[Snyk] Fix for 2 vulnerabilities

[karo-egnyte]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
• package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity	Reachability
	169/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00045, Social Trends: No, Days since published: 9, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.81, Score Version: V5	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	Yes	Proof of Concept	No Path Found
	212/1000 Why? Confidentiality impact: High, Integrity impact: High, Availability impact: None, Scope: Changed, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Adjacent, EPSS: 0.01055, Social Trends: No, Days since published: 0, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Critical, Package Popularity Score: 99, Impact: 9.6, Likelihood: 2.2, Score Version: V5	Authentication Bypass SNYK-JS-HAWK-6969142	Yes	Proof of Concept	No Path Found

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: grunt-browserify

The new version differs by 35 commits.

• fd0f242 Update browserify, bump version, changelog.
• c061a05 Merge pull request #413 from mdblr/mdblr/upgrade-watchify-for-nodejs-14
• 8ae8687 Upgrade watchify from 3.x to 4.x
• f20e21c Version bump.
• 30ad90d Merge pull request #401 from zkochan/master
• 6cb1429 fix(deps): update browserify to version 16
• 4e8eb1f Merge pull request #399 from ChuanyuWang/master
• 4899438 Add example to use plulgin with options
• c660306 Typo.
• 9146bea Add aknowledgement to changelog.
• 42250e6 Remove lockfile.
• 3d18513 added browserify-incremental support
• afa393c Changelog, bump version to 5.1.0
• 4718295 Housekeeping: update dependencies + dates.
• 4f96beb Merge pull request #392 from gaurav21r/patch-1
• 2233e43 Update browserify to 14.1.0 to support async / await
• 8c30159 Remove the call for maintainers.
• cda0b5f Merge pull request #379 from mrmartineau/patch-1
• e152c57 Fixes broken issue links
• b26e20f 5.0.0
• 76537ce adds 5.0 changelog
• 2e9680c Merge pull request #378 from Sjors/browserify-13
• ace5e1f Merge pull request #358 from jeron-diovis/fix_watchify_for_mac_os
• 2d41265 Merge pull request #319 from tleunen/patch-transform

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Uncontrolled resource consumption
🦉 Authentication Bypass