[Snyk] Security upgrade @feathersjs/authentication from 2.1.16 to 4.3.0

[chasenlehara]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

 #### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - package.json - package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **526/1000**
**Why?** Recently disclosed, Has a fix available, CVSS 4.8 | Session Fixation
[SNYK-JS-PASSPORT-2840631](https://snyk.io/vuln/SNYK-JS-PASSPORT-2840631) | Yes | No Known Exploit (*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @feathersjs/authentication

The new version differs by 113 commits.

• 907510a v4.3.0
• 13a8758 fix: Only remove token on NotAuthenticated error in authentication client and handle error better (#1525)
• 6d723e8 Update version and changelog
• c3cde20 v4.3.0-pre.4
• 71a7476 feat: Allow establishing an authenticated Socket connection via handshake headers (#1519)
• 08bad61 fix: Fix auth publisher mistake
• c5e3325 Update version and changelog
• 9f4498e v4.3.0-pre.3
• 7d53a00 fix: Update all dependencies
• fa328fd chore: Update Readmes for v4 (#1497)
• 2707c33 fix: Expire and remove authenticated real-time connections (#1512)
• 4329feb feat: Let strategies handle the connection (#1510)
• 64807e3 fix: Use WeakMap to connect socket to connection (#1509)
• 39cc8e0 Updating all and add missing dependency (#1494)
• 96dd4d1 Update version and changelog
• 4d350e5 v4.3.0-pre.2
• 9a3b324 fix: Add getEntityId to JWT strategy and fix legacy Socket authentication (#1488)
• 66aedfa chore: Force install libgconf which stopped working in Travis (#1489)
• 54a3aa7 fix: Improve Params typing (#1474)
• e542cb3 fix: Add method to reliably get default authentication service (#1470)
• 8211b98 fix: Do not error in authentication client on logout (#1473)
• e935df9 chore: Update Travis Node versions (#1476)
• 43ec802 fix: @ feathersjs/adapter-commons: `update` id is non-nullable (#1468)
• 169b230 Update version and changelog

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/chasenlehara/project/cc7408d4-89bd-4d22-a48e-38923d9f711b?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/chasenlehara/project/cc7408d4-89bd-4d22-a48e-38923d9f711b?utm_source=github&utm_medium=referral&page=fix-pr/settings) 📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) [//]: # (snyk:metadata:{"prId":"aa630830-6df0-4660-8720-465649966fce","prPublicId":"aa630830-6df0-4660-8720-465649966fce","dependencies":[{"name":"@feathersjs/authentication","from":"2.1.16","to":"4.3.0"}],"packageManager":"npm","projectPublicId":"cc7408d4-89bd-4d22-a48e-38923d9f711b","projectUrl":"https://app.snyk.io/org/chasenlehara/project/cc7408d4-89bd-4d22-a48e-38923d9f711b?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-PASSPORT-2840631"],"upgrade":["SNYK-JS-PASSPORT-2840631"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["updated-fix-title","priorityScore","merge-advice-badge-shown"],"priorityScoreList":[526]}) --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Learn about vulnerability in an interactive lesson of Snyk Learn.](https://learn.snyk.io?loc=fix-pr)