[Snyk] Security upgrade immer from 3.3.0 to 8.0.1

[CompuIves]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/common/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-IMMER-1019369	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: immer

The new version differs by 250 commits.

• da2bd4f fix: Fixed security issue Tab icon status #738: prototype pollution possible when applying patches CVE-2020-28477
• d75de70 chore: fix Buffer deprecation warning in test (New file, New directory buttons are missing on Android (touch screen) #706)
• 8fbf93c docs: Add referential equality to pitfalls (snapshots failing due to style prop differences #731)
• c21a2ef docs: Update current.md (Ligatures fl, fi within a monospace font in the code editor #728)
• 211314c docs: add cool-store into built-with.md (Fix Select background arrows #724)
• e8fd805 chore(tests): use UTC date string in tests to be timezone independent (With a circular dependency, TypeError: Cannot redefine property from the bundler #705)
• fe8f589 chore(comments): update comments (console-feed@2.7.3 #727)
• d8121d6 chore(docs): Fix typo in pitfalls.md (Misaligned Cursor In Recent Version #729)
• 5379cdd chore(docs): Update example-reducer.md (Github synced sandbox does not recognise that I am owner #734)
• d3908e1 chore(deps): bump dot-prop from 4.2.0 to 4.2.1 in /website (Feature request: comments-section #735)
• 3a62869 chore(deps): bump ini from 1.3.5 to 1.3.7 in /website (Add require.context for Vue automatic global component registration #723)
• 1a15615 chore(deps): bump ini from 1.3.5 to 1.3.7 (Responsive console styles #722)
• 894d190 chore(deps): bump highlight.js from 9.15.10 to 9.18.5 in /website (Community templates #709)
• 3c4e3f7 chore(deps-dev): bump semantic-release from 17.0.2 to 17.2.3 (Adding Reagent / ClojureScript project support #704)
• 7faa7b4 docs: some refinements on freezing
• 51cc8b8 chore: back to node, everything is slow on travis
• a406c8f feature: Always freeze by default (Use document.write to write html files #702)
• 6c62eec chore: Merge branch 'master' of github.com:immerjs/immer
• 31684f2 chore: fix some build issues (Fix Parcel HMR #701)
• 0730231 docs: Organize performance and pitfalls, and document nested produce behavior. Fixes Monaco can crash after fork on Firefox #694
• 754331b fix: make plugin loading idempotent, fixes require.resolve is not a function when using jest.mock #692
• 8808065 chore: fix travis build not failing, fixes Multiple Views #688 (?)
• 678e541 chore: Added the missing space in readme.md (Clear console on change #698)
• b2e5493 clearer error when plugin is missing

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[codesandbox-ci]

This pull request is automatically built and testable in CodeSandbox.

To see build info of the built libraries, click here or the icon next to each commit SHA.

Latest deployment of this branch, based on commit 7ea258a:

Sandbox	Source
Notifications Test	Configuration
react typescript react-easy-state	Issue #692

[lbogdan]

Build for latest commit 7ea258a is at https://pr5382.build.csb.dev/s/new.