[Snyk] Fix for 3 vulnerabilities

[rkit]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	539/1000 Why? Has a fix available, CVSS 6.5	Information Exposure SNYK-JS-NODEFETCH-2342118	No	No Known Exploit
	520/1000 Why? Has a fix available, CVSS 5.9	Denial of Service SNYK-JS-NODEFETCH-674311	No	No Known Exploit
	519/1000 Why? Has a fix available, CVSS 6.1	Cross-site Scripting (XSS) SNYK-JS-SELECT2-456562	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: prop-types

The new version differs by 23 commits.

• fa6fbb7 15.6.2
• 5115f5c Merge pull request #180 from jaller94/master
• 2ac742c Merge pull request #171 from barrymichaeldoyle/master
• a7a5a64 Merge pull request #194 from facebook/no-fbjs
• d6c9c5c Preserve "Invariant Violation" name
• 07d1b47 Remove fbjs dependency
• 3c99d57 Remove trailing spaces
• a36cda8 Move explanation of `isRequired` and show it in `PropTypes.shape`
• ba3da12 Show that shapes can have required properties
• 2bde8eb Add example for `PropTypes.exact`
• d65f80e Updated vars to consts and lets in PropTypesProductionStandalone-test.js
• c10c93f Updated vars to consts and lets in PropTypesDevelopmentStandalone-test.js
• 8e2b34e Updated vars to consts and lets in PropTypesDevelopmentReact15.js
• c5527c8 Updated vars with consts and lets in PropTypesProductionReact15-test.js
• 7cc8c81 Add 15.6.1 to CHANGELOG
• 5df7296 15.6.1
• b7d03ce Point readme to correct docs for production builds (#153)
• a94243f Update the repository location (#148)
• 77c62a7 Fix failing tests (#129)
• 644844c Merge pull request #140 from flarnie/master
• 0b5db12 Add `CODE_OF_CONDUCT`
• a6900f0 Add CONTRIBUTING.md
• 492e230 Update README.md with improved importing for CDNs ([Snyk] Security upgrade prop-types from 15.6.0 to 15.6.2 #104)

See the full diff

Package name: select2

The new version differs by 122 commits.

• a389a6d Merge pull request #5578 from select2/develop
• eeefa1e Merge pull request #5577 from select2/release/4.0.8
• 5005c56 Update changelog for 4.0.8
• 8b55e47 Recompile dist for 4.0.8
• 6fbe132 Bump versions for 4.0.8 release
• bbd320d Convert source and tests to unix newlines
• 1b5a962 Revert change to focusing behaviour in 4.0.6 (#5576)
• d926025 Fix infinite scroll when the scrollbar is not visible (#5575)
• 8a5aeab Remove deprecated jQuery shorthand (#5564)
• 9c4f0c8 Fix typos (#5574)
• bd7ac9d Results respect disabled state of `<option>` (#5560)
• b5f136f Add `computedstyle` option for calculating the width (#5559)
• f9decd6 Fix tag creation being broken in 4.0.7 (#5558)
• 9491e1a Test against jQuery 3.4.1 (#5531)
• d66e55d removed select2-selection__placeholder from _multiple.scss (#5508)
• 5d2fdd7 Update grunt-contrib-qunit to latest version (#5530)
• 70ca392 Update dev dependencies (#5529)
• 36b226d Improve French Translation (#5521)
• d53958a Clean up docs (#5528)
• 0a612f9 Automatically deploy to NPM (#5527)
• 04fce55 Merge pull request #5507 from select2/develop
• f8193c6 Merge pull request #5506 from select2/release/4.0.7
• 5285eef Recompile dist for 4.0.7
• 20ffd12 Bump versions for 4.0.7 release

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)
🦉 Denial of Service