Dependabot alerts

[lloydchang]

From https://github.com/lloydchang/freeCodeCamp-classroom/security/dependabot

Dependabot alerts surface known security vulnerabilities in some dependency manifest files. Dependabot security updates automatically keep your application up-to-date by updating dependencies in response to these alerts. Dependabot version updates can also help keep dependencies updated.

Non-Dev Package: Prototype Pollution in JSON5 via Parse Method High • #1 opened last week • Detected in json5 (npm) • package-lock.json

Dev Package: Prototype Pollution in JSON5 via Parse Method High Development • #2 opened last week • Detected in json5 (npm) • package-lock.json

Dev Package: word-wrap vulnerable to Regular Expression Denial of Service Moderate Development • #7 opened last week • Detected in word-wrap (npm) • package-lock.json

Dev Package: tough-cookie Prototype Pollution vulnerability Moderate Development • #3 opened last week • Detected in tough-cookie (npm) • package-lock.json