From 024e4a776a1879195a2e10ee2c7ae458ce2ad449 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 28 Apr 2022 00:42:38 +0000
Subject: [PATCH] Bump async from 1.5.2 to 2.6.4

Bumps [async](https://github.com/caolan/async) from 1.5.2 to 2.6.4.
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md)
- [Commits](https://github.com/caolan/async/compare/v1.5.2...v2.6.4)

---
updated-dependencies:
- dependency-name: async
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 package-lock.json | 15 ++++++++++++---
 package.json      |  2 +-
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index b906252..9e076eb 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -146,9 +146,12 @@
       "dev": true
     },
     "async": {
-      "version": "1.5.2",
-      "resolved": "https://www.myget.org/F/security-first-managers/auth/d9a48afc-b904-4f07-ae82-b1c7ddf330b7/npm/async/-/async-1.5.2.tgz",
-      "integrity": "sha1-7GphrlZIDAw8skHJVhjiCJL5Zyo="
+      "version": "2.6.4",
+      "resolved": "https://registry.npmjs.org/async/-/async-2.6.4.tgz",
+      "integrity": "sha512-mzo5dfJYwAn29PeiJ0zvwTo04zj8HDJj0Mn8TD7sno7q12prdbnasKJHhkm2c1LgrhlJ0teaea8860oxi51mGA==",
+      "requires": {
+        "lodash": "^4.17.14"
+      }
     },
     "asynckit": {
       "version": "0.4.0",
@@ -1225,6 +1228,12 @@
         "wordwrap": "^1.0.0"
       },
       "dependencies": {
+        "async": {
+          "version": "1.5.2",
+          "resolved": "https://registry.npmjs.org/async/-/async-1.5.2.tgz",
+          "integrity": "sha1-7GphrlZIDAw8skHJVhjiCJL5Zyo=",
+          "dev": true
+        },
         "esprima": {
           "version": "2.7.3",
           "resolved": "https://www.myget.org/F/security-first-managers/auth/d9a48afc-b904-4f07-ae82-b1c7ddf330b7/npm/esprima/-/esprima-2.7.3.tgz",
diff --git a/package.json b/package.json
index 12c1534..43db2da 100644
--- a/package.json
+++ b/package.json
@@ -45,7 +45,7 @@
     "blueoak-server": "bin/blueoak-server.js"
   },
   "dependencies": {
-    "async": "^1.0.0",
+    "async": "^2.6.4",
     "base64url": "^3.0.1",
     "body-parser": "^1.19.0",
     "cfenv": "^1.0.0",