fix: upgrade jszip to 3.7.1 to address DOS vulnerability

[bahizi]

This is to address a DOS Vulnerability that is introduced by jszip < 3.7.0. See details here: https://app.snyk.io/vuln/SNYK-JS-JSZIP-1251497.

It's a very simple dependency update in package.json. I ran the tests and validated the sample Excel doc and all looked good.

[bahizi]

@natergj have you had a chance to review this?

[origooo]

Would be super duper if this was merged!

[Scofield62]

Please merge it. I also need to get rid of vulnerabilities and I like using this library.

[sezanzeb]

You can add this to your package.json file to avoid the vulnerability:

  "resolutions": {
    "jszip": "^3.7.1"
  },

[fcastilloec]

You can add this to your package.json file to avoid the vulnerability:

  "resolutions": {
    "jszip": "^3.7.1"
  },

This will only work if you're using yarn. For the npm people, you need to use overrides

[arthurblake-AngelOak]

Unfortunately It looks like this excellent project might be abandoned by the author...
I hope @natergj is alive and well and on to better things.
I think our best bet going forward is this fork: https://www.npmjs.com/package/@advisr/excel4node
It looks like this issue is fixed in that fork as well.