[Snyk] Fix for 24 vulnerabilities

[CharaD7]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/app/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Heap-based Buffer Overflow SNYK-JS-ELECTRON-1021884	Yes	Proof of Concept
	826/1000 Why? Mature exploit, Has a fix available, CVSS 8.8	Use After Free SNYK-JS-ELECTRON-1041745	Yes	Mature
	579/1000 Why? Has a fix available, CVSS 7.3	Arbitrary Code Execution SNYK-JS-ELECTRON-483056	Yes	No Known Exploit
	654/1000 Why? Has a fix available, CVSS 8.8	Use After Free SNYK-JS-ELECTRON-564272	Yes	No Known Exploit
	654/1000 Why? Has a fix available, CVSS 8.8	Heap Overflow SNYK-JS-ELECTRON-565051	Yes	No Known Exploit
	579/1000 Why? Has a fix available, CVSS 7.3	Out-of-bounds Read SNYK-JS-ELECTRON-565052	Yes	No Known Exploit
	654/1000 Why? Has a fix available, CVSS 8.8	Improper Access Control SNYK-JS-ELECTRON-565362	Yes	No Known Exploit
	654/1000 Why? Has a fix available, CVSS 8.8	Use After Free SNYK-JS-ELECTRON-565366	Yes	No Known Exploit
	654/1000 Why? Has a fix available, CVSS 8.8	Use After Free SNYK-JS-ELECTRON-565368	Yes	No Known Exploit
	654/1000 Why? Has a fix available, CVSS 8.8	Use After Free SNYK-JS-ELECTRON-565441	Yes	No Known Exploit
	499/1000 Why? Has a fix available, CVSS 5.7	Buffer Underflow SNYK-JS-ELECTRON-565488	Yes	No Known Exploit
	600/1000 Why? Has a fix available, CVSS 7.5	Use After Free SNYK-JS-ELECTRON-565490	Yes	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Use After Free SNYK-JS-ELECTRON-565494	Yes	No Known Exploit
	654/1000 Why? Has a fix available, CVSS 8.8	Use After Free SNYK-JS-ELECTRON-565571	Yes	No Known Exploit
	624/1000 Why? Has a fix available, CVSS 8.2	Use After Free SNYK-JS-ELECTRON-565705	Yes	No Known Exploit
	554/1000 Why? Has a fix available, CVSS 6.8	Use After Free SNYK-JS-ELECTRON-565709	Yes	No Known Exploit
	624/1000 Why? Has a fix available, CVSS 8.2	Site Isolation Bypass SNYK-JS-ELECTRON-565713	Yes	No Known Exploit
	654/1000 Why? Has a fix available, CVSS 8.8	Use After Free SNYK-JS-ELECTRON-570624	Yes	No Known Exploit
	761/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.8	Type Confusion SNYK-JS-ELECTRON-570833	Yes	Proof of Concept
	554/1000 Why? Has a fix available, CVSS 6.8	Arbitrary File Read SNYK-JS-ELECTRON-575393	Yes	No Known Exploit
	604/1000 Why? Has a fix available, CVSS 7.8	Privilege Escalation SNYK-JS-ELECTRON-575394	Yes	No Known Exploit
	599/1000 Why? Has a fix available, CVSS 7.7	Privilege Escalation SNYK-JS-ELECTRON-575395	Yes	No Known Exploit
	599/1000 Why? Has a fix available, CVSS 7.7	Privilege Escalation SNYK-JS-ELECTRON-575396	Yes	No Known Exploit
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-IMMER-1019369	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: immer

The new version differs by 250 commits.

• da2bd4f fix: Fixed security issue Tab icon status codesandbox/codesandbox-client#738: prototype pollution possible when applying patches CVE-2020-28477
• d75de70 chore: fix Buffer deprecation warning in test (New file, New directory buttons are missing on Android (touch screen) codesandbox/codesandbox-client#706)
• 8fbf93c docs: Add referential equality to pitfalls (snapshots failing due to style prop differences codesandbox/codesandbox-client#731)
• c21a2ef docs: Update current.md (Ligatures fl, fi within a monospace font in the code editor codesandbox/codesandbox-client#728)
• 211314c docs: add cool-store into built-with.md (Fix Select background arrows codesandbox/codesandbox-client#724)
• e8fd805 chore(tests): use UTC date string in tests to be timezone independent (With a circular dependency, TypeError: Cannot redefine property from the bundler codesandbox/codesandbox-client#705)
• fe8f589 chore(comments): update comments (console-feed@2.7.3 codesandbox/codesandbox-client#727)
• d8121d6 chore(docs): Fix typo in pitfalls.md (Misaligned Cursor In Recent Version codesandbox/codesandbox-client#729)
• 5379cdd chore(docs): Update example-reducer.md (Github synced sandbox does not recognise that I am owner codesandbox/codesandbox-client#734)
• d3908e1 chore(deps): bump dot-prop from 4.2.0 to 4.2.1 in /website (Feature request: comments-section codesandbox/codesandbox-client#735)
• 3a62869 chore(deps): bump ini from 1.3.5 to 1.3.7 in /website (Add require.context for Vue automatic global component registration codesandbox/codesandbox-client#723)
• 1a15615 chore(deps): bump ini from 1.3.5 to 1.3.7 (Responsive console styles codesandbox/codesandbox-client#722)
• 894d190 chore(deps): bump highlight.js from 9.15.10 to 9.18.5 in /website (Community templates codesandbox/codesandbox-client#709)
• 3c4e3f7 chore(deps-dev): bump semantic-release from 17.0.2 to 17.2.3 (Adding Reagent / ClojureScript project support codesandbox/codesandbox-client#704)
• 7faa7b4 docs: some refinements on freezing
• 51cc8b8 chore: back to node, everything is slow on travis
• a406c8f feature: Always freeze by default (Use document.write to write html files codesandbox/codesandbox-client#702)
• 6c62eec chore: Merge branch 'master' of github.com:immerjs/immer
• 31684f2 chore: fix some build issues (Fix Parcel HMR codesandbox/codesandbox-client#701)
• 0730231 docs: Organize performance and pitfalls, and document nested produce behavior. Fixes Monaco can crash after fork on Firefox codesandbox/codesandbox-client#694
• 754331b fix: make plugin loading idempotent, fixes require.resolve is not a function when using jest.mock codesandbox/codesandbox-client#692
• 8808065 chore: fix travis build not failing, fixes Multiple Views codesandbox/codesandbox-client#688 (?)
• 678e541 chore: Added the missing space in readme.md (Clear console on change codesandbox/codesandbox-client#698)
• b2e5493 clearer error when plugin is missing

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic