Update "async" dependency

[chergott]

portfinder is currently using async@^2.6.2 which has a known Prototype Pollution vulnerability

async@^3.2.2 addresses this vulnerability

Additional information:
NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-43138
Snyk: https://security.snyk.io/vuln/SNYK-JS-ASYNC-2441827

[fhljys]

Any update?

[SymbioticKilla]

@eriktrom Any chance to get this fixed? Thanks!

[alexander-akait]

@eriktrom Friendly ping, can you look at this, thanks?

[ucsbricks]

@eriktrom I would really appreciate if you could fix this. Thanks.

[kiskoza]

There's a PR to backport the fix to the 2.x branch on the async repo: caolan/async#1828

[pstephensSQ]

Team, any status on this fix?

[fhljys]

I think Kiskoza's comment already addressed this. You just need to update the patch version.

[mat007]

Dependabot opened #126

[eriktrom]

async updated in ccdb3b7 and 10d9771