[Snyk] Security upgrade karma from 3.1.4 to 5.0.8

[leonardoadame]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • deps/npm/node_modules/event-target-shim/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	704/1000 Why? Has a fix available, CVSS 9.8	Improper Input Validation SNYK-JS-SOCKETIOPARSER-3091012	Yes	No Known Exploit
	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Arbitrary Code Injection SNYK-JS-XMLHTTPREQUESTSSL-1082936	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: karma

The new version differs by 146 commits.

• 16010eb chore(release): 5.0.8 [skip ci]
• a409696 chore: remove unused `grunt lint` command (repl: handle comments properly nodejs/node#3515)
• 47f1cb2 fix(dependencies): update to latest log4js major (console.timeEnd shouldn't throw if there is no matching label nodejs/node#3514)
• b60391f fix(dependencies): update and unlock socket.io dependency (Install Problem nodejs/node#3513)
• 4d49948 chore(release): 5.0.7 [skip ci]
• f399063 fix: detect type for URLs with query parameter or fragment identifier (Fix code example nodejs/node#3509)
• 17b50bc chore(release): 5.0.6 [skip ci]
• 0cd696f fix(dependencies): update production dependencies (doc: add note about timeout delay > TIMEOUT_MAX nodejs/node#3512)
• 7c24a03 chore: fix broken HTML markup in the changelog file (test: improve tests for util.inherits nodejs/node#3507)
• fdc4f9d refactor(test): remove no debug matching option (async_wrap: make native API public nodejs/node#3504)
• 35d57e9 chore(release): 5.0.5 [skip ci]
• e99da31 fix(cli): restore command line help contents (Load JSON-LD in the same way as JSON nodejs/node#3502)
• 4f2fe56 chore: add Node 14 to the build matrix (test: print helpful err msg on test-dns-ipv6.js nodejs/node#3501)
• 100b227 refactor(test): move execKarma into the World (buffer: fix value check for writeUInt{B,L}E nodejs/node#3500)
• f375884 refactor(test): reduce execKarma to a reasonable size (Crash when trying to create buffers with invalid base64. nodejs/node#3496)
• a3d1f11 refactor(test): add common method to start server in background (build: don't compile and test in parallel nodejs/node#3495)
• e4a5126 refactor(test): write config file in its own steps (deps: fix upgrade to npm 3.3.6 nodejs/node#3494)
• 0bd5c2b refactor(test): adjust sandbox folder location and simplify config logic (Revert "deps: upgrade npm to 3.3.6" nodejs/node#3493)
• b788f94 refactor(test): extract proxy into a separate Given claim (test: remove flaky flag on test-tls-ticket-cluster nodejs/node#3492)
• 633f833 chore(release): 5.0.4 [skip ci]
• 810489d refactor(test): migrate Proxy to ES2015 ( src: Revert nix stdin _readableState.reading nodejs/node#3490)
• fa95fa3 fix(browser): make sure that empty results array is still recognized (console: Add common aliases for console methods nodejs/node#3486)
• 255bf67 refactor(test): migrate World to ES2015 (tools: test-npm fixes for npm3 nodejs/node#3489)
• be5db67 chore(test): remove usage of deprecated defineSupportCode (repl: exports Recoverable nodejs/node#3488)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Arbitrary Code Injection
🦉 Improper Input Validation

[bolt-new-by-stackblitz]

Run & review this pull request in StackBlitz Codeflow.