[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-ASYNC-2441827	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: handlebars

The new version differs by 166 commits.

• 698c8a9 v3.0.4
• 12cd4ef Update release notes
• ed9e301 chore: add wepback@1.x to devDependencies
• bbe684b chore: remove TODO comment line
• f8d7b38 docs: update CONTRIBUTING.md from master and add text about 3.x
• 4cd5305 Further relax uglify dependency
• d97c2e6 Update uglify-js to avoid vulnerability
• 1c863e3 Escape = in HTML content
• 891f48b v3.0.3
• 0bf79ea Update release notes
• 972f521 Move noConflict implementation to module
• 4a40fc8 NPM ignore log files
• fc13400 Remove jshint completely
• 6ecf509 Merge pull request #1008 from shannonmoeller/patch-1
• d945089 Added handlebars-layouts to the in-the-wild list
• 2f0b866 v3.0.2
• d48e840 Update release notes
• 4bed826 Update for let and optional parameters
• 0263aa4 Run the precompiler module through es6 toolchain
• ecf60ab Enable additional es6 features in eslint
• c6ab044 Merge pull request #998 from wycats/babel
• fdc9420 Fix UMD build target generation
• e3d3eda Add full support for es6
• 2a02261 Fix IE test freakout

See the full diff

Package name: polyfill-service

The new version differs by 250 commits.

• 0578e0a 3.10.0
• 3eabab2 3.10.0-0
• 4ea247d update compat.json
• 93c0bff Update dependencies and shrinkwrap (wrap wd-methods in bluebirdQ gemini-testing/gemini#832)
• fd69c35 install UserTiming polyfill via third-party mechanism (Full page screenshot collapse on IE8 gemini-testing/gemini#830)
• 89a1831 Fix closing code tags in docs/contributing/common-scenarios.html (chore: qemitter -> async-emitter gemini-testing/gemini#828)
• 7cef3c6 Update README.md
• 8585d44 Sourcemaps issue (Programmatic API: test didn't get executed gemini-testing/gemini#821)
• 94a1845 Merge tag 'v3.9.0'
• aa016a0 3.9.0
• ae361ff Merge tag 'v3.9.0-rc5'
• d26ba62 Add array.of via new third party install method (firefox scroll error gemini-testing/gemini#805)
• a87a1fa 3.9.0-rc5
• 5353b56 Set browser to Unknown if below baseline version (Use 'prepublishOnly' hook instead 'prepublish' to prepare calibrate script gemini-testing/gemini#819)
• db9afff Set browser to Unknown if below baseline version (Use 'prepublishOnly' hook instead 'prepublish' to prepare calibrate script gemini-testing/gemini#819)
• c66b968 Revert "Revert "Need to set Picture polyfill IE to 7+ to support Methode"" (update configparser version to 0.4.0 gemini-testing/gemini#804)
• 6c137e9 Add atob btoa via new third party install method (Can not install on Windows 10 gemini-testing/gemini#806)
• 70c1e55 Merge branch 'update-tests'
• 9ec51ab update test to remove unused function
• 82aa6dc update tests to use proclaim
• 73c2511 Switch from expect.js to Proclaim (fix: pass current image path to reference image error gemini-testing/gemini#813)
• cef23e4 Remove a not own property constraint for iterators in Array.from (Error install gemini on Ubuntu gemini-testing/gemini#817)
• cc0a47d Add html5shiv via new third party install method (Can I use gemini for localhost that has a pre-login step? gemini-testing/gemini#807)
• 0483794 Add AudioContext via new third party install method (Not a png : gemini doesn't create screenshots gemini-testing/gemini#808)

See the full diff

Package name: wd

The new version differs by 24 commits.

• b44ca4e 1.0.0
• 4237774 fixing tests
• 294a896 skipping byName tests in ios
• 819013e newer appium config for tests
• 7692f38 making unit test pass
• 20c85d3 upgrade + fixes
• bf83d43 more upgrades
• ff2c8dd Update link to capabilities doc
• a1375ad restoring chronological order
• 023e2c1 BrowserStack test examples
• a23d650 deps + node upgrade
• 0fadc4c deps update
• 4d71c70 Update dependencies.
• ee0c2a0 Giving bromann some love.
• b03145c Print https://saucelabs.com/jobs/SESSIONID link when running on Saucelabs.
• 3df66b5 Add getDeviceTime method
• 0274692 Merge pull request Feature: Add xml or JSON report gemini-testing/gemini#403 from ertrzyiks/ertrzyiks-patch-1
• a0f3562 0.4.0
• 899ecc3 Merge pull request Update chalk to version 1.1.3 🚀 gemini-testing/gemini#411 from imurchie/isaac-performtouch
• 4e10682 Wrap touch action array in object
• c79c4f6 Update jsonWire doc about scroll command
• 3cdf23e Merge pull request npm install issues on Windows 7 64 bit gemini-testing/gemini#396 from bronzehedwick/patch-1
• f60bbca Fix broken link to mobile emulator docs
• 4543ab8 cleaning up makefiles, configuring colored mocha

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution