dep: update watch 1.0.2 because CVE-2021-23397
Summary
https://gitlab.com/foodsharing-dev/foodsharing/-/security/vulnerabilities/53317115
All versions of package @ianwalter/merge is vulnerable to Prototype Pollution via the main (merge) function. Maintainer suggests using @generates/merger instead.
https://gitlab.com/foodsharing-dev/foodsharing/-/blob/master/scripts/package.json#L8
I don't know where it is used.
Steps to reproduce
What is the current bug behavior?
What is the expected correct behavior?
Relevant error messages and/or screenshots
Possible fixes
Edited by Christian Walgenbach