[Snyk] Security upgrade hof from 8.1.0 to 12.0.0

[daniel-ac-martin]

Snyk has created this PR to fix 31 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• package.json
• package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Uninitialized Memory Exposure npm:base64-url:20180512	816
	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577916	776
	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577917	776
	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577918	776
	Prototype Pollution SNYK-JS-LODASH-567746	731
	Cryptographic Issues SNYK-JS-ELLIPTIC-571484	706
	Prototype Pollution SNYK-JS-ASYNC-2441827	696
	Prototype Pollution SNYK-JS-LODASH-6139239	696
	Prototype Poisoning SNYK-JS-QS-3153490	696
	Prototype Pollution SNYK-JS-LODASH-450202	686
	Prototype Pollution SNYK-JS-LODASH-608086	686
	Prototype Pollution SNYK-JS-LODASH-73638	686
	Code Injection SNYK-JS-LODASH-1040724	681
	Uninitialized Memory Exposure npm:concat-stream:20160901	641
	Prototype Pollution npm:lodash:20180130	636
	Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	619
	Prototype Pollution SNYK-JS-MINIMIST-559764	601
	Arbitrary Code Injection SNYK-JS-UNDERSCORE-1080984	596
	Improper Verification of Cryptographic Signature SNYK-JS-BROWSERIFYSIGN-6037026	589
	Directory Traversal SNYK-JS-MOMENT-2440688	589
	Regular Expression Denial of Service (ReDoS) npm:forwarded:20170908	589
	Regular Expression Denial of Service (ReDoS) npm:fresh:20170908	589
	Prototype Override Protection Bypass npm:qs:20170213	589
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	586
	Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	554
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-73639	541
	Open Redirect SNYK-JS-EXPRESS-6474509	519
	Timing Attack SNYK-JS-ELLIPTIC-511941	509
	Prototype Pollution SNYK-JS-MINIMIST-2429795	506
	Regular Expression Denial of Service (ReDoS) npm:mime:20170907	399
	Regular Expression Denial of Service (ReDoS) npm:moment:20170905	399

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.
• Some vulnerabilities couldn't be fully fixed and so Snyk will still find them when the project is tested again. This may be because the vulnerability existed within more than one direct dependency, but not all of the affected dependencies could be upgraded.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution
🦉 Cryptographic Issues
🦉 Open Redirect
🦉 More lessons are available in Snyk Learn

[salimullah]

YOUR MAIL HAS NOT BEEN DELIVERED The email you have sent to ***@***.*** is for a legacy domain which has been deleted. Your mail has not been delivered. Please update your address book and re-send your mail to the same address but having removed .gsi. from the domain part. e.g. send to @homeoffice.gov.uk.