[Snyk] Security upgrade modernizr from 3.3.1 to 3.7.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	704/1000 Why? Has a fix available, CVSS 9.8	Prototype Pollution SNYK-JS-LODASH-590103	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: modernizr

The new version differs by 250 commits.

• 7da8cdb v3.7.0
• 8f37d1f fix Only include persona js if flag enabled. mozilla/kitsune#1663 - Configuration Options not working ([WIP] Community hub rebase mozilla/kitsune#2413)
• 0b9eaa5 Add auto-changelog for generating a CHANGELOG.md ([bug 1140464] Update django-badger to master tip. mozilla/kitsune#2421)
• c21ecfe Fix IE caniuse conflict for svgasimg (Add CORS to realtime API (plus test). mozilla/kitsune#2397)
• 3ed2d7f Update inputsearchevent.js ([Bug 1141436] Fix visible html tags mozilla/kitsune#2405)
• e8bb349 Adding PublicKeyCredential feature detect for webauthn ([Bug 1136586] Fix validation for users api. mozilla/kitsune#2393)
• 1ef3bc8 Add caniuse "meta" property to es5/specification ([Bug 1120568] Add models, APIs, and sending for realtime notifications. mozilla/kitsune#2390)
• e05f001 Check for property and value support for CSS custom properites (Cache virtual environment on Travis mozilla/kitsune#2387)
• 8960932 Cleanup caniuse tags and other properties ([bug 1134221] Upgrade django-waffle to 0.10.1 mozilla/kitsune#2388)
• 4d10f04 Cleanup some extra whitespace
• bd34db8 Autogenerate info for license file ([Bug 1127834] "Firefox Help" might be "Mozilla Support" (opensearch) mozilla/kitsune#2353)
• c1a3e04 Fix exception in indexedDB check on Safari ([Bug 1112921] Allow SessionAuthentication on APIs. mozilla/kitsune#2336)
• a747f33 Issue 2338 - Cleanup JSdoc (Make Notifications API nicer mozilla/kitsune#2368)
• e14a7ae Adding feature detection for navigator.connection.effectiveType (Caching dependencies for Travis mozilla/kitsune#2381)
• 3a6adb5 Replace defunct caniuse jsonp.php?callback ([bug 1122539] Handle the 0 case mozilla/kitsune#2352)
• 501cc0a Additional WebView check added to fileinput test ([Bug 1132115] Prevent double inserts when using the API to create users. mozilla/kitsune#2367)
• 3072bb9 Fix Modernizr.localizednumber moves head below body (Allow filtering notifications by is_read. mozilla/kitsune#2365)
• d43ead3 option to specify global var name to attach modernizr to [Bug 1132146, 1132145] Add id to notification APIs. mozilla/kitsune#2362 ([Bug 1125536] Convert all rate limiting to a standard helper. mozilla/kitsune#2363)
• 189838a Intersection Observer API ([bug 1128477] Tags API for questions mozilla/kitsune#2360)
• a5f00a6 Move custom ESLint rule to `no-restricted-syntax` ([bug 1085456] Support Forum metrics email report. mozilla/kitsune#2359)
• 92a7f75 Use package.json `files` instead of .npmignore (Update pep8 mozilla/kitsune#2357)
• 04181ce More test around text decoration styling ([Bug 1119886] API: Better taken fields and filtering. mozilla/kitsune#2327)
• e2c27dc Update jsdoc ([Bug 1083434] Send notifications to SimplePush. mozilla/kitsune#2346)
• c2906e9 Fixed csshypens detection on FireFox and Safari. ([Bug 1127633, 1127636] Library upgrades mozilla/kitsune#2345)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic