[Snyk] Security upgrade serialize-javascript from 6.0.1 to 6.0.2

[cc-prodsec]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/pwa-kit-react-sdk/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	698/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.1	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: serialize-javascript

The new version differs by 6 commits.

• b71ec23 6.0.2
• f27d65d fix: serialize URL string contents to prevent XSS (Always enable the fav icon in product tiles #173)
• 02499c0 Bump @ babel/traverse from 7.10.1 to 7.23.7 ([Snyk] Upgrade yargs from 15.3.0 to 15.4.1 #171)
• 0d88527 docs: update readme with URL support ([Snyk] Upgrade http-proxy-middleware from 0.19.0 to 0.21.0 #146)
• e2a3a91 chore: update node version and lock file
• 5a1fa64 fix typo ([Snyk] Upgrade react-router-dom from 5.2.0 to 5.3.0 #164)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

[kevinxh]

closed via #1719