[Snyk] Security upgrade copy-webpack-plugin from 6.0.3 to 9.0.1

[mongoloidkhulmikuki366385]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	698/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.1	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: copy-webpack-plugin

The new version differs by 65 commits.

• 797a006 chore(release): update `serialize-javascript`
• f233c55 chore(deps): serialize-javascript and deps updated (Delete CONTRIBUTING.md github/docs#613)
• 966d723 chore(deps): update (A quick experiment to get allow React components in Markdown pages and throughout the site github/docs#610)
• 2abdddf chore: fix typo (Update README.md github/docs#609)
• d041d85 chore(release): 9.0.0
• beff64e refactor: nodejs v10 dropped (repo sync github/docs#606)
• 3a1139e docs: fix unintended cyrillics in README.md (repo sync github/docs#604)
• 8857968 chore(release): 8.1.1
• d8fa32a fix: `stage` for processing assets (repo sync github/docs#600) (PUpdate about-github-packages.md github/docs#601)
• a571f07 chore(release): 8.1.0
• 82b10e3 chore(deps): update (#598)
• a8ace71 docs: update (repo sync github/docs#597)
• dde71f0 feat: added the `transformAll` option (#596)
• 4ca7f80 docs: fix broken link to #globoptions (Film Castin github/docs#595)
• 01fa91b docs: fix typo
• 1787d2d chore(release): 8.0.0
• 83601dc refactor: code (repo sync github/docs#593)
• 9e12a33 refactor: code (Update README.md github/docs#592)
• d68a8eb chore(deps): update (Update README.md github/docs#591)
• ea610bc feat: added `priority` option (Actions: Workflow dispatch API does not accept SHA commit hash as ref github/docs#590)
• a9b06a6 docs(readme): add example to skip minimizing source files (repo sync github/docs#588)
• f2c1bc8 refactor: template strings in `to` option (Update about-pull-requests.md github/docs#589)
• 8d5ab9a chore: updated deps (added Git Handbook link to further reading section github/docs#587)
• f5e661b test: issue 496 (repo sync github/docs#586)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

[performance-testing-bot]

Unable to locate .performanceTestingBot config file

[pull-request-quantifier-deprecated]

This PR has 2 quantified lines of changes. In general, a change size of upto 200 lines is ideal for the best PR experience!

---

Quantification details

Label      : Extra Small
Size       : +1 -1
Percentile : 0.8%

Total files changed: 1

Change summary by file extension:
.json : +1 -1

Change counts above are quantified counts, based on the PullRequestQuantifier customizations.

Why proper sizing of changes matters

Optimal pull request sizes drive a better predictable PR flow as they strike a
balance between between PR complexity and PR review overhead. PRs within the
optimal size (typical small, or medium sized PRs) mean:

• Fast and predictable releases to production:
  • Optimal size changes are more likely to be reviewed faster with fewer
    iterations.
  • Similarity in low PR complexity drives similar review times.
• Review quality is likely higher as complexity is lower:
  • Bugs are more likely to be detected.
  • Code inconsistencies are more likely to be detected.
• Knowledge sharing is improved within the participants:
  • Small portions can be assimilated better.
• Better engineering practices are exercised:
  • Solving big problems by dividing them in well contained, smaller problems.
  • Exercising separation of concerns within the code changes.

What can I do to optimize my changes

• Use the PullRequestQuantifier to quantify your PR accurately
  • Create a context profile for your repo using the context generator
  • Exclude files that are not necessary to be reviewed or do not increase the review complexity. Example: Autogenerated code, docs, project IDE setting files, binaries, etc. Check out the Excluded section from your prquantifier.yaml context profile.
  • Understand your typical change complexity, drive towards the desired complexity by adjusting the label mapping in your prquantifier.yaml context profile.
  • Only use the labels that matter to you, see context specification to customize your prquantifier.yaml context profile.
• Change your engineering behaviors
  • For PRs that fall outside of the desired spectrum, review the details and check if:
    • Your PR could be split in smaller, self-contained PRs instead
    • Your PR only solves one particular issue. (For example, don't refactor and code new features in the same PR).

How to interpret the change counts in git diff output

• One line was added: +1 -0
• One line was deleted: +0 -1
• One line was modified: +1 -1 (git diff doesn't know about modified, it will
  interpret that line like one addition plus one deletion)
• Change percentiles: Change characteristics (addition, deletion, modification)
  of this PR in relation to all other PRs within the repository.

---

Was this comment helpful? 👍  :ok_hand:  :thumbsdown: (Email)
Customize PullRequestQuantifier for this repository.

[vizipi]

Pull request analysis by VIZIPI

Below you will find who is the most qualified team member to review your code.
This analysis includes his/her work on the code included in this Pull request, in addition to their experience in code affected by these changes ( partly found within the list of potential missing files below )   Feedback always welcome

No other active qualified developers found to review these specific changes. You might consider involving more team members with these code segments.

---

Potential missing files from this Pull request

files commonly committed with a subset of this pr, but not committed this time. (click to collapse)

File	Percentile	rate
package-lock.json	70.48%	191 out of 271 times

---

Committed file ranks

(click to expand)

100.00%[package.json]