Update adm-zip to secure version

[groovecoder]

Downstream projects from this one are receiving security vulnerability notifications from GitHub: Known high severity security vulnerability detected in adm-zip < 0.4.11 defined

It looks like this project already has "adm-zip": "~0.4.x" in the package.json so a fresh npm install and release to npm should fix this?

[saadtazi]

Hi, I think the amd-zip version is fine in package.json: npm auditdoesn't report any security issue with this package. You probably just need to do a fresh npm install on your end.

That been said, I released a new version v1.2.0 that fixes some of the security issues. The only ones left are related to devDependencies packages, mostly grunt-mocha-cov which is no longer maintained... I just need to find time to change the task runner...

[groovecoder]

That may be true. I filed https://github.com/mozilla/web-ext/issues/1358 in an upstream dependency I'm using.

package-lock.json released in v1.2.0 looks like 0.4.11.