[Snyk] Security upgrade immer from 8.0.1 to 9.0.6

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • superset-frontend/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	673/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-IMMER-1540542	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: immer

The new version differs by 68 commits.

• fa671e5 fix(security): Follow up on CVE-2020-28477 where `path: [["__proto__"], "x"]` could still pollute the prototype
• 2e0aa95 Create SECURITY.md
• 050522d chore: fix CI. maybe.
• 1195510 docs: Update example-setstate.mdx (Migrate Forms.py to Javascript for better interactivity on the client apache/superset#833)
• 648d39b docs: fixing link to RFC-6902 & fixing typo (Review and update chart colors for a11y apache/superset#830)
• bc890f7 docs: Update example-setstate.mdx (Investigate the need in creating the task management infra around celery apache/superset#829)
• 16a3d0f chore(deps): bump prismjs from 1.23.0 to 1.24.0 in /website (Allow different x-axis for line charts apache/superset#822)
• 847492c docs: Extended / updated documenation (Fix mapbox radius calculations being off when changing latitude apache/superset#824)
• 7f41483 chore: [workflows] don't release from forks
• 3f9a94e chore: let's test before publish
• bfb8dec fix: release missing dist/ folder
• b314b19 chore: fix cpx usage
• a607d6c chore: Remove old shizzle
• 6fd5329 chore: fixes for deploy preview
• 144f886 chore: fix docs deployment attempt 3
• 38964fa chore: semantic-release + GH actions
• 06c6741 chore: fix docs deploy
• ad23da9 chore: fix test job
• b6d92f4 chore: publish docs automatically
• c59576a chore: setup GH action for test
• dc3f66c fix: Error querying data from prestodb apache/superset#807 new undefined properties should end up in result object
• 5412c9f fix: fix foreign key string column sizes apache/superset#791 return 'nothing' should produce undefined patch
• 58b74a6 chore(deps): bump ssri from 6.0.1 to 6.0.2 in /website (Fixing serializing the lazy string apache/superset#818)
• c9deb48 chore(deps): bump color-string from 1.5.4 to 1.5.5 in /website (Alembnic current isn't updated to the head after migration. apache/superset#817)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. For admin, please label this issue .pinned to prevent stale bot from closing the issue.