[Snyk] Security upgrade karma from 1.7.1 to 3.0.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • spring-boot-modules/spring-boot-angular/src/main/js/ecommerce/package.json
  • spring-boot-modules/spring-boot-angular/src/main/js/ecommerce/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	461/1000 Why? Recently disclosed, Has a fix available, CVSS 3.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-DEBUG-3227433	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: karma

The new version differs by 195 commits.

• a4d5bdc chore: release v3.0.0
• 75f466d chore: release v2.0.6
• 5db9399 chore: update contributors
• eb3b1b4 chore(deps): update mime -> 2.3.1 (Update README.md eugenp/tutorials#3107)
• 732396a fix(travis): Up the socket timeout 2->20s. (BAEL-1237 String Formatter eugenp/tutorials#3103)
• 173848e Remove erroneous change log entries for 2.0.3
• 1002569 chore(ci): drop node 9 from travis tests (Adding files for different types of dependency injection eugenp/tutorials#3100)
• 02f54c6 fix(server): Exit clean on unhandledRejections. (BAEL-1175 - Using a Spring Cloud App Starter eugenp/tutorials#3092)
• 0fdd8f9 chore(deps): update socket.io -> 2.1.1 (BAEL-1328 eugenp/tutorials#3099)
• 90f5546 fix(travis): use the value not the key name. (License? eugenp/tutorials#3097)
• fba5d36 fix(travis): validate TRAVIS_COMMIT if TRAVIS_PULL_REQUEST_SHA is not set. (imshouvikb@gmail.com/imshouvikb@gmail.com eugenp/tutorials#3094)
• 56fda53 fix(init): add "ChromeHeadless" to the browsers' options (update guava version eugenp/tutorials#3096)
• f6d2f0e fix(config): Wait 30s for browser activity per Travis. (Onboarding: Different Types of Bean Injection in Spring- Taylor Daugherty eugenp/tutorials#3091)
• a58fa45 fix(travis): Validate TRAVIS_PULL_REQUEST_SHA rather than TRAVIS_COMMIT. (Spring vert.x integration + spring admin eugenp/tutorials#3093)
• 88b977f fix(config): wait 20s for browser activity. (adding built-in java annotation examples eugenp/tutorials#3087)
• 94a6728 chore: remove support for node 4, update log4js (Different types of Bean Injection  eugenp/tutorials#3082)
• c5dc62d docs: better clarity for API usage
• 0018947 chore: release v2.0.5
• 02dc1f4 chore: update contributors
• dc7265b fix(browser): ensure browser state is EXECUTING when tests start (BAEL-719 Spring Cloud Stream README eugenp/tutorials#3074)
• 7617279 refactor(filelist): rename promise -> lastCompletedRefresh and remove unused promise (Rename test to testFile eugenp/tutorials#3060)
• a701732 fix(doc): Document release steps for admins (Implementing the Template Method Pattern with Java - BAEL-1289 eugenp/tutorials#3063)
• 93ba05a fix(middleware): Obey the Promise API.
• 518cb11 fix: remove circular reference in Browser

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)