[Snyk] Security upgrade simple-oauth2 from 2.2.1 to 4.0.0

[dexterinbk]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: simple-oauth2

The new version differs by 191 commits.

• 2176d07 Merge branch 'release/4.0.0'
• 8743d11 [4.0.0] Release library v4
• 4d6924b [develop] Merge changes with master
• 64cefc3 Merge pull request #321 from lelylan/feature/rename-resource-owner-password-grant
• 3428ef8 [rename-resource-owner-password-grant] Rename resource owner password grant public API
• e48c90f Merge pull request #320 from lelylan/feature/documentation-improvements
• 2f5c6a9 [documentation-improvements] Add api references links to access token usage documentation
• e6188e5 [documentation-improvements] Fix grammar issues on authorization code grant type API reference
• e2fd63f [documentation-improvements] Add complete documentation for all available grant types. Always link API reference to usage documentation
• 4946eed Merge pull request #319 from lelylan/feature/support-node-14
• e38c97e [support-node-14] Add Node 14 to test matrix. Updates to dependencies
• 87a1d3a Merge pull request #318 from lelylan/feature/new-module-api
• e66b571 [new-module-api] Remove unnecessary http mock for empty tokens
• db5d82b [new-module-api] Complete implementation for new public API
• 128ba7e Merge branch 'develop' into feature/new-module-api
• 12936d8 Merge pull request #314 from simono/patch-1
• 183142f Merge pull request #317 from petermorlion/feature/docs-correction-boom
• 74371a7 Update docs to show correct boom error output
• 7d7f3a2 Add hint about refreshing client-credential tokens
• 9bf0b52 Merge pull request #313 from lelylan/feature/update-test-matrix
• 667f61f [update-test-matrix] Update test matrix by removing unsupported node.js runtime versions
• 2f2708f Merge branch 'release/3.4.0'
• a453fe5 [3.4.0] Release library version 3.4.0
• db602ea [new-module-api] Initial refactor to use a factory per grant type

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)