[Snyk] Security upgrade pkg from 4.3.4 to 5.0.0

[MaxMood96]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • deps/v8/tools/clusterfuzz/js_fuzzer/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	584/1000 Why? Has a fix available, CVSS 7.4	Regular Expression Denial of Service (ReDoS) SNYK-JS-HAWK-2808852	No	No Known Exploit
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	Yes	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: pkg

The new version differs by 142 commits.

• ee8808a 5.0.0
• 08b26a4 Bump to vercel/pkg-fetch@v3.0.3 (deps: upgrade npm to 2.7.1 nodejs/node#1142)
• 211da6e Bump to vercel/pkg-fetch@v3.0.2
• 779adf8 Fix isPublic check for licenses array (Revert stream base nodejs/node#1140)
• 63f4ce0 test: add "node14" to fetch-all
• 6ecd52a Drop references to Node < 8
• 247d1d5 Fix "pkg-fetch" types
• bba8148 Don't mix objects of different types
• 5a97ee2 Cleanup dependencies
• 14fb420 Bump to vercel/pkg-fetch@v3.0.1
• 8756fc1 Support mkdir at mountpoints (tools/update-authors.sh doesn't work on OSX nodejs/node#1120)
• 94cdb69 test: add unit test for IO.js as a mentoring organization for Google Summer of Code nodejs/node#775 (doc: add Malte-Thorben Bruns to .mailmap nodejs/node#1118)
• 3507e2c Skip pnpm tests when nodeversion is < 12 ( test: fix variables quoated when path has spaces on Windows nodejs/node#1122)
• 6deb812 TypeScript Rewrite ( Failed to load c++ bson extension nodejs/node#1099)
• b7426da Remove coverage badge from README. (Already buffered data when creating a TLSSocket doesn't trigger/throw 'error' nodejs/node#1114)
• d3b9585 Extend ESLint to test files. (doc: move checkServerIdentity option to tls.connect() nodejs/node#1107)
• bbb20b2 Update License Zeit -> Vercel. (doc: Better links for all WGs + sp edits nodejs/node#1113)
• eb8921a Add support for symlink and pnpm. (Release proposal: v1.5.0 nodejs/node#1060)
• 79cca54 feat(parser): handle template literal without expressions (Feature-detect "use regular streams as an underlying socket for tls.connect()" nodejs/node#981)
• 2c1fa89 typo fix in readme (tls_wrap: proxy handle methods in prototype nodejs/node#1108)
• d9dc558 Add section about bytecode flag to README.md (https: certificate validation fails when using servername option nodejs/node#1106)
• c9ad6ff Add Windows builds on CI. (io.js for Raspberry Pi 2? nodejs/node#1105)
• 11b93bf Update all dependencies to latest. (http: send Content-Length when possible nodejs/node#1062)
• cceb78a Update release script. (fs: fix .write() not coercing non-string values nodejs/node#1102)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Server-side Request Forgery (SSRF)
🦉 Prototype Pollution