[Snyk] Fix for 5 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	494/1000 Why? Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-JQUERY-174006	Yes	No Known Exploit
	540/1000 Why? Has a fix available, CVSS 6.3	Cross-site Scripting (XSS) SNYK-JS-JQUERY-565129	Yes	No Known Exploit
	550/1000 Why? Has a fix available, CVSS 6.5	Cross-site Scripting (XSS) SNYK-JS-JQUERY-567880	Yes	No Known Exploit
	519/1000 Why? Has a fix available, CVSS 6.1	Cross-site Scripting (XSS) SNYK-JS-SELECT2-456562	Yes	No Known Exploit
	484/1000 Why? Has a fix available, CVSS 5.4	Cross-site Scripting (XSS) npm:jquery:20150627	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: select2

The new version differs by 250 commits.

• a389a6d Merge pull request Integrity check false alert on fresh installation nextcloud/server#5578 from select2/develop
• eeefa1e Merge pull request Cannot delete User which is deleted in LDAP nextcloud/server#5577 from select2/release/4.0.8
• 5005c56 Update changelog for 4.0.8
• 8b55e47 Recompile dist for 4.0.8
• 6fbe132 Bump versions for 4.0.8 release
• bbd320d Convert source and tests to unix newlines
• 1b5a962 Revert change to focusing behaviour in 4.0.6 (URL rewrite to lose index.php with Apache & fastcgi ? nextcloud/server#5576)
• d926025 Fix infinite scroll when the scrollbar is not visible (allow to disable upload to lookup server, by default it is enabled nextcloud/server#5575)
• 8a5aeab Remove deprecated jQuery shorthand (No login image and logo on NC accessed using web nextcloud/server#5564)
• 9c4f0c8 Fix typos (It takes forever to upload in web UI nextcloud/server#5574)
• bd7ac9d Results respect disabled state of `<option>` (Sharing password input for visitors is wrongly styled nextcloud/server#5560)
• b5f136f Add `computedstyle` option for calculating the width (Overview of all shared files nextcloud/server#5559)
• f9decd6 Fix tag creation being broken in 4.0.7 (After deleting an (image) file, the preview files remain forever nextcloud/server#5558)
• 9491e1a Test against jQuery 3.4.1 (Upgrade fails from NC11-12 nextcloud/server#5531)
• d66e55d removed select2-selection__placeholder from _multiple.scss (Don't create activities for email and password change before login nextcloud/server#5508)
• 5d2fdd7 Update grunt-contrib-qunit to latest version (/dev/urandom warning seems unnecessary  nextcloud/server#5530)
• 70ca392 Update dev dependencies (Optimize performance / Load CSS and JS in parallel on firefox nextcloud/server#5529)
• 36b226d Improve French Translation ([stable12] Don't create activities for email and password change before login nextcloud/server#5521)
• d53958a Clean up docs (Plural missing on CalDAV Activity when creating multiple Calendar events nextcloud/server#5528)
• 0a612f9 Automatically deploy to NPM (Reverse Proxy, PHP cache, custom logo, CSS bug (does http instead of https) nextcloud/server#5527)
• 04fce55 Merge pull request [stable12] Use realpath to obtain the webroot nextcloud/server#5507 from select2/develop
• f8193c6 Merge pull request Use realpath to obtain the webroot nextcloud/server#5506 from select2/release/4.0.7
• 5285eef Recompile dist for 4.0.7
• 20ffd12 Bump versions for 4.0.7 release

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic