update packages to latest version

node_modules/terser/lib/utils/index.js

@@ -64,10 +64,8 @@ class DefaultsError extends Error {
 function defaults(args, defs, croak) {
     if (args === true) {
         args = {};
-    }
-
-    if (args != null && typeof args === "object") {
-        args = Object.assign({}, args);
+    } else if (args != null && typeof args === "object") {
+        args = {...args};
     }
 
     const ret = args || {};
@@ -251,7 +249,15 @@ function regexp_source_fix(source) {
         return (escaped ? "" : "\\") + lineTerminatorEscape[match];
     });
 }
-const all_flags = "gimuy";
+
+// Subset of regexps that is not going to cause regexp based DDOS
+// https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS
+const re_safe_regexp = /^[\\/|\0\s\w^$.[\]()]*$/;
+
+/** Check if the regexp is safe for Terser to create without risking a RegExp DOS */
+export const regexp_is_safe = (source) => re_safe_regexp.test(source);
+
+const all_flags = "dgimsuy";
 function sort_regexp_flags(flags) {
     const existing_flags = new Set(flags.split(""));
     let out = "";