[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @cucumber/cucumber

The new version differs by 143 commits.

• 93ac371 Release 8.0.0
• fe24fbf docs: update docs on tsconfig flags
• c97252d fix: try require first for custom formatters so transpiled ones work (#1985)
• 901561e chore(deps): update dependency tsd to v0.20.0 (#1982)
• b3af150 chore(deps): update eslint packages (#1976)
• d34ef10 chore(deps): update actions/upload-artifact action to v3 (#1977)
• 7d7b2d1 chore(deps): update unit test packages (#1970)
• ed001ef chore(deps): update dependency @ microsoft/api-extractor to v7.20.0 (#1973)
• 7ad916a chore(deps): update dependency ts-node to v10.7.0 (#1974)
• 851ac1d fix(deps): update dependency @ cucumber/ci-environment to v9.0.4 (#1971)
• 581fb45 chore(deps): update dependency @ microsoft/api-documenter to v7.17.0 (#1972)
• 4f6a533 chore(deps): update dependency typescript to v4.6.3 (#1969)
• 94458aa Add Stand With Ukraine badge
• 72af3f8 export parallelCanAssignHelpers on main entry point (#1966)
• d98c6de Update CHANGELOG.md
• cc5493c chore: update html-formatter dependency
• ba0c700 cli: warn when untested node version (#1959)
• 8e53bab docs: UPGRADING.md for 8.0.0, some tweaks and tidy up CHANGELOG.md (#1962)
• 0acdfe0 fix: ensure absolute paths (as file urls) can be loaded for formatters, snippets (#1963)
• aa3972a chore: bump vulnerable dependency
• 3f45ae1 Release 8.0.0-rc.3
• 50d2e50 fix up CHANGELOG.md
• 76b0505 chore: ensure typescript will see all types correctly (#1960)
• ad1d112 api: loadSources function (#1957)

See the full diff

Package name: mocha

The new version differs by 10 commits.

• 24b5243 build(v9.2.2): release
• 22a1560 build(v9.2.2): update CHANGELOG [ci skip]
• 632e602 chore: update dependencies (#4843)
• 241964b fix: wrong error thrown while loading reporter (#4842)
• 22f9306 fix(dry-run): potential call-stack crash with 'dry-run' option (#4839)
• 547ffd7 build(v9.2.1): release
• ca7432a build(v9.2.1): update CHANGELOG [ci skip]
• 86305cf fix: wrong error thrown while loading config files (#4832)
• 11c4560 fix: configurable max diff size (#4799)
• 509938d doc: fix to show sponsors in narrow view (#4793)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[lance]

Resolved manually in #514