[Snyk] Security upgrade fsh-sushi from 2.1.1 to 3.7.0

[LaRiffle]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	676/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.1	Cross-site Request Forgery (CSRF) SNYK-JS-AXIOS-6032459	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-6124857	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-AXIOS-6144788	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: fsh-sushi

The new version differs by 243 commits.

• b1fa2a7 v3.7.0 (#1425)
• 752d4c6 Fall back to package.json when resolving "latest" version in IG (#1423)
• ec795a0 Use current extension for specifying IG resource format (#1421)
• b80fdbc Allow extensions on dependencies and pass onto the IG resource (#1420)
• ce72aad Regression script: handle errors thrown during repo compare (#1419)
• e08354c Update assorted dependencies (#1417)
• d1d3ced Support logical model examples without resourceType or id (#1418)
• 50ecd44 v3.6.1 (#1416)
• 8102b47 Canonical to non-Instance contained resources create fragment references (#1405)
• a704c9d Fix fishing type order to match default order (#1412)
• a977a58 Allow binding to inline ValueSet instances (#1395)
• 3b9bfe1 Unfold using profile on slice when its profile is different than parent (#1410)
• fc5c59b Use actual version in IG when dependency version is "latest" (#1409)
• 1450d27 Add informational disclaimers to grammar files (#1399)
• a44195a Use https to download scripts during sushi init (#1400)
• 7296698 v3.6.0 (#1401)
• 4165591 Use rules for most Invariant keywords (#1397)
• c84bc18 Add Characteristics to Logical FSH representation (#1390)
• 6f5d322 Produce correct FSH for concept CaretValueRules on ValueSets (#1385)
• b278f4e Improve IG exampleCanonical matching on versioned meta.profile for profiles that don't specify a version (#1387)
• 3e6ee9d Value Set concept components have one code per line (#1381)
• 80d8ee7 CaretValueRule codes are quoted if they contain spaces (#1382)
• 92bfb1a Create index files for FSH-defined entities (#1377)
• b5073e1 Handle recursive extension contexts (#1378)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Request Forgery (CSRF)
🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution