[Snyk] Fix for 3 vulnerabilities

[eriadam]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - src/package.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **586/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-GLOBPARENT-1016905](https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905) | Yes | Proof of Concept  | **661/1000**
**Why?** Recently disclosed, Has a fix available, CVSS 7.5 | Missing Release of Resource after Effective Lifetime
[SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | Yes | No Known Exploit  | **589/1000**
**Why?** Has a fix available, CVSS 7.5 | Prototype Pollution
[SNYK-JS-UNSETVALUE-2400660](https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660) | Yes | No Known Exploit (*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: eslint

The new version differs by 134 commits.

• a7985a6 6.0.0
• be74dd9 Build: changelog update for 6.0.0
• 81aa06b Upgrade: espree@6.0.0 (#11869)
• 5f022bc Fix: no-else-return autofix produces name collisions (fixes #11069) (#11867)
• ded9548 Fix: multiline-comment-style incorrect message (#11864)
• cad074d Docs: Add JSHint W047 compat to no-floating-decimal (#11861)
• 41f6304 Upgrade: sinon (#11855)
• 167ce87 Chore: remove unuseable profile command (#11854)
• c844c6f Fix: max-len properly ignore trailing comments (fixes #11838) (#11841)
• 1b5661a Fix: no-var should not fix variables named 'let' (fixes #11830) (#11832)
• 4d75956 Build: CI with Azure Pipelines (#11845)
• 1db3462 Chore: rm superfluous argument & fix perf-multifiles-targets (#11834)
• c57a4a4 Upgrade: @ babel/polyfill => core-js v3 (#11833)
• 65faa04 Docs: Clarify prefer-destructuring array/object difference (fixes #9970) (#11851)
• 81c3823 Fix: require-atomic-updates reports parameters (fixes #11723) (#11774)
• aef8ea1 Sponsors: Sync README with website
• 4f48f5a 6.0.0-rc.0
• 6bad650 Build: changelog update for 6.0.0-rc.0
• f403b07 Update: introduce minKeys option to sort-keys rule (fixes #11624) (#11625)
• 87451f4 Fix: no-octal should report NonOctalDecimalIntegerLiteral (fixes #11794) (#11805)
• e4ab053 Update: support "bigint" in valid-typeof rule (#11802)
• e0fafc8 Chore: removes unnecessary assignment in loop (#11780)
• 20908a3 Docs: removed '>' prefix from from docs/working-with-rules (#11818)
• 1c43eef Sponsors: Sync README with website

See the full diff

Package name: webpack

The new version differs by 250 commits.

• f2f998b 5.1.1
• bcd6190 Merge pull request #11704 from webpack/bugfix/delete-asset
• 11935a9 Merge pull request #11703 from webpack/bugfix/11678
• 63ba54c update chunk to files mapping when deleting assets
• 4669600 Merge pull request #11690 from webpack/bugfix/11673
• 234373e Merge pull request #11702 from webpack/deps/terser
• b6bc273 fix infinite loop in inner graph optimization
• 50c3a83 fix unused modules in chunk when optimizing runtime-specific
• 5d9d9b9 fix runtime-specific handling in concatenated modules
• 250e37c add test case
• 7925652 upgrade terser-webpack-plugin
• 27796db Merge pull request #11669 from webpack/dependabot/npm_and_yarn/ts-loader-8.0.5
• bd5aab8 Merge pull request #11692 from webpack/dependabot/npm_and_yarn/babel/core-7.12.0
• 886bbd5 Merge pull request #11693 from webpack/dependabot/npm_and_yarn/react-dom-16.14.0
• 3a14b3d Merge pull request #11694 from webpack/dependabot/npm_and_yarn/react-16.14.0
• ddf9936 chore(deps-dev): bump react from 16.13.1 to 16.14.0
• dc6e69a chore(deps-dev): bump react-dom from 16.13.1 to 16.14.0
• 8f18de9 chore(deps-dev): bump @ babel/core from 7.11.6 to 7.12.0
• c0410e8 Merge pull request #11686 from webpack/bugfix/11677
• 4504046 order runtime chunks correctly when they depend on each other
• 74a44cd add comment to help tagging for the bot
• e97efb7 chore(deps-dev): bump ts-loader from 8.0.4 to 8.0.5
• 77329b4 5.1.0
• 48c10f3 Merge pull request #11653 from log2-hwan/fix-moduletemplate-deprecation

See the full diff

Package name: webpack-cli

The new version differs by 250 commits.

• fb50f76 chore(release): publish new version
• 2c75aeb chore: new version of the packages
• 0d05c30 chore(release): publish %s
• 3f9e151 chore: fix lerna config
• 2c1e34c tests(generator): enhance init generator tests (#1236)
• 6ee61b9 Fix loader-generator and plugin-generator tests (#1250)
• 52956a2 Fixing the typos and grammatical errors in Readme files (#1246)
• 7faaed2 chore: update Bug_report & Feature_request Templates (#1256)
• 7a5b33d feat(webpack-cli): added mode argument (#1253)
• 3715756 tests(webpack-cli): add test case for defaults flag (#1254)
• a7cba2f chore: project maintanance and typescript fix (#1247)
• 7748472 chore: ignore package-lock.json and remove its references (#1252)
• a014aa7 docs: fix supported arguments & commands link in README (#1244)
• 06129a1 feat(webpack-cli): add progress bar for progress flag (#1238)
• 6cc6a49 chore: post refactor CLI (#1237)
• 358651e chore: move cli under lerna package (#1225)
• 2dc495a fix(init): fix webpack config scaffold (#1231)
• 1ab62d2 tests(generator): add tests for plugin generator (#1235)
• d2dd0c1 tests(sourcemap): fix flaky stats statement (#1232)
• f6dc680 tests(loader-generator): add tests for loader generator (#1234)
• 35d1381 tests(generator): enable init generator test (#1233)
• 66cdcb6 chore(generator): remove transpiled tests (#1229)
• f29a170 fix(init): fix the invalid package name (#1228)
• 8c3a66d chore(cli): updated changelog of v3 (#1224)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/bimspot/project/c7ff4c52-3e19-47ee-b287-1cd739433a8f?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/bimspot/project/c7ff4c52-3e19-47ee-b287-1cd739433a8f?utm_source=github&utm_medium=referral&page=fix-pr/settings) 📚 [Read more about Snyk's upgrade and patch logic](https://support.snyk.io/hc/en-us/articles/360003891078-Snyk-patches-to-fix-vulnerabilities) [//]: # (snyk:metadata:{"prId":"c9018fd6-e649-4a83-9250-3fa42f181bd7","prPublicId":"c9018fd6-e649-4a83-9250-3fa42f181bd7","dependencies":[{"name":"eslint","from":"5.16.0","to":"6.0.0"},{"name":"webpack","from":"4.47.0","to":"5.1.1"},{"name":"webpack-cli","from":"3.3.12","to":"4.0.0"}],"packageManager":"npm","projectPublicId":"c7ff4c52-3e19-47ee-b287-1cd739433a8f","projectUrl":"https://app.snyk.io/org/bimspot/project/c7ff4c52-3e19-47ee-b287-1cd739433a8f?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-JS-GLOBPARENT-1016905","SNYK-JS-INFLIGHT-6095116","SNYK-JS-UNSETVALUE-2400660"],"upgrade":["SNYK-JS-GLOBPARENT-1016905","SNYK-JS-INFLIGHT-6095116","SNYK-JS-UNSETVALUE-2400660"],"isBreakingChange":true,"env":"prod","prType":"fix","templateVariants":["priorityScore"],"priorityScoreList":[586,661,589],"remediationStrategy":"vuln"}) --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Regular Expression Denial of Service (ReDoS)](https://learn.snyk.io/lesson/redos/?loc=fix-pr) 🦉 [Prototype Pollution](https://learn.snyk.io/lesson/prototype-pollution/?loc=fix-pr)