Chore: Update jquery version to address security risk

Changelog.md

@@ -1,5 +1,15 @@
 # Changelog
 
+## `0.3.2`
+
+ - Chore: Update dependency to resolve security issue
+
+GitHub released a security advisory for versions of jQuery less than 3.5.0.
+This update makes the plugin explicitly depend on 3.5.0, which includes a fix
+for that advisory.
+
+cf. https://github.com/advisories/GHSA-gxr4-xjj5-5px2
+
 ## `0.3.1`
 
 0.3.0 was incorrectly released due to an automation failure, this release fixes

package.json

@@ -1,6 +1,6 @@
 {
   "name": "jupyterlab-spreadsheet",
-  "version": "0.3.1",
+  "version": "0.3.2",
   "description": "Adds a spreadsheet viewer to JupyterLab",
   "main": "lib/index.js",
   "jupyterlab": {
@@ -31,7 +31,7 @@
     "@lumino/disposable": "^1.3.5",
     "@lumino/widgets": "^1.11.1",
     "expose-loader": "^0.7.5",
-    "jquery": "^3.3.1",
+    "jquery": "^3.5.0",
     "jquery-ui": "^1.12.1",
     "slickgrid": "^2.3.21",
     "xlsx": "^0.15.5"

yarn.lock

@@ -1266,10 +1266,10 @@ jquery-ui@>=1.8.0, jquery-ui@^1.12.1:
   resolved "https://registry.yarnpkg.com/jquery-ui/-/jquery-ui-1.12.1.tgz#bcb4045c8dd0539c134bc1488cdd3e768a7a9e51"
   integrity sha1-vLQEXI3QU5wTS8FIjN0+dop6nlE=
 
-jquery@>=1.8.0, jquery@^3.3.1:
-  version "3.4.1"
-  resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.4.1.tgz#714f1f8d9dde4bdfa55764ba37ef214630d80ef2"
-  integrity sha512-36+AdBzCL+y6qjw5Tx7HgzeGCzC81MDDgaUP8ld2zhx58HdqXGoBd+tHdrBMiyjGQs0Hxs/MLZTu/eHNJJuWPw==
+jquery@>=1.8.0, jquery@^3.5.0:
+  version "3.5.0"
+  resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.5.0.tgz#9980b97d9e4194611c36530e7dc46a58d7340fc9"
+  integrity sha512-Xb7SVYMvygPxbFMpTFQiHh1J7HClEaThguL15N/Gg37Lri/qKyhRGZYzHRyLH8Stq3Aow0LsHO2O2ci86fCrNQ==
 
 "js-tokens@^3.0.0 || ^4.0.0", js-tokens@^4.0.0:
   version "4.0.0"