[Snyk] Fix for 2 vulnerabilities

[Robbie1977]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	698/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.1	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: copy-webpack-plugin

The new version differs by 176 commits.

• 797a006 chore(release): update `serialize-javascript`
• f233c55 chore(deps): serialize-javascript and deps updated (Styling #613)
• 966d723 chore(deps): update (cleaned version #610)
• 2abdddf chore: fix typo (Fix for spotlight #609)
• d041d85 chore(release): 9.0.0
• beff64e refactor: nodejs v10 dropped (cylinder / lines toggle #606)
• 3a1139e docs: fix unintended cyrillics in README.md (Spotlight to go straight to actions without display the buttons #604)
• 8857968 chore(release): 8.1.1
• d8fa32a fix: `stage` for processing assets (Intro component implementation #600) (Querybuilder checkbox and spinner not working #601)
• a571f07 chore(release): 8.1.0
• 82b10e3 chore(deps): update (swapping to dario fixes #598)
• a8ace71 docs: update (removing StackViewer Debug messages #597)
• dde71f0 feat: added the `transformAll` option (Latest fixes #596)
• 4ca7f80 docs: fix broken link to #globoptions (Fixes from Testing #595)
• 01fa91b docs: fix typo
• 1787d2d chore(release): 8.0.0
• 83601dc refactor: code (Feature/568 #593)
• 9e12a33 refactor: code (fixes for server setting #592)
• d68a8eb chore(deps): update (typo fix #591)
• ea610bc feat: added `priority` option (Server selection fixes #590)
• a9b06a6 docs(readme): add example to skip minimizing source files (Fix reconnection error status #588)
• f2c1bc8 refactor: template strings in `to` option (Test Fixes and version fixing #589)
• 8d5ab9a chore: updated deps (Travis Fixes  #587)
• f5e661b test: issue 496 (trackpad 2 finger scrolling fails in firefox on slice viewer #586)

See the full diff

Package name: jest

The new version differs by 250 commits.

• be16e47 v27.0.0
• 63102ec chore: update changelog for release
• 564694a docs(blog): Jest 27 blog post (#11131)
• b68d91b feat(pretty-print): add option `printBasicPrototype` (#11441)
• 2226742 chore: minor simplify format results error (#11432)
• 78eb25d chore: remove needless assign (#11433)
• 696c455 chore: update lockfile after publish
• e2eb9ae v27.0.0-next.11
• 3b253f8 Wait for closed resources to actually close before detecting open handles (#11429)
• 27bee72 fix: run GC before collecting open handles (#11278)
• 50451df feat: use fallback if prettier not found (#11400)
• 150dbd8 chore: update lockfile after publish
• 6f44529 v27.0.0-next.10
• cbcec7d Upgrade fsevents in jest-haste-map (#11428)
• 9633a26 feat: support reporters written in ESM (#11427)
• 59f42d8 fix: do not cache modules that throw during evaluation (#11263)
• 57e32e9 Detect open handles with done callbacks (#11382)
• a397607 Document and test dontThrow for custom inline snapshot matchers (#10995)
• 4fa3a0b feat: custom haste (#11107)
• 2047a36 chore: bump deps (#11419)
• a4358d6 chore: run prettier on changelog
• bdd6282 Move all default values into `jest-config` (#9924)
• db643a1 Link to Jest config (#11106)
• b16082c Fix locale issue #10014 (#11412)

See the full diff

Package name: webpack

The new version differs by 250 commits.

• f2f998b 5.1.1
• bcd6190 Merge pull request #11704 from webpack/bugfix/delete-asset
• 11935a9 Merge pull request #11703 from webpack/bugfix/11678
• 63ba54c update chunk to files mapping when deleting assets
• 4669600 Merge pull request #11690 from webpack/bugfix/11673
• 234373e Merge pull request #11702 from webpack/deps/terser
• b6bc273 fix infinite loop in inner graph optimization
• 50c3a83 fix unused modules in chunk when optimizing runtime-specific
• 5d9d9b9 fix runtime-specific handling in concatenated modules
• 250e37c add test case
• 7925652 upgrade terser-webpack-plugin
• 27796db Merge pull request #11669 from webpack/dependabot/npm_and_yarn/ts-loader-8.0.5
• bd5aab8 Merge pull request #11692 from webpack/dependabot/npm_and_yarn/babel/core-7.12.0
• 886bbd5 Merge pull request #11693 from webpack/dependabot/npm_and_yarn/react-dom-16.14.0
• 3a14b3d Merge pull request #11694 from webpack/dependabot/npm_and_yarn/react-16.14.0
• ddf9936 chore(deps-dev): bump react from 16.13.1 to 16.14.0
• dc6e69a chore(deps-dev): bump react-dom from 16.13.1 to 16.14.0
• 8f18de9 chore(deps-dev): bump @ babel/core from 7.11.6 to 7.12.0
• c0410e8 Merge pull request #11686 from webpack/bugfix/11677
• 4504046 order runtime chunks correctly when they depend on each other
• 74a44cd add comment to help tagging for the bot
• e97efb7 chore(deps-dev): bump ts-loader from 8.0.4 to 8.0.5
• 77329b4 5.1.0
• 48c10f3 Merge pull request #11653 from log2-hwan/fix-moduletemplate-deprecation

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)
🦉 Prototype Pollution