[Snyk] Fix for 1 vulnerabilities

[alexeisnyk]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• package.json
• package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-15309438	170

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[alexeisnyk]

This upgrade includes a massive major version jump for the tap testing framework, introducing significant breaking changes. The express-fileupload upgrade also contains breaking changes that require verification.

tap@5.8.0 → tap@18.0.0 (HIGH RISK)

This is a major upgrade spanning 13 major versions, including a complete rewrite of the library in TypeScript for version 18. Expect significant migration effort.

Key Breaking Changes:

• Complete Rewrite & Module System: Version 18 is a full rewrite in TypeScript, introducing first-class support for ES Modules (ESM) and hybrid module resolution. The import mechanism has also changed.
• Node.js Version Support: Support for Node.js versions below 10 was dropped in tap v11.
• Coverage Enforcement: Starting in v15, --check-coverage is on by default, and tap now treats missing coverage as a test failure. The coverage engine was switched from nyc to c8.
• API and CLI Changes: Numerous breaking changes were introduced across major versions, including the removal of callbacks from beforeEach/afterEach, changes to promise resolutions for t.test(), and removal/modification of many CLI flags.

Recommendation: This upgrade will require a significant refactoring of your test suite. It is highly recommended to consult the official tap changelogs and migration guides before merging.

express-fileupload@0.0.5 → express-fileupload@1.1.10 (MEDIUM RISK)

This upgrade introduces breaking changes from early versions that may impact your application.

Key Breaking Changes:

• Removed urlencoded Support: As of version 0.1.0, the library exclusively supports multipart/form-data and no longer parses application/x-www-form-urlencoded requests. If you rely on this for urlencoded bodies, you must use a different middleware like body-parser.
• Dropped Node.js Support: Support for Node.js versions older than v4 was dropped in v0.1.0.
• MD5 Property Fluctuation: The req.files.foo.md5 property behavior changed from a string to a function in v1.0.0 and was reverted to a checksum string in v1.1.1. The target version 1.1.10 has the original string behavior.

Recommendation: Verify that your application only uses this library for multipart file uploads and is running on a supported version of Node.js.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.