[Security] Bump moment from 2.16.0 to 2.27.0

[dependabot-preview[bot]]

Bumps moment from 2.16.0 to 2.27.0. This update includes a security fix.

Vulnerabilities fixed

Sourced from The GitHub Security Advisory Database.

Moderate severity vulnerability that affects moment The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.

Affected versions: < 2.19.3

Changelog

Sourced from moment's changelog.

2.27.0 See full changelog

• Release June 18, 2020

Added Turkmen locale, other locale improvements, slight TypeScript fixes

2.26.0 See full changelog

• Release May 19, 2020

TypeScript fixes and many locale improvements

2.25.3

• Release May 4, 2020

Remove package.json module property. It looks like webpack behaves differently for modules loaded via module vs jsnext:main.

2.25.2

• Release May 4, 2020

This release includes ES Module bundled moment, separate from it's source code under dist/ folder. This might alleviate issues with finding the `./locale subfolder for loading locales. This might also mean now webpack will bundle all locales automatically, unless told otherwise.

2.25.1

• Release May 1, 2020

This is a quick patch release to address some of the issues raised after releasing 2.25.0.

• 2e268635 [misc] Revert #5269 due to webpack warning
• 226799e1 [locale] fil: Fix metadata comment
• a83a521 [bugfix] Fix typeoff usages
• e324334 [pkg] Add ts3.1-typings in npm package
• 28cc23e [misc] Remove deleted generated locale en-SG

2.25.0 See full changelog

• Release May 1, 2020

• #4611 022dc038 [feature] Support for strict string parsing, fixes #2469

• #4599 4b615b9d [feature] Add support for eras in en and jp

• #4296 757d4ff8 [feature] Accept custom relative thresholds in duration.humanize

• 18 bigfixes

... (truncated)

Commits

• 3e1a95b Build 2.27.0
• ec5b5fe Bump version to 2.27.0
• 83b8b38 Update changelog for 2.27.0
• 525c58c [pkg] Get browser tests working again
• b59c241 [pkg] update package-lock (#5604)
• 194e64d [locale] it: Improve future relative time (#4617)
• 5e993f3 [locale] fi: fix ss not returning the number of seconds (#5595)
• e1a969c [locale] gu: Improve past relativeTime (#4697)
• 528ac2b [misc] Update CONTRIBUTING.md (#5579)
• e3c6790 [bugfix] update moment.d.ts for calendar (#5566)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by marwahaha, a new releaser for moment since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)