[Snyk] Security upgrade iltorb from 2.4.0 to 2.4.5

[designfrontier]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	No	Proof of Concept
	706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7	Remote Memory Exposure SNYK-JS-BL-608877	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-INI-1048974	No	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Prototype Pollution SNYK-JS-MINIMIST-2429795	No	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-MINIMIST-559764	No	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	No	Proof of Concept
	761/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.8	Information Exposure SNYK-JS-SIMPLEGET-2361683	No	Proof of Concept
	454/1000 Why? Has a fix available, CVSS 4.8	Arbitrary File Overwrite SNYK-JS-TARFS-174556	No	No Known Exploit
	434/1000 Why? Has a fix available, CVSS 4.4	Time of Check Time of Use (TOCTOU) npm:chownr:20180731	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: iltorb

The new version differs by 34 commits.

• 01907fe Bump to v2.4.5 (Feature/cleanup #109)
• 4455453 Bump to v2.4.4
• c58603e Add support for Node 13 (Release/1.5.0 #101)
• 7dbb84d Bump node-gyp from 5.0.5 to 6.0.0
• 4cb5ff4 Update cross-env requirement from ^5.2.0 to ^6.0.0
• ffb1966 Update cross-spawn requirement from ^6.0.5 to ^7.0.0
• af5d9b1 Update node-gyp requirement from ^4.0.0 to ^5.0.0
• e09fdc7 Drop support for Node 11
• d025270 Update prebuild requirement from ^8.2.1 to ^9.0.0 (E3 harelbeke #94)
• a53503a Update ava requirement from ^1.4.1 to ^2.0.0 (Bug/compressed files #93)
• 7f4c846 Drop support for Node 6 (E3 harelbeke #89)
• 7040779 Bump to v2.4.3
• 9a088c3 Change node install method on appveyor
• d3aa1b4 Address deprecation and compiler warnings
• a02cd10 Node 12 support
• f96e804 Fix git submodule command for circleci
• cbd12a5 Remove unused code
• b7fde84 Update deps
• e9d2ead Bump to v2.4.2
• bb5f12a Revert back to nan (add util to handle array[] conventions with request parameters #83)
• b6e2b18 Update ava
• cb5925a Fix Node 11 builds (Bug/headers #81)
• 8d012d4 Bump to v2.4.1
• 90fbbd3 fix AppVeyor config

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution