[Snyk] Upgrade @badgateway/oauth2-client from 2.3.0 to 2.4.2

[ralphbean]

Snyk has created this PR to upgrade @badgateway/oauth2-client from 2.3.0 to 2.4.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 3 versions ahead of your current version.

• The recommended version was released on 3 months ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-7361793	551	Proof of Concept
	Asymmetric Resource Consumption (Amplification) SNYK-JS-BODYPARSER-7926860	551	No Known Exploit
	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	551	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	551	Proof of Concept
	Improper Handling of Extra Parameters SNYK-JS-FOLLOWREDIRECTS-6141137	551	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	551	Proof of Concept
	Path Traversal SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555	551	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-AXIOS-6671926	551	No Known Exploit
	Cross-site Scripting (XSS) SNYK-JS-COOKIE-8163060	551	No Known Exploit
	Open Redirect SNYK-JS-EXPRESS-6474509	551	No Known Exploit
	Cross-site Scripting SNYK-JS-EXPRESS-7926867	551	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	551	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	551	Proof of Concept
	Improper Input Validation SNYK-JS-NANOID-8492085	551	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	551	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-8482416	551	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607	551	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-WEBPACK-7840298	551	Proof of Concept
	Cross-site Scripting SNYK-JS-SEND-7926862	551	No Known Exploit
	Cross-site Scripting SNYK-JS-SERVESTATIC-7926865	551	No Known Exploit

Release notes

Package name: @badgateway/oauth2-client

• 2.4.2 - 2024-09-14
  
  • #161: Re-use old refresh_token if no new one was issued after a refresh.
• 2.4.1 - 2024-08-22
  
  • #151: Add 'Accept' header on token requests to fix a Github compatibility issue.
  • #151: Throw error when we get an invalid reply from a token endpoint.
• 2.4.0 - 2024-07-27
  
  • More robust error handling. When an error is emitted, you now give you access to the emitted HTTP Response and response body.
  • Support for response_mode=fragment in the authorization_code flow.
• 2.3.0 - 2024-02-03
  
  • Fix for #128: If there's no secret, we should never use Basic auth to encode the client_id.
  • Support for the resource parameter from RFC 8707.
  • Add support for scope parameter to refresh().
  • Support for RFC 7009, Token Revocation. (@ adambom)

from @badgateway/oauth2-client GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs