[Snyk] Security upgrade karma from 2.0.5 to 3.0.0

[Centaurioun]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • spring-boot-modules/spring-boot-angular/src/main/js/application/package.json
  • spring-boot-modules/spring-boot-angular/src/main/js/application/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	751/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.6	Command Injection SNYK-JS-NODEMAILER-1038834	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: karma

The new version differs by 17 commits.

• a4d5bdc chore: release v3.0.0
• 75f466d chore: release v2.0.6
• 5db9399 chore: update contributors
• eb3b1b4 chore(deps): update mime -> 2.3.1 (Update README.md eugenp/tutorials#3107)
• 732396a fix(travis): Up the socket timeout 2->20s. (BAEL-1237 String Formatter eugenp/tutorials#3103)
• 173848e Remove erroneous change log entries for 2.0.3
• 1002569 chore(ci): drop node 9 from travis tests (Adding files for different types of dependency injection eugenp/tutorials#3100)
• 02f54c6 fix(server): Exit clean on unhandledRejections. (BAEL-1175 - Using a Spring Cloud App Starter eugenp/tutorials#3092)
• 0fdd8f9 chore(deps): update socket.io -> 2.1.1 (BAEL-1328 eugenp/tutorials#3099)
• 90f5546 fix(travis): use the value not the key name. (License? eugenp/tutorials#3097)
• fba5d36 fix(travis): validate TRAVIS_COMMIT if TRAVIS_PULL_REQUEST_SHA is not set. (imshouvikb@gmail.com/imshouvikb@gmail.com eugenp/tutorials#3094)
• 56fda53 fix(init): add "ChromeHeadless" to the browsers' options (update guava version eugenp/tutorials#3096)
• f6d2f0e fix(config): Wait 30s for browser activity per Travis. (Onboarding: Different Types of Bean Injection in Spring- Taylor Daugherty eugenp/tutorials#3091)
• a58fa45 fix(travis): Validate TRAVIS_PULL_REQUEST_SHA rather than TRAVIS_COMMIT. (Spring vert.x integration + spring admin eugenp/tutorials#3093)
• 88b977f fix(config): wait 20s for browser activity. (adding built-in java annotation examples eugenp/tutorials#3087)
• 94a6728 chore: remove support for node 4, update log4js (Different types of Bean Injection  eugenp/tutorials#3082)
• c5dc62d docs: better clarity for API usage

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.