[Snyk] Security upgrade bl from 4.0.0 to 4.0.3

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7	Remote Memory Exposure SNYK-JS-BL-608877	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: bl

The new version differs by 11 commits.

• f659836 Bumped v4.0.3
• 7a4ae7f Node v14
• d3e240e Fix unintialized memory access
• 1c590ad add license MIT tag to package.json (#83)
• 5059a24 4.0.2
• 9b46588 fix: dont rely in node globals
• 90a713b Bumped v4.0.1
• 72d1624 Merge pull request #80 from annitya/patch-1
• eb9653c Remove false-positive apache-exploit.
• c2b0070 doc: fix travis link
• a657d40 Update examples to explicitly use BufferListStream. (#78)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.