[Snyk] Security upgrade vega-embed from 3.30.0 to 6.7.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Breaking Change	Exploit Maturity
	Insecure Configuration SNYK-JS-VEGAEMBED-567898	Yes	No Known Exploit

Commit messages

Package name: vega-embed

The new version differs by 250 commits.

• e81d5e2 v6.7.0
• 3d5c5c8 fix: switch to click (#425)
• cb59b76 chore: switch from Travis to GitHub actions (#424)
• 2d82d0e Bump jest from 25.5.2 to 25.5.3
• 3e02541 Bump rollup from 2.7.5 to 2.7.6
• 1622758 Bump terser from 4.6.12 to 4.6.13
• 4a0997e Bump jest from 25.5.1 to 25.5.2
• 9ec8ecd Only allow post data to specific origin.
• 1aa5594 Upgrade deps
• 8f6f713 Bump jest from 25.4.0 to 25.5.0
• c041fe4 Bump rollup from 2.7.2 to 2.7.3
• c801e6e Upgrade deps, fix typo
• 659b794 Test supported node versions (#415)
• 9750916 Bump terser from 4.6.11 to 4.6.12
• 2de73bd Bump concurrently from 5.1.0 to 5.2.0
• 20b0e52 Bump node-sass from 4.13.1 to 4.14.0
• 4a64229 Bump rollup from 2.7.1 to 2.7.2
• f2ff5c4 Bump vega-lite from 4.10.5 to 4.11.0
• 42679f5 Bump rollup from 2.6.1 to 2.7.1
• 0f8defa Bump jest from 25.3.0 to 25.4.0
• 46918df Bump vega-lite from 4.10.4 to 4.10.5
• 60b5a35 Bump @rollup/plugin-json from 4.0.2 to 4.0.3
• dcc1616 Bump ts-jest from 25.3.1 to 25.4.0
• cad6bb0 v6.6.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic