[Snyk] Fix for 2 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Breaking Change	Exploit Maturity
	Prototype Pollution SNYK-JS-LODASH-567746	No	Proof of Concept
	Denial of Service (DoS) SNYK-JS-SOCKJS-575261	No	Proof of Concept

Commit messages

Package name: grunt

The new version differs by 10 commits.

• 9ba3a99 1.0.3
• eee4c33 Changelog v1.0.3
• 46da7f2 Merge pull request #1636 from gruntjs/upt
• 00f4d8a Drop support for Node 0.10 and 0.12
• e852727 util update
• 56d702e Update deps
• 0105524 Fix race condition with file.mkdir and make it operate more similarily to mkdir -p (#1627) r=@vladikoff
• 303d445 https links (#1629)
• d969132 Merge pull request #1624 from gruntjs/rm-bump-deps
• 289ff91 Remove old bump task and deps

See the full diff

Package name: grunt-contrib-watch

The new version differs by 16 commits.

• 6ec71e9 v1.0.1
• 7d20933 Update copyright year
• e3d19df Update ci configs
• d117574 Updating ci configs
• 99410a7 README.md: Fixed typos (#536)
• 7f8cf80 Add local grunt-cli
• ab6771e Drop back to grunt@0.4.5 until the bad test helper can be sorted
• 2e2daa5 Update to gaze@1.1.0
• 3d7fa3a Avoid timing issue in tests because of the bad test helper
• 0130a16 Merge pull request #500 from gruntjs/deps
• 5289845 Update devDependencies.
• fd3ed7a Lint tweaks.
• e42386a Merge pull request #501 from cepko33/master
• 8c93077 Updated lodash and changed outdated 'contains' to 'includes'
• 986b8a9 Update CHANGELOG.
• 5e155ec Add AppVeyor for Windows testing.

See the full diff

Package name: webpack-dev-server

The new version differs by 250 commits.

• 4ab1f21 chore(release): 3.11.0
• 0e51fb1 fix: invalidate route (#2584)
• f857c40 chore: deps and tests
• 41d1d0c fix(deps): security vulnerability in yargs-parser (#2566)
• 375ab23 ci: add node@14 (#2530)
• 776e7d4 chore(deps): update dependency html-entities to ^1.3.1 (master) (#2513)
• 984536c chore: update lint-staged config (#2524)
• 89ffb86 feat: add invalidate endpoint (#2493)
• 0e9bffb chore(deps): update all patch dependencies (#2508)
• 99ccfd8 fix: update jquery (#2516)
• 06583f2 fix: do not swallow errors from server (#2512)
• 0d5c681 fix(server): don't crash on setupExitSignals(undefined) (#2507)
• c436058 chore(deps): update all patch dependencies (master) (patch) (#2503)
• 4808abd feat(progess): emit progress-update (#2498)
• adeb92e feat: allow open option to accept an object (#2492)
• c6bdfe4 feat(contentBasePublicPath): allow multiple paths (#2489)
• f317358 chore(deps): update all patch dependencies (master) (patch) (#2481)
• de763e9 chore(deps): update all minor dependencies (master) (minor) (#2473)
• f7b6fa1 chore(deps): update package-lock.json (#2482)
• 3bf43a7 chore(deps): update all patch dependencies (#2477)
• 12d76be docs: fix typos across the project (#2452)
• 9a6e4a1 chore(deps): update all patch dependencies (#2468)
• d4739f8 chore(deps): update dependency husky to v4 (#2383)
• 5f357f3 chore(deps): update all patch dependencies (#2450)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic