[Snyk] Security upgrade skipper from 0.8.7 to 0.9.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	No	Proof of Concept
	681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASH-1040724	No	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-450202	No	Proof of Concept
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution SNYK-JS-LODASH-567746	No	Proof of Concept
	704/1000 Why? Has a fix available, CVSS 9.8	Prototype Pollution SNYK-JS-LODASH-590103	No	No Known Exploit
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-608086	No	Proof of Concept
	579/1000 Why? Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-73638	No	No Known Exploit
	434/1000 Why? Has a fix available, CVSS 4.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-73639	No	No Known Exploit
	529/1000 Why? Has a fix available, CVSS 6.3	Prototype Pollution npm:lodash:20180130	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: skipper

The new version differs by 33 commits.

• 554db19 0.9.0
• 6d728f8 Change heading in README to use markdown instead of html, in case it fixes the weird double-logo situation on npm
• e201b3e 0.9.0-4
• 9fbd622 Improve resilience versus friendly, down-home text parameter names like 'constructor' and '__proto__'
• c366671 0.9.0-3
• 4e1f770 Add support for 'X-JSON-MPU-Params' request header
• caa3706 Prepare to absorb the X-JSON-MPU-Params implementation in Skipper (instead of in machine-as-action)
• 513777a Add note about MPU text params and JSON encoding.
• e08e0a1 0.9.0-2
• c8d8915 Use skipperFd if available - this is related to https://github.com/balderdashy/skipper-disk/commit/579a0e7516d9b106343a7e0c04902075918e61d6
• 81539e9 0.9.0-1
• 2cb22ef update comments
• cc6773f clean up old TODOs
• 8a6f9b4 latest SVR for skipper-adapter-tests
• 6c963cb update docs about other adapter methods
• cc5b996 Remove standalone/ alias
• dbc938e 0.9.0-0
• 1a8d07d finish restructuring things to match latest conventions in parley, etc. Leave standalone/ alias for backwards-compatibility
• 4037e7c move index.js to lib/skipper.js
• 62ccd8c conslidate into lib/ (part 1)
• 5d9c1da typo fix in comment
• 653e074 documentation
• 3a7b91e Remove old logger in favor of consistently using 'debug'
• 441dca4 consolidate contributor info

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic