Bump async from 2.6.3 to 3.2.2

[dependabot[bot]]

Bumps async from 2.6.3 to 3.2.2.

Changelog

Sourced from async's changelog.

v3.2.2

• Fix potential prototype pollution exploit

v3.2.1

• Use queueMicrotask if available to the environment (#1761)
• Minor perf improvement in priorityQueue (#1727)
• More examples in documentation (#1726)
• Various doc fixes (#1708, #1712, #1717, #1740, #1739, #1749, #1756)
• Improved test coverage (#1754)

v3.2.0

• Fix a bug in Safari related to overwriting func.name
• Remove built-in browserify configuration (#1653)
• Varios doc fixes (#1688, #1703, #1704)

v3.1.1

• Allow redefining name property on wrapped functions.

v3.1.0

• Added q.pushAsync and q.unshiftAsync, analagous to q.push and q.unshift, except they always do not accept a callback, and reject if processing the task errors. (#1659)
• Promises returned from q.push and q.unshift when a callback is not passed now resolve even if an error ocurred. (#1659)
• Fixed a parsing bug in autoInject with complicated function bodies (#1663)
• Added ES6+ configuration for Browserify bundlers (#1653)
• Various doc fixes (#1664, #1658, #1665, #1652)

v3.0.1

Bug fixes

• Fixed a regression where arrays passed to queue and cargo would be completely flattened. (#1645)
• Clarified Async's browser support (#1643)

v3.0.0

The async/await release!

There are a lot of new features and subtle breaking changes in this major version, but the biggest feature is that most Async methods return a Promise if you omit the callback, meaning you can await them from within an async function.

const results = await async.mapLimit(urls, 5, async url => {
    const resp = await fetch(url)
    return resp.body
})

Breaking Changes

• Most Async methods return a Promise when the final callback is omitted, making them await-able! (#1572)
• We are now making heavy use of ES2015 features, this means we have dropped out-of-the-box support for Node 4 and earlier, and many old versions of browsers. (#1541, #1553)
• In queue, priorityQueue, cargo and cargoQueue, the "event"-style methods, like q.drain and q.saturated are now methods that register a callback, rather than properties you assign a callback to. They are now of the form q.drain(callback). If you do not pass a callback a Promise will be returned for the next occurrence of the event, making them await-able, e.g. await q.drain(). (#1586, #1641)

... (truncated)

Commits

• acc084e Version 3.2.2
• acd7316 Update built files
• b50d648 update changelog for 3.2.2
• e1ecdbf Fix prototype pollution vulnerability
• fc9ba65 Fix(docs): use plural callbacks word in lib/map.js (#1765)
• b1b69b0 regen docs
• cac52e3 update changelog
• d1af045 Version 3.2.1
• b31840e Update built files
• 159a119 Enhance examples for Collections methods. (#1726)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/programsam/binkjs/network/alerts).

[dependabot[bot]]

Looks like async is up-to-date now, so this is no longer needed.