Lockfile maintenance to resolve CVE-2021-43138
This updates async to v2.6.4, which is a backport of the fix for CVE-2021-43138 per https://github.com/advisories/GHSA-fwr7-v2mv-hh25
Edited by Aaron Goldenthal
This updates async to v2.6.4, which is a backport of the fix for CVE-2021-43138 per https://github.com/advisories/GHSA-fwr7-v2mv-hh25