Upgrade dependency_validator

[sourcegraph-wk]

Summary

Client Platform is updating dependencies! Read more details at https://wiki.atl.workiva.net/display/CP/Dependency+Upgrades

This batch is to find and open PRs to upgrade dependency_validator to v2.

Additional manual work that might be needed (CP will do): [ ] Run dependency_validator to repos that aren't running it, but do have the dependency. [ ] Fix CI due to removing an ignore that was actually needed.

For more info, reach out to #support-client-plat on Slack.

_Created by Sourcegraph batch change Workiva/update_dep_validator._

[aviary3-wk]

Security Insights

(7) Vulnerable direct dependencies were detected

1 vulns in browserslist < 4.16.5 via yarn.lock

1 vulns in elliptic < 6.5.4 via yarn.lock

1 vulns in glob-parent < 5.1.2 via yarn.lock

1 vulns in lodash < 4.17.21 via yarn.lock

1 vulns in path-parse < 1.0.7 via yarn.lock

1 vulns in set-value < 4.0.1 via yarn.lock

1 vulns in ssri < 6.0.2 via yarn.lock

Action Items

• Review dependencies for available updates
• See this Splunk dashboard for more CVE details
• Review PR for security impact; comment "security review required" if needed or unsure

• Verify aviary.yaml coverage of security relevant code

  Questions or Comments? Reach out on Slack: #support-infosec.