 2021-11-03
• 5.15.4 - 2021-11-01
• 5.15.3 - 2021-10-14
• 5.15.2 - 2021-10-13
• 5.15.1 - 2021-10-12
• 5.15.0 - 2021-10-07
• 5.14.8 - 2021-10-06
• 5.14.7 - 2021-10-06
• 5.14.6 - 2021-10-06
• 5.14.5 - 2021-10-04
• 5.14.4 - 2021-09-27
• 5.14.3 - 2021-09-22
• 5.14.2 - 2021-09-13
• 5.14.1 - 2021-09-08
• 5.14.0 - 2021-08-26
• 5.13.2 - 2021-08-26
• 5.13.1 - 2021-08-18
• 5.13.0 - 2021-08-09
• 5.12.0 - 2021-08-03
• 5.11.1 - 2021-08-02
• 5.11.0 - 2021-07-26
• 5.10.0 - 2021-07-22
• 5.9.0 - 2021-07-21
• 5.8.5 - 2021-05-04
• 5.8.4 - 2021-04-19
• 5.8.3 - 2021-03-29

from @google-cloud/storage GitHub release notes

Package name: @tgwf/co2

• 0.16.0 - 2024-07-01
  

  Significant updates in this release include:

  • Add Sustainable Web Design version 4 b4a7eef
  • Add Sustainable Web Design rating scale 142c041
  • allow for SWDM version change 15e33a5
  • add contributing.md 22d4bcc
  • calculate operational and embodied emissions per segment a525f33

  v0.15.0...v0.16.0

  Release notes: https://www.thegreenwebfoundation.org/news/release-guide-co2-js-v0-16

• 0.15.0 - 2024-05-03
  

  CO2.js v0.15 gives developers access to richer information about a hosting provider when checking a domain or multiple domains for green hosting.

  Release guide: https://www.thegreenwebfoundation.org/news/release-guide-co2-js-v0-15/

  • Adds support for verbose response when checking domains d012292 . Thank you @ sfishel18 for this contribution.
  • update grid intensities 03b5e45
  • remove pagexray dependency, related functions, and test 2a8f601 b2fefd0 41ee904 1e6508a
  • Added new JSdoc typedef for components of CO2 estimate Added it as a union for return types that can be total or components d6700f5 . Thank you @ mgriffin-scottlogic for this contribution.

  v0.14.4...v0.15.0

• 0.14.4 - 2024-03-08
  
  • [AUTOMATED] Update average annual grid intensities 5e532f5

  v0.14.3...v0.14.4

• 0.14.3 - 2024-02-21
  
  • [AUTOMATED] Update average annual grid intensities f59eefc

  Please note that this update includes data from Ember Climate that reflects their updated carbon intensity methodology.

  Read the methodology at: https://ember-climate.org/data-catalogue/yearly-electricity-data/

  A note from Ember about the change is below:

  We have made a significant update to our carbon intensity calculations which hopefully helped to significantly increase their accuracy. Previously, we were using IPCC emissions factors by fuel that did not distinguish between countries or technologies. Our new factors are on a by country, by fuel, by year basis to more accurately capture coal and gas fleets, how they change over time, and where and how coal and gas is sourced.

  Crucially, while widely used, IPCC factors were a significant underestimate, especially for emissions from coal generation. The IPCC, in its methodology, relied on calculations that assumed near impossible efficiency for future coal plants that does not accurately reflect current day coal generation.

  We hope that our new approach will be more accurate and we're aiming to make our methodology fully public and reproducible in the near future.

  v0.14.2...v0.14.3

• 0.14.2 - 2024-01-29
  

  What's Changed

  • Adds user agent header for requests to Green Web Foundation APIs by @ sfishel18 in #184

  import { hosting } from "@ tgwf/co2"
  hosting.check("google.com", "myGreenWebApp")

  New Contributors

  • @ sfishel18 made their first contribution in #184

  Full Changelog: v0.14.1...v0.14.2

• 0.14.1 - 2024-01-09
  

  Why not v0.14.0? Because about 6 months ago I accidentally published v0.14.0 instead of a patch version update. I couldn't remove the tags from NPM or unpublish the package, so we're here now.

  • Add guidance for using type definitions from DefinitelyTyped in production 27e2ed4 b5d8828
  • Remove previous index.d.ts file ff6f767
  • Reduce NPM package size dbd9d7d
  • Update average annual average grid intensities 49da1c4 84384da

  v0.13.10...v0.14.1

  ⚠️ Upcoming feature deprecation notice

  In the next version of CO2.js (0.15.0) we will be removing some functions that were specific to using CO2.js with Sitespeed's Page X-ray. Namely, we will be removing the following functions from the CO2.js library:

  • perDomain
  • perPage
  • perContentType
  • dirtiestResources
  • perParty

  This functionality has already been merged into the Sitespeed.io Sustainability Plugin. Once the above functions have been removed from CO2.js, you will need to use the Sitespeed.io Sustainability Plugin or your own code for that functionality.

  If this change impacts your code, please follow the issue on GitHub and leave a comment if you have any concerns.

• 0.14.0 - 2023-07-05
• 0.13.10 - 2023-12-16
  
  • [AUTOMATED] Update average annual grid intensities data 3085219
• 0.13.9 - 2023-11-07
  
  • Fix to return expected results when variables with 0 value are passed into function b1c0679
  • [AUTOMATED] Update average annual grid intensities 0e76dbe

  v0.13.8...v0.13.9

• 0.13.8 - 2023-10-09
  
  • Add support for values equal to 0 in perByteTrace and perVisitTrace. Thanks @ p-gerard. a045b14
  • Update average annual grid intensities c2a805a
  • Add some forgiveness to perByteTrace and perVisitTrace tests 26972e4

  v0.13.7...v0.13.8

• 0.13.7 - 2023-09-13
  

  The main update ini this patch release is fresh data for country average annual grid intensity.

  • [AUTOMATED] Update average annual grid intensities from August 2023 33f7d9f

  Other quality of life updates to testing and repo management can be found in the release comparison below.
  v0.13.6...v0.13.7

• 0.13.6 - 2023-08-08
• 0.13.5 - 2023-07-05
• 0.13.4 - 2023-05-24
• 0.13.3 - 2023-05-18
• 0.13.2 - 2023-04-21
• 0.13.1 - 2023-04-20
• 0.13.0 - 2023-04-13
• 0.12.2 - 2023-03-01
• 0.12.1 - 2023-02-02
• 0.12.0 - 2023-02-02
• 0.11.4 - 2022-12-02
• 0.11.3 - 2022-10-13
• 0.11.2 - 2022-10-11
• 0.11.1 - 2022-10-07
• 0.11.0 - 2022-10-03
• 0.10.5 - 2022-10-07
• 0.10.4 - 2022-08-17
• 0.10.3 - 2022-08-12
• 0.10.2 - 2022-08-12
• 0.10.1 - 2022-08-01
• 0.10.0 - 2022-06-27
• 0.9.0 - 2022-04-28
• 0.9.0-0 - 2022-04-02
• 0.8.0 - 2021-11-28
• 0.7.0 - 2021-11-28
• 0.6.1 - 2020-03-15

from @tgwf/co2 GitHub release notes

Package name: axe-core

• 4.10.0 - 2024-07-29
  

  This axe-core release introduces a new rule for testing the HTML summary element. Additionally, a number of false positives have been fixed. Upgrading to this release may therefore both increase, or decrease the number of issues found on a website. Most likely the impact of upgrading from axe-core 4.9.2 to axe-core 4.10.0 should be minimal.

  Features

  • new-rule: summary elements must have an accessible name (#4511) (0d8a99e), closes #4510

  Bug Fixes

  • aria-allowed-attr: allow aria-multiline=false for element with contenteditable (#4537) (f019068)
  • aria-allowed-attr: allow aria-required=false when normally not allowed (#4532) (2e242e1)
  • aria-prohibited-attr: allow aria-label/ledby on descendants of widget (#4541) (07c5d91)
  • aria-roledescription: keep disabled with { runOnly: 'wcag2a' } (#4526) (5b4cb9d), closes #4523
  • autocomplete-valid: incomplete for invalid but safe values (#4500) (e31a974), closes #4492
  • build: limit locales to valid files when using the --all-lang option (#4486) (d3db593), closes #4485
  • Prevent errors when loading axe in Angular + Jest (#4456) (3ef9353), closes #4400
  • Minor grammatical fixes for some rules and checks (#4499) (11fad59)
  • landmark-unique: follow spec, aside -> landmark (#4469) (e32f803), closes #4460
  • required-attr: allow aria-valuetext on slider instead of valuenow (#4518) (135898b), closes #4515
• 4.10.0-canary.d59548a - 2024-09-03
• 4.10.0-canary.cfd2974 - 2024-07-30
• 4.10.0-canary.cf8f38e - 2024-07-30
• 4.10.0-canary.bdd80c2 - 2024-09-03
• 4.10.0-canary.95730fa - 2024-09-03
• 4.10.0-canary.4d8c87e - 2024-08-07
• 4.10.0-canary.067b01d - 2024-09-09
• 4.9.1 - 2024-05-06
  

  This release addresses a number of false positives, which may result in fewer issues reported. It also prevents a problem where axe-core wouldn't load on pages due to a conflict with a long-ago deprecated javascript library.

  Bug Fixes

  • Prevent errors when loading axe in a page with prototype.js
  • aria-allowed-attr: allow meter role allowed aria-* attributes on meter element (#4435) (7ac6392)
  • aria-allowed-role: add gridcell, separator, slider and treeitem to allowed roles of button element (#4398) (4788bf8)
  • aria-roles: correct abstract roles (types) for aria-roles(#4421)
  • aria-valid-attr-value: aria-controls & aria-haspopup incomplete (#4418)
  • fix building axe-core translation files with region locales (#4396) (5c318f3), closes #4388
  • invalidrole: allow upper and mixed case role names (#4358) (105016c), closes #2695
  • isVisibleOnScreen: account for position: absolute elements inside overflow container (#4405) (2940f6e), closes #4016
  • label-content-name-mismatch: better dismiss and wysiwyg symbolic text characters (#4402)
  • region: Decorative images ignored by region rule (#4412)
  • target-size: ignore descendant elements in shadow dom (#4410) (6091367)
  • target-size: pass for element that has nearby elements that are obscured (#4422) (3a90bb7), closes #4387
• 4.9.1-canary.f584e8e - 2024-05-17
• 4.9.1-canary.f379c32 - 2024-07-10
• 4.9.1-canary.f019068 - 2024-07-11
• 4.9.1-canary.ed1c874 - 2024-06-04
• 4.9.1-canary.ebb1b95 - 2024-05-06
• 4.9.1-canary.e32f803 - 2024-06-04
• 4.9.1-canary.e31a974 - 2024-06-20
• 4.9.1-canary.deb2dcb - 2024-07-08
• 4.9.1-canary.db4ec05 - 2024-06-04
• 4.9.1-canary.d3db593 - 2024-06-03
• 4.9.1-canary.d0bbe98 - 2024-07-09
• 4.9.1-canary.c9d4bc9 - 2024-05-13
• 4.9.1-canary.c05cf45 - 2024-07-09
• 4.9.1-canary.be406d4 - 2024-07-08
• 4.9.1-canary.ae320fa - 2024-06-04
• 4.9.1-canary.a6361bb - 2024-07-10
• 4.9.1-canary.a2effe4 - 2024-07-09
• 4.9.1-canary.79f0908 - 2024-05-13
• 4.9.1-canary.7844c7c - 2024-05-06
• 4.9.1-canary.68bae74 - 2024-06-06
• 4.9.1-canary.6699ee4 - 2024-05-23
• 4.9.1-canary.5b4cb9d - 2024-07-10
• 4.9.1-canary.50e7c23 - 2024-06-17
• 4.9.1-canary.3f13aa1 - 2024-05-20
• 4.9.1-canary.3ef9353 - 2024-06-13
• 4.9.1-canary.3d36f97 - 2024-05-07
• 4.9.1-canary.2f5b7c3 - 2024-07-10
• 4.9.1-canary.2e242e1 - 2024-07-10
• 4.9.1-canary.23b43dc - 2024-06-13
• 4.9.1-canary.135898b - 2024-07-02
• 4.9.1-canary.11fad59 - 2024-06-17
• 4.9.1-canary.0d8a99e - 2024-07-01
• 4.9.1-canary.07c5d91 - 2024-07-22
• 4.9.1-canary.070bc01 - 2024-06-04
• 4.9.1-canary.0577a74 - 2024-06-24
• 4.9.1-canary.00b9fba - 2024-05-08
• 4.9.1-canary.2481379 - 2024-06-07
• 4.9.0 - 2024-03-25
  

  Features

  • adding the wcag131 tag to the aria-hidden-body rule (#4349) (dd4c3c3), closes #4315
  • checks: deprecate aria-busy check (#4356) (be0b555), closes #4347 #4340
  • color: add color channel values and luminosity, saturation, clip functions (#4366) (9e70199), closes /github.com/dequelabs/axe-core/pull/4365/files#r1517706612
  • i18n: add Greek Translations (#3836) (3ea9a48)
  • i18n: Add Italian translation (#4344) (de1baa9)
  • i18n: Add Simplified Chinese translation (#4379) (bda7c8d)
  • i18n: Add Taiwanese Mandarin translation (#4299) (c5e11de)

  Bug Fixes

  • Add LICENSE-3RD-PARTY.txt file (#4304) (daa0fe6)
  • add Object.values polyfill for node <=6 (#4274) (5eb867b)
  • aria-required-children: avoid confusing aria-busy message in failures (#4347) (591607d), closes #fail13 #4340
  • avoid reading element-specific node properties of non-element node types (#4317) (b853b18), closes #4316 #4316
  • color-contrast: handle text that is outside overflow: hidden ancestor (#4357) (bdb7300), closes #4253
  • color-contrast: support color blend modes hue, saturation, color, luminosity (#4365) (7ae4761)
  • d.ts: RawNodesResult issues (#4229) (d660518)
  • d.ts: RunOptions.reporter can be any string (#4218) (e53f5c5)
  • i18n: update Italian translations (#4377) (4d65d4b)
  • listitem: clarify roleNotValid message (#4374) (0f8a9af)
  • scrollable-region-focusable: missing wcag213 tag (#4201) (0080a72)
  • target-size: always pass 10x targets (avoid perf bottleneck) (#4376) (be327c4)
  • target-size: do not crash for nodes with many overlapping widgets (#4373) (1dbea83), closes #4359 #4359 #4360
  • utils/get-selector: ignore 'xmlns' attribute when generating a selector (#4303) (938b411)
• 4.9.0-canary.f89c13b - 2024-03-25
• 4.9.0-canary.ef1e09d - 2024-04-29
• 4.9.0-canary.eac8223 - 2024-04-29
• 4.9.0-canary.9ecf596 - 2024-04-10
• 4.9.0-canary.7ac6392 - 2024-05-01
• 4.9.0-canary.75b0c11 - 2024-04-15
• 4.9.0-canary.61cbf30 - 2024-04-24
• 4.9.0-canary.5c5ede0 - 2024-04-26
• 4.9.0-canary.5c318f3 - 2024-04-10
• 4.9.0-canary.56e139a - 2024-04-15
• 4.9.0-canary.4788bf8 - 2024-04-05
• 4.9.0-canary.44e39ec<...