[Snyk] Security upgrade json-bigint from 0.3.0 to 1.0.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • superset-frontend/package.json
  • superset-frontend/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-JSONBIGINT-608659	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: json-bigint

The new version differs by 21 commits.

• 390482a 1.0.0
• f2d8f83 typo
• 6ee392e Merge pull request build(deps): bump regenerator-runtime from 0.13.5 to 0.13.7 in /superset-frontend #37 from sidorares/fix/prototype
• c85a430 MAJOR: Add protoAction and constructorAction options
• 4c2dbf4 build: add node 14
• b348ea3 fix assertion after chai upgrade
• 725777c add files section and bump deps
• ebd1d91 add prettier config
• 6c659f5 Merge pull request build(deps): bump d3-scale from 2.1.2 to 3.2.3 in /superset-frontend #36 from babyadoresorange/master
• 1556563 update README
• e2bf2b5 update README, add Limitations section
• 2446ea9 change options name
• fccddfd improve speed and memory usage, from Henry/so 809 valueerror signal #28
• b2637f9 use native BigInt as option, add always option
• a544c58 Merge pull request fix: Explore popovers issues (#11428) #35 from aeternity/update-bignumber
• a38ea16 Update bignumber.js to 9.0.0
• e2b3fdc Merge pull request [Snyk] Security upgrade react-jsonschema-form from 1.2.0 to 1.3.0 #31 from davidyuk/master
• 99d7882 Merge pull request fix: henry/removing unused workflow #33 from Keita-N/fix-readme
• 995f593 build: drop node 0.10 and add 10, 12 and 13
• e843c31 Example's output is wrong
• 64b099a Update bignumber.js

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[codecov-commenter]

Codecov Report

Merging #30 into master will decrease coverage by 0.06%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master      #30      +/-   ##
==========================================
- Coverage   64.48%   64.42%   -0.07%     
==========================================
  Files         786      786              
  Lines       36924    36924              
  Branches     3514     3514              
==========================================
- Hits        23811    23788      -23     
- Misses      13007    13027      +20     
- Partials      106      109       +3     

Flag	Coverage Δ
#cypress	54.89% <ø> (-0.20%)	⬇️
#javascript	60.82% <ø> (ø)
#python	59.82% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
superset-frontend/src/reduxUtils.ts	70.88% <0.00%> (-8.87%)	⬇️
superset-frontend/src/SqlLab/actions/sqlLab.js	62.60% <0.00%> (-3.21%)	⬇️
superset-frontend/src/SqlLab/reducers/sqlLab.js	39.41% <0.00%> (-1.66%)	⬇️
...rontend/src/SqlLab/components/QueryAutoRefresh.jsx	72.72% <0.00%> (+6.81%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 8581bda...951f436. Read the comment docs.