[Snyk] Security upgrade update-notifier from 2.5.0 to 4.0.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/react-devtools/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution SNYK-JS-DOTPROP-543489	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: update-notifier

The new version differs by 23 commits.

• adf7803 4.0.0
• fb5161c Remove the `callback` option ([Snyk] Security upgrade update-notifier from 2.5.0 to 3.0.0 #158)
• 39682de Rename `boxenOpts` option to `boxenOptions`
• bc1721a Avoid showing notification if current version is the latest ([Snyk] Fix for 1 vulnerabilities #174)
• ccaf686 Update dependencies
• b1525e6 Disable when `NODE_ENV` is `test` ([Snyk] Fix for 1 vulnerabilities #173)
• bf73119 Fix install command for npm global ([Snyk] Security upgrade react-scripts from 1.0.11 to 5.0.0 #165)
• 592b025 3.0.1
• f8b4e60 Update Travis matrix
• a6d6b49 Update URL to TTY ([Snyk] Security upgrade electron from 5.0.13 to 13.5.2 #163)
• f9d168a Remove object spread to support node >=8.0.0 <8.6.0 ([Snyk] Security upgrade electron from 5.0.13 to 13.6.2 #164)
• 1712928 Tidelift tasks
• 72f83d1 Create funding.yml
• a7bb3ee 3.0.0
• ad8ed1b Suggest yarn when installed with yarn (Bump tar from 2.2.1 to 2.2.2 in /fixtures/attribute-behavior #132)
• 5f06620 Exit the update check process if it does not respond after 30s (Bump tmpl from 1.0.4 to 1.0.5 in /fixtures/expiration #156)
• 79e89ad Fix failing test (Bump tmpl from 1.0.4 to 1.0.5 in /fixtures/attribute-behavior #155)
• c8faa84 Add `distTag` option ([Snyk] Security upgrade lighthouse from 3.2.1 to 7.0.0 #151)
• 14632e4 Add failing test for [Snyk] Security upgrade eslint from 4.1.0 to 6.6.0 #153 ([Snyk] Security upgrade react-scripts from 1.0.17 to 4.0.0 #154)
• aafd8a0 Require Node.js 8
• 0d49f51 Add Tidelift mention in the readme
• 8df01b3 Fix docs position of `shouldNotifyInNpmScript` ([Snyk] Security upgrade nodegit from 0.18.3 to 0.24.3 #143)
• d371834 Docs: isGlobal option does not default to true ([Snyk] Security upgrade react-scripts from 1.0.17 to 1.1.1 #142)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[stale]

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contribution.

[stale]

Closing this pull request after a prolonged period of inactivity. If this issue is still present in the latest release, please ask for this pull request to be reopened. Thank you!