[Snyk] Fix for 2 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-PAPAPARSE-564258	Yes	Proof of Concept
	490/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-RAMDA-1582370	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: ramda

The new version differs by 42 commits.

• 1a5d40b Version 0.27.2
• 4d8e8f0 Merge pull request #3212 from ramda/davidchambers/trim
• 94d0570 Security fix for ReDoS (#3177)
• 8ae355e update test string for trim
• 6bb8eea Version 0.27.1
• ed191e6 Merge pull request #2832 from kibertoad/chore/update-dependencies-2
• 20ba763 Update dependencies
• a6620f6 Update Babel to v7 (#2829)
• 2705518 Execute tests on Node 12 (#2828)
• c45208e hasPath return false for non-object checks (#2825)
• 0baeda1 updated invoker.js documentation (#2821)
• 072d417 Including BR translation. (#2621)
• ca1e2b5 add an example which covers error and value (#2806)
• 271b044 docs: Add @ since where it is missing (#2793)
• ac58c96 Update `pathSatisfies` to handles empty `path` arguments (#2791)
• b25ac73 Fix typo in split docs (#2792)
• 7d55e91 Add R.xor (Exclusive OR) (#2646)
• efd899b feature: adding paths operator - #2740 (#2742)
• 235a370 fix: rename then to andThen (#2772)
• 8d59032 Fix broken link in readme (#2768)
• 38feed2 remove erroneous quotes in tryCatch documentation (#2765)
• ce4f936 fix `@ since` in `includes` (#2764)
• 626762b Reference to Ramda Conventions wiki page (#2718)
• 878cacd Add prebench script (#2759)

See the full diff

Package name: react-admin

The new version differs by 250 commits.

• 89ac783 v3.0.0
• 5f107ba Prepare changelog for 3.0.0
• 3137772 Merge branch 'master' into next
• f5bea90 v2.9.9
• 5d59f62 Prepare changelog for v2.9.9
• 41e8562 Merge pull request #3956 from nicgirault/add-example-to-datagrid-doc
• 056404e Merge pull request #3954 from nicgirault/improve-pagination-doc
• fc827b7 Merge pull request #3958 from gstvg/patch-1
• c29055d Merge pull request #4007 from m4theushw/ie11
• bd2b57a Merge pull request #4000 from marmelab/fix-filter-resets-pagination
• 2b8bbf8 Merge pull request #4004 from WiXSL/patch-anchors-inputs
• 779ccb1 Upgrade react-final-form again
• fbb36c1 Docs anchors not workings.
• 0e29b53 Fix support to IE11
• 338dcdb Fix types after react-final-form update
• 2d1da89 Merge pull request #3995 from WiXSL/patch-demo-app-component
• a17110e Fix setting filter resets pagination
• 4aed24e Reverted loading indicator.
• 9c688f0 Merge pull request #3994 from bicstone/patch-1
• 990f8b5 Merge pull request #3998 from marmelab/better-input-doc
• bf8337e Merge branch 'next' into better-input-doc
• 2e797bd Improve Inputs doc to make props more obvious
• 8cd9489 Change UserMenu component to function component.
• 125f204 Change demo App component to function component.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.