[Snyk] Security upgrade laravel-mix from 5.0.5 to 6.0.14

[ohnotnow]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	786/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.3	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	Yes	Proof of Concept
	641/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.4	Prototype Pollution SNYK-JS-JSON5-3182856	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	Yes	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASH-1040724	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Prototype Pollution SNYK-JS-MINIMIST-2429795	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: laravel-mix

The new version differs by 250 commits.

• b6fc37c 6.0.14
• e25079c Bump Playwright
• e96c72f Cleanup test suite formatting and type errors (#2904)
• aa9d4f3 Reduce reliance on globals (#2860)
• b3edef4 Add using optionaly img loader (#2821)
• 798424b Update HotReloading.js (#2883)
• 3fa5594 Add warning for moved vue options (#2897)
• 467f0c9 Optimize BabelConfig at the top level (#2797)
• 137a1b1 GH-2890: make sure ts chunks are exported under public/js (#2891)
• 8cfacdd watch: fix --hot --https not creating https server (#2864)
• 2056b68 Switch to vue-style-loader when using mix.vue() (#2727)
• 9780e7e Add tests for async style-containing vue components when extracting styles (#2712)
• 3b06f0d Upgrade deps (#2888)
• 8d95d8a Bump browser-sync-webpack-plugin version (#2866)
• c67ff39 Fix mix.when() (#2877)
• f0ef8ab 6.0.13
• f804f62 Fix dependency
• f96b5dd 6.0.12
• 85eb3ef Add WebpackBar for progress feedback - closes #2849
• 6c1f169 Fix error when given an empty mix config file (#2859)
• 11bbcbb Add missing mix.inProduction() method to docs (#2855)
• 6590281 Bump dependencies (#2841)
• 25345b3 Fix typo (#2842)
• 628f606 Fix invalid type (#2828)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Denial of Service (DoS)
🦉 Prototype Pollution
🦉 Command Injection