[Snyk] Security upgrade hof-build from 1.6.0 to 4.0.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • lib/cli/init/template/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	711/1000 Why? Recently disclosed, Has a fix available, CVSS 8.5	Arbitrary File Write SNYK-JS-TAR-1579147	Yes	No Known Exploit
	711/1000 Why? Recently disclosed, Has a fix available, CVSS 8.5	Arbitrary File Write SNYK-JS-TAR-1579152	Yes	No Known Exploit
	711/1000 Why? Recently disclosed, Has a fix available, CVSS 8.5	Arbitrary File Write SNYK-JS-TAR-1579155	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: hof-build

The new version differs by 104 commits.

• bb6b826 4.0.0
• 6420cdd [MAJOR]: Removed deprecated npm-sass and added dart-sass.
• 2ca9f95 3.1.6
• 5a3819c Merge pull request [Snyk] Security upgrade hof-build from 1.6.0 to 4.0.0 #44 from UKHomeOfficeForms/update-workflow
• 8b0ec68 Remove sas from package json file
• 24ca385 3.1.5
• f0bbee5 Merge pull request [Snyk] Security upgrade hof-build from 1.6.0 to 4.0.0 #43 from UKHomeOfficeForms/update-workflow
• d594b06 Add sas to the package json name
• 8210e42 3.1.4
• 19516de Merge pull request [Snyk] Security upgrade hof-build from 1.6.0 to 4.0.1 #42 from UKHomeOfficeForms/update-workflow
• f73df32 Update worflow to use organisation npm secret
• f284958 3.1.3
• d0a9e30 Merge pull request [Snyk] Security upgrade hof-build from 1.6.0 to 4.0.0 #40 from UKHomeOfficeForms/security/removed-shrinkwrapfile
• d390266 Removed shrinkwrap file
• 554fc62 3.1.2
• 5d51bb6 Merge pull request [Snyk] Security upgrade hof-build from 1.6.0 to 4.0.0 #39 from UKHomeOfficeForms/npm-patch2
• 6470984 Update git actions to use checkout v2.2.0
• c6a4f13 3.1.1
• 89dcbf4 Merge pull request Hof-17: Update hof package to 17 #38 from UKHomeOfficeForms/npm-patch2
• 5459b8e Automate publishing releases
• a827bc5 3.1.0
• db03695 Merge pull request Ensure file modes are preserved when copying files #37 from UKHomeOfficeForms/npm-patch2
• 382a2e6 [MINOR]: Update workflows and version to 3.1.0
• 0f5f134 Merge pull request [evergreen-travis] Update .travis.yml node versions #36 from UKHomeOfficeForms/npm-patch2

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic