[Snyk] Fix for 1 vulnerabilities

[chaitanyapotti]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • demo/react-app/package.json
  • demo/react-app/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-AXIOS-6144788	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @taquito/taquito

The new version differs by 250 commits.

• 0192466 chore(releng) bump version to 14.2.0
• 22fd810 Reintroduce `*` to Taquito package dependencies (#2154)
• 719c313 chore(releng) bump version to 14.2.0-beta-RC.0
• d474f2a implement InMemorySigner.fromMnemonic method tz1/2/3 supported (#2116)
• 449e4bc Fix failing Algolia indexing pipeline
• fa1f824 Merge pull request #2135 from ecadlabs/dependabot/npm_and_yarn/packages/taquito/glob-parent-5.1.2
• 077899d build(deps): bump glob-parent from 3.1.0 to 5.1.2 in /packages/taquito
• 1e258db Merge pull request #2133 from ecadlabs/dependabot/npm_and_yarn/website/parse-url-8.1.0
• b746264 2087 ballot test (#2125)
• e6d566b build(deps): bump parse-url from 6.0.0 to 8.1.0 in /website
• 7965eb0 Merge pull request #2129 from ecadlabs/dependabot/npm_and_yarn/loader-utils-1.4.2
• 2e9ceba build(deps): bump loader-utils from 1.4.1 to 1.4.2
• 501b4b2 Configure NPM Workspaces (#2088)
• bc1ead4 Merge pull request #2124 from ecadlabs/dependabot/npm_and_yarn/packages/taquito/loader-utils-1.4.2
• f0c67aa Merge pull request #2121 from ecadlabs/dependabot/npm_and_yarn/website/loader-utils-1.4.2
• 294c2de Merge pull request #2119 from ecadlabs/dependabot/npm_and_yarn/website/minimatch-and-recursive-readdir-and-serve-handler-3.1.2
• df05ae8 build(deps): bump minimatch, recursive-readdir and serve-handler
• 0f25e4d build(deps): bump loader-utils from 1.4.1 to 1.4.2 in /website
• b36f788 build(deps): bump loader-utils from 1.4.1 to 1.4.2 in /packages/taquito
• 2a0228f Merge pull request #2111 from ecadlabs/dependabot/npm_and_yarn/loader-utils-1.4.1
• e83bd2e Prepare readme i18n (#2079)
• d9e3c7f build(deps): bump loader-utils from 1.4.0 to 1.4.1
• 6285cee Add proposals operation support (#2112)
• 2d08306 1630 ballot (#2107)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution