[Snyk] Security upgrade @stacks/auth from 1.0.0-beta.7 to 1.0.0

[kyranjamie]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/storage/package.json
  • packages/storage/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	No	Proof of Concept
	753/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.2	Command Injection SNYK-JS-LODASH-1040724	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @stacks/auth

The new version differs by 35 commits.

• 77b4d6d v1.0.0-beta.8
• 1f2b5fd Merge pull request feat: Stacks monorepo refactor #807 from blockstack/feature/monorepo-refactor
• 8767be4 Merge branch 'master' into feature/monorepo-refactor
• b939f09 docs: merge docs
• ca569eb docs: add docs to git
• f8403f0 fix: CLI unable to specify node URL
• 4ced06e Merge pull request feat: builder for unsigned contract call #841 from blockstack/feat/unsigned-contract-call
• ba2243e feat: enable creation of unsigned contract calls
• 30d1fff docs: update package readme
• 124b5ca Merge pull request Fix cloned broadcast response causing issues in dev tools #839 from blockstack/fix/broadcast-response-clone
• a859be0 Merge pull request feat(transactions): export cvToHex, hexToCV, parseReadOnlyResponse #826 from friedger/feature/cv_hex_utils
• 8ba42d2 Merge pull request Change buffer to string encoding to Hex #838 from blockstack/fix/buffer-encoding
• c12e369 fix: no clone on tx broadcast result
• 92af5b5 fix: change default buffer encoding to hex in cvToString() function
• 5a321ae docs: update README
• 2b4f8c4 docs: update README
• e6651d2 docs: update README
• fca6bb5 feat: add mocknet network config
• 9da9ac4 build: update package.json data
• 1c0f0e3 feat(transactions): export cvToHex, hexToCV, parseReadOnlyResponse
• cdc08ca Merge pull request build(deps): bump yargs-parser from 13.1.1 to 13.1.2 #817 from blockstack/dependabot/npm_and_yarn/yargs-parser-13.1.2
• 5844a4b build(deps): bump yargs-parser from 13.1.1 to 13.1.2
• f3a7881 Merge branch 'release/v21.1.1'
• 7f068f8 release: v21.1.1

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[vercel]

This pull request is being automatically deployed with Vercel (learn more).
To see the status of your deployment, click below or on the icon next to each commit.

🔍 Inspect: https://vercel.com/blockstack/stacks-js/4UJEAXBvRafLAbzGQYQEfJp62VJt
✅ Preview: https://stacks-js-git-snyk-fix-384ae15b8a56ca999c4a1daec46b-da35a6.vercel.app

[reedrosenbluth]

closing because this dependency has since been updated