[Snyk] Security upgrade gatsby-plugin-robots-txt from 1.5.0 to 1.5.1

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:

  • package.json
  • package-lock.json

• Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches.
  Find out more.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-YARGSPARSER-560381	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: gatsby-plugin-robots-txt

The new version differs by 147 commits.

• 8831cad fix(security): Upgrade dependencies to fix existing security issues (fix(deps): update gatsby monorepo #256)
• 8d1691f chore(deps): bump @babel/runtime from 7.9.6 to 7.10.0 (chore(deps): update dependency prettier to v2 #254)
• de25409 chore(deps-dev): bump semantic-release from 17.0.7 to 17.0.8 (Criação de testes unitários e snapshot faltantes #250)
• e9d4419 chore(deps-dev): bump eslint from 7.0.0 to 7.1.0 (fix(deps): update dependency muy to v0.5.4 #251)
• ddd272d chore(deps-dev): bump memfs from 3.1.2 to 3.2.0 (fix(deps): update react monorepo to v16.13.1 #249)
• bb8c157 chore(deps): bump generate-robotstxt from 8.0.2 to 8.0.3 (chore(deps): update mui monorepo #246)
• 1ccea21 chore(deps): [security] bump handlebars from 4.5.3 to 4.7.6 (fix(deps): update dependency muy to v0.5.3 - autoclosed #247)
• db5c060 chore(deps-dev): bump eslint from 6.8.0 to 7.0.0 (chore(deps): pin dependency @material-ui/core to 4.9.5 #245)
• 3be739e chore(deps): [security] bump acorn from 7.1.0 to 7.1.1 (chore(deps): update dependency start-server-and-test to v1.10.11 #244)
• 83a8329 chore(deps-dev): bump jest from 25.5.3 to 26.0.1 (chore(deps): update dependency cypress to v4.2.0 #243)
• 62ff00b chore(deps-dev): bump @babel/plugin-transform-runtime (Move LogRocket init data to environment variable #237)
• 1f12aa2 chore(deps): bump @babel/runtime from 7.9.2 to 7.9.6 (fix(deps): update gatsby monorepo #239)
• 07d7c2a chore(deps-dev): bump @babel/preset-env from 7.9.5 to 7.9.6 (chore(deps): update dependency start-server-and-test to v1.10.10 #236)
• 7aa870a chore(deps-dev): bump jest from 25.5.2 to 25.5.3 (fix(deps): update dependency gatsby to v2.19.43 #240)
• 2361597 chore(deps-dev): bump jest from 25.4.0 to 25.5.2 (generate humans.txt automatically via gatsby-node.js & GraphQL query #238)
• 8510704 chore(deps-dev): bump jest from 25.3.0 to 25.4.0 (fix(deps): update dependency gatsby-plugin-netlify-cms to v4.1.41 #232)
• 637e906 chore(deps-dev): bump prettier from 2.0.4 to 2.0.5 ([Story] Adicionar LogRocket #234)
• 7f48da5 chore(deps-dev): bump semantic-release from 17.0.4 to 17.0.7 (fix(deps): update dependency netlify-cms-app to v2.11.28 #233)
• 7fb8283 chore(deps-dev): bump @babel/preset-env from 7.9.0 to 7.9.5 (fix(deps): update gatsby monorepo #229)
• cb5e10d chore(deps-dev): bump jest from 25.2.7 to 25.3.0 (fix(deps): update gatsby monorepo #230)
• f50b503 chore(deps-dev): bump jest from 25.2.6 to 25.2.7 (fix(deps): update gatsby monorepo #227)
• 1cb3d73 chore(deps-dev): bump prettier from 2.0.2 to 2.0.4 (chore(deps): update dependency @testing-library/cypress to v5.3.1 #228)
• 78c2e17 chore(deps-dev): bump jest from 25.2.4 to 25.2.6 (fix(deps): update gatsby monorepo #225)
• e30d6f0 chore(deps-dev): bump jest from 25.2.3 to 25.2.4 ([User Story] Criar uma página de contato #224)

See the full diff

With a Snyk patch:

Severity	Priority Score (*)	Issue	Exploit Maturity
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Prototype Pollution SNYK-JS-LODASH-567746	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[codecov]

Codecov Report

Merging #328 into master will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master     #328   +/-   ##
=======================================
  Coverage   39.58%   39.58%           
=======================================
  Files          14       14           
  Lines          48       48           
  Branches        7        7           
=======================================
  Hits           19       19           
  Misses         22       22           
  Partials        7        7           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 20faa51...51b4d5b. Read the comment docs.

[jimmyandrade]

LGTM