[Snyk] Security upgrade newrelic from 1.40.0 to 6.5.0

[irhrhd]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	Yes	Proof of Concept
	579/1000 Why? Has a fix available, CVSS 7.3	Prototype Pollution npm:extend:20180424	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: newrelic

The new version differs by 250 commits.

• f35a229 release: 6.5.0 (2020-03-19)
• 5779e3c Updated release notes
• 435d053 Merge pull request #1969 from NodeJS-agent/ntzaperas/attribute-rename
• 3d0dbd2 Rename span error attribute
• a01821f Fix span error attributes appearing on span intrinsics
• 76e0572 Updated changelog for v6.5.0.
• cd9406c Merge pull request #1966 from NodeJS-agent/ntzaperas/lasp-span-errors
• bfb2e70 Remove span_error_attributes feature flag
• 613a285 Test span error attributes and HSM/ignore
• a4ac95b Merge pull request #1964 from NodeJS-agent/mgoin/ConvertAgentAggregatorsUnitTests
• 2de8843 Merge pull request #1959 from NodeJS-agent/mgoin/ConvertAgentsUnitTestFullyTap
• 3f53da6 Converts event-aggregator.test.js to fully use tap API.
• e339089 Use the same attributes on spans as on TransactionErrors
• 0166c8a Span error attributes should adhere to security policy
• de2658d Converts base-aggregator.test.js to fully use tap API.
• 1e036e5 Converts synthetics.test.js to fully use tap API.
• 6d75845 Converts intrinsics.test.js to fully use tap API.
• 8c43fc6 Converts agent.test.js to fully use tap API.
• ade4dc3 Merge pull request #1957 from NodeJS-agent/ntzaperas/NODE-2307-error-attrs-on-spans
• 2ce89a6 Put span error attributes behind a feature flag
• 9013e0f Tests for span error attributes
• 64c6d47 Update tests to match new error interface
• ecae7a2 Add error info to span and link to TransactionError events
• 233e48e Merge pull request #1956 from NodeJS-agent/mgoin/NODE-2314-EventHandlersNotCleaningUp

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution