[Snyk] Fix for 5 vulnerabilities

[melvin-bot]

Snyk has created this PR to fix 5 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• package.json
• package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Cross-site Scripting SNYK-JS-SEND-7926862	****
	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	696
	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	631
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	589
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	524

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncontrolled resource consumption
🦉 Cross-site Scripting

[melvin-bot]

This is a Snyk issue. Snyk is a tool that automatically tracks our repositories' dependencies and reports associated security vulnerabilities. It also automatically create PRs to fix these vulnerabilities.

    C+: Please follow these steps to test the linked PR before running through the reviewer checklist:
    - [ ] The first step is to understand the PR: what dependency is it upgrading, for which vulnerability, how it impacts our product & end users.
    - [ ] If the issue is not worth fixing, please add your reasoning in the issue and have the internal engineer review it.
    - [ ] Check the change log (which should be included in the PR description) to see all changes. We want to identify any breaking changes. If it is a minor version bump, it's unlikely that there are any breaking changes.
    - [ ] Test our feature(s) that make use of this package. If it does not work, we should understand what broke it. It is also a good idea to check our main flows to make sure they are not broken that you can add in the checklist screenshots/videos.

[melvin-bot]

This issue has not been updated in over 15 days. eroding to Monthly issue.

P.S. Is everyone reading this sure this is really a near-term priority? Be brave: if you disagree, go ahead and close it out. If someone disagrees, they'll reopen it, and if they don't: one less thing to do!