[Snyk] Fix for 3 vulnerabilities

[cuba-frontend]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - packages/jmix-front-generator/package.json - packages/jmix-front-generator/package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **646/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 6.5 | Server-side Request Forgery (SSRF)
[SNYK-JS-REQUEST-3361831](https://snyk.io/vuln/SNYK-JS-REQUEST-3361831) | No | Proof of Concept  | **646/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 6.5 | Prototype Pollution
[SNYK-JS-TOUGHCOOKIE-5672873](https://snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873) | No | Proof of Concept  | **589/1000**
**Why?** Has a fix available, CVSS 7.5 | Prototype Pollution
[SNYK-JS-UNSETVALUE-2400660](https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660) | No | No Known Exploit (*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: jscodeshift

The new version differs by 48 commits.

• dbb56de 0.14.0
• 8d0bf44 Removing evcodeshift references
• cc9e3d3 Allow the j shortcut in testUtils
• 514f8c3 add childNodesOFType to JSX traversalMethods (#415)
• adef04b Removing dependency on args being in alphabetical order. (#507)
• af38d01 Merge pull request #386 from anshckr/update_example_codemods
• a045800 Merge branch 'main' into update_example_codemods
• 2a97ca5 Update README.md
• 561efa7 Merge pull request #504 from facebook/bablyon-renames
• 5f78598 Add renameTo filters for Babel 6+ node types
• bc2db1a Merge pull request #503 from facebook/ElonVolo-VSCode-Debugging-README
• 04c35d4 Adding VSCode debugging setup
• 9bc2dcd Updating generated docs and README instructions for running doc server
• 3734917 Merge pull request #499 from facebook/dependabot/npm_and_yarn/ansi-regex-3.0.1
• a602c5b Merge pull request #498 from facebook/dependabot/npm_and_yarn/acorn-6.4.2
• 38bddb7 Merge pull request #496 from facebook/dependabot/npm_and_yarn/browserslist-4.20.2
• 8a0eb94 Merge pull request #495 from facebook/dependabot/npm_and_yarn/minimist-1.2.6
• 005de15 Merge pull request #483 from facebook/dependabot/npm_and_yarn/ajv-6.12.6
• ee2abb2 Bump ajv from 6.6.1 to 6.12.6
• affe237 Bump browserslist from 4.16.4 to 4.20.2
• 65f60b6 Bump ansi-regex from 3.0.0 to 3.0.1
• 46569ba Bump acorn from 6.3.0 to 6.4.2
• be4a67a Merge pull request #497 from trivikr/bump-jest-26
• d8150c8 fix: do worker import in each test

See the full diff

Package name: yeoman-environment

The new version differs by 19 commits.

• 370fd14 3.7.0
• 8e83811 Bump mocha from 8.3.0 to 9.1.3 (#362)
• 9609b00 Bump pacote from 11.3.5 to 12.0.2 (#355)
• e7a21c2 Bump yeoman-test from 5.1.0 to 6.2.0 (#357)
• c19fbf3 Add concurrency (#359)
• c1486de Bump sinon from 9.2.4 to 12.0.1 (#353)
• 9331475 Bump are-we-there-yet from 1.1.5 to 2.0.0 (#352)
• 2184ca5 Bump fs-extra from 9.1.0 to 10.0.0 (#350)
• f00b8c3 Update only major versions. (#348)
• fa9f355 Fix dependabot. (#337)
• 7ca6a46 Bump arborist. (#335)
• 8aead6b Enable dependabot monthly for major updates. (#336)
• 8833c47 Implement conflicterStatus. (#334)
• cb46b68 Format using new standards. (#333)
• 7017557 Fix Node 16 transform behavior change. (#330)
• 06c2c9b Force write .yo-resolve files.
• 810b0bd Add ignore to conflicter action.
• a6071e1 ESM generator fix.
• cc90fd9 fix: error message when generator not found

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/cuba-frontend/project/bc83caed-b043-4b2f-9283-c911d7a8c04d?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/cuba-frontend/project/bc83caed-b043-4b2f-9283-c911d7a8c04d?utm_source=github&utm_medium=referral&page=fix-pr/settings) 📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) [//]: # (snyk:metadata:{"prId":"fd31ba95-d471-4bf3-af7d-512ea75c880b","prPublicId":"fd31ba95-d471-4bf3-af7d-512ea75c880b","dependencies":[{"name":"jscodeshift","from":"0.13.0","to":"0.14.0"},{"name":"yeoman-environment","from":"3.6.0","to":"3.7.0"}],"packageManager":"npm","projectPublicId":"bc83caed-b043-4b2f-9283-c911d7a8c04d","projectUrl":"https://app.snyk.io/org/cuba-frontend/project/bc83caed-b043-4b2f-9283-c911d7a8c04d?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-REQUEST-3361831","SNYK-JS-TOUGHCOOKIE-5672873","SNYK-JS-UNSETVALUE-2400660"],"upgrade":["SNYK-JS-REQUEST-3361831","SNYK-JS-TOUGHCOOKIE-5672873","SNYK-JS-UNSETVALUE-2400660"],"isBreakingChange":false,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[646,646,589],"remediationStrategy":"vuln"}) --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Server-side Request Forgery (SSRF)](https://learn.snyk.io/lesson/ssrf-server-side-request-forgery/?loc=fix-pr) 🦉 [Prototype Pollution](https://learn.snyk.io/lesson/prototype-pollution/?loc=fix-pr)

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}