[Snyk] Security upgrade @uppy/companion from 0.17.5 to 4.0.0

[H4NG-MAN]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/@uppy/companion/examples/serverless/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-QS-3153490	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @uppy/companion

The new version differs by 250 commits.

• aa4548b Merge 071974c into ac10c6d
• 071974c Nest 3.0-beta changelogs in 3.0 release
• 8c1a5e1 @ uppy/react-native is beta still
• 3fe8707 Release: uppy@3.0.0
• ac10c6d Update README.md
• f3aeac4 Update README.md
• da27a55 meta: Use RemoteSources in readme example (meta: Use RemoteSources in readme example transloadit/uppy#4030)
• 8773dcd Add migration guide for Uppy 3.x, Companion 4.x, and Robodog (Add migration guide for Uppy 3.x, Companion 4.x, and Robodog transloadit/uppy#3913)
• 7d74d3a example: upgrade React example to use React 18 (example: upgrade React example to use React 18 transloadit/uppy#4002)
• bbcc146 readme: Use new ESM syntax (readme: Use new ESM syntax transloadit/uppy#4028)
• ee83d33 fixup! meta: fix linter failures (meta: fix linter failures transloadit/uppy#4029)
• 524b783 @ uppy/vue: move `@ uppy/` packages to peer dependencies (@uppy/vue: move @uppy/ packages to peer dependencies transloadit/uppy#4024)
• 70a4615 meta: fix linter failures (meta: fix linter failures transloadit/uppy#4029)
• 4bb9988 @ uppy/robodog: remove package (@uppy/robodog: remove package transloadit/uppy#3946)
• bef7b58 example: migrate `digitalocean-spaces` to ESM (example: migrate digitalocean-spaces to ESM transloadit/uppy#4015)
• 183187d example: replace Robodog example with Transloadit + RemoteSources + Form (example: replace Robodog example with Transloadit + RemoteSources + Form transloadit/uppy#4027)
• 0da66ff website: replace Robodog example with Uppy plugins (website: replace Robodog example with Uppy plugins transloadit/uppy#4026)
• d7180db @ uppy/tus, @ uppy/xhr-upload, @ uppy/aws-s3: `metaFields` -> `allowedMetaFields` (@uppy/tus, @uppy/xhr-upload, @uppy/aws-s3: metaFields -> allowedMetaFields transloadit/uppy#4023)
• 089aaed example: showcase migration out of Robodog (example: showcase migration out of Robodog transloadit/uppy#4021)
• ff2eed4 example: fix Svelte dev mode (example: fix Svelte dev mode transloadit/uppy#4025)
• 5353874 example: fix docs and env for Vite examples (example: fix docs and env for Vite examples transloadit/uppy#4018)
• 97c6507 @ uppy/tus: avoid crashing when Tus client reports an error (@uppy/tus: avoid crashing when Tus client report an error before any … transloadit/uppy#4019)
• ef7cbea @ uppy/react: move `@ uppy/` packages to peer dependencies (@uppy/react: move @uppy/ packages to peer dependencies transloadit/uppy#4004)
• 7c460f3 core: uppy.addFile should accept browser File objects (core: uppy.addFile should accept browser File objects transloadit/uppy#4020)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution