Minor security and code fixes

[Kartikey-Mishra1]

Type of change

• Security fixes
• Minor code change

Description

What does this PR do?

• On running yarn audit there are currently 116 vulnerabilities, this PR mostly tries to remediate some of the critical and high vulnerabilities by:
  • Upgrading axios to 0.21.4 to avoid the ReDoS attack (High Vulnerability) - https://security.snyk.io/vuln/SNYK-JS-AXIOS-1579269
  • Upgrading and pinning minimist to 1.2.6 to avoid Prototype pollution (yarn audit seems to think it's a critical vulnerability while synk says it's a low severity vulnerability ) - https://snyk.io/test/npm/minimist/1.2.5
  • Upgrading and pinning cross-fetch to 3.1.5 to upgrade node-fetch to 2.6.7 to avoid DoS(Denial of Service) and Information exposure (High vulnerability) - https://snyk.io/vuln/npm:node-fetch
  • Upgrading and pinning jsprim to 1.4.2 to upgrade json-schema to 0.4.0 to avoid Prototype pollution (Critical vulnerability) - https://snyk.io/vuln/npm:json-schema
• Bind the updateHistoryState() method in history.js

Signed-off-by: Kartikey Mishra [email protected]

[Kartikey-Mishra1]

Hi , this is the first pull request I have made to this repo , I am not familiar with the process , can one of the admin please take a look at this PR and help me out here , thanks in advance

[shreyashankar]

Thank you for making this! Will take a look today or tomorrow :)

[Kartikey-Mishra1]

Hi,sorry to ping again just wanted to know if you had a chance to look at this PR and if there's something further you would like me to do here

[shreyashankar]

Thanks for this---got caught up in a paper deadline; will merge shortly :)

[shreyashankar]

Looks like tests are failing, I'll take a look when I next get on the computer

[Kartikey-Mishra1]

Sure thanks a lot for taking your time out for this and helping me out here . Feel free to request any changes or anything else you would like me to do in the PR