[Snyk] Fix for 2 vulnerabilities

[snykerjames]

Snyk has created this PR to fix 2 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• package.json
• package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Code Injection SNYK-JS-SNYKGRADLEPLUGIN-8248487	661
	Code Injection SNYK-JS-SNYKPHPPLUGIN-8248485	661

Release notes

Package name: snyk-gradle-plugin

• 4.5.0 - 2024-10-03
  

  4.5.0 (2024-10-03)

  Features

  • handle gradle wrapper files for windows (#292) (2f5ee75)
• 4.4.0 - 2024-10-01
  

  4.4.0 (2024-10-01)

  Features

  • support verbose gradle graphs for sbom generation (#290) (4a69447)
• 4.3.0 - 2024-09-12
  

  4.3.0 (2024-09-12)

  Features

  • Update CI Window Machine (#289) (628c688)
• 4.2.0 - 2024-06-05
  

  4.2.0 (2024-06-05)

  Features

  • add prodsec/security_scans (#282) (b4c107b)
• 4.1.0 - 2024-01-22
  

  4.1.0 (2024-01-22)

  Features

  • added support for gradle 8 (#280) (a121cc1)
• 4.0.2 - 2024-01-17
  

  4.0.2 (2024-01-17)

  Bug Fixes

  • Use complete project path when filtering subprojects (#278) (e216d5c)
• 4.0.1 - 2023-11-30
  

  4.0.1 (2023-11-30)

  Bug Fixes

  • ci missing packages for publish new release (#276) (1596027)
  • lint release file (#273) (ee41cb3)
  • solved concurrency issue when looping a map (#272) (e8885b6)
• 4.0.0 - 2023-11-18
  

  4.0.0 (2023-11-18)

  Bug Fixes

  • cache sdkman to avoid all the temp unavailable errors (6f4d956)
  • one depgraph had multiple changes, also on circleci (f9f59f5)
  • updated dep graph fixture (c21d58c)
  • updating tests (5747284)

  Features

  • changing the way we name package dependency roots (3edf270)

  BREAKING CHANGES

  • This major version bump is mostly cautionary, as existing consumers of this plugin ought not to encounter errors. However, it is a change in how the makeup of the dependency graph works, and therefore could be argued to require this version bump. Thus we err on the side of caution.
• 3.27.0 - 2023-06-19
  

  3.27.0 (2023-06-19)

  Features

  • add secrets scanning (a41f3a4)
• 3.26.4 - 2023-04-28
  

  3.26.4 (2023-04-28)

  Bug Fixes

  • transitives when using gradle-normalize-deps (3e32407)
• 3.26.3 - 2023-03-28
• 3.26.2 - 2023-03-28
• 3.26.1 - 2023-03-22
• 3.26.0 - 2023-02-13
• 3.25.2 - 2023-01-13
• 3.25.1 - 2023-01-05
• 3.25.0 - 2023-01-05
• 3.24.6 - 2022-11-18
• 3.24.5 - 2022-11-14
• 3.24.4 - 2022-10-14
• 3.24.3 - 2022-10-13
• 3.24.2 - 2022-10-06
• 3.24.1 - 2022-10-04
• 3.24.0 - 2022-09-28
• 3.23.2 - 2022-09-28
• 3.23.1 - 2022-09-23
• 3.23.0 - 2022-09-23
• 3.22.2 - 2022-09-02

from snyk-gradle-plugin GitHub release notes

Package name: snyk-php-plugin

• 1.10.0 - 2024-10-15
  

  1.10.0 (2024-10-15)

  Features

  • add prodsec/security_scans (a2235c6)
  • add secrets scanning (ba85128)
  • pass command and args into spawn separately (9189f09)
  • replace execSync with spawnSync (0d64ae5)
  • update CODEOWNERS (82a960f)
  • upgrade ci images (331dc00)
• 1.9.4 - 2022-10-14
  

  1.9.4 (2022-10-14)

  Bug Fixes

  • upgrade tslib from 1.13.0 to 1.14.1 (56f97e3)
• 1.9.3 - 2021-06-14
  

  1.9.3 (2021-06-14)

  Bug Fixes

  • upgrade tslib from 1.11.1 to 1.13.0 (b3b44d6)
• 1.9.2 - 2020-09-08
  

  1.9.2 (2020-09-08)

  Bug Fixes

  • add LICENSE file to distro (e4ea014)
  • remove production env var from release (ea46451)
  • update cli-interface and composer-lockfile-parser (b7e9298)

from snyk-php-plugin GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Code Injection