Immer security vulnerability

[mattruby]

Immer version < 9.0.6 is vulnerable to Prototype Pollution
https://snyk.io/vuln/SNYK-JS-IMMER-1540542
GHSA-9qmh-276g-x5pj

Immer version 9.0.6 resolves the vulnerability: https://github.com/immerjs/immer/releases/tag/v9.0.6

[markerikson]

Technically there's nothing to do on our side, given that we already ask for ^9.0.1. It's up to end users to actually update their own projects. But sure, doesn't hurt to bump on our end.

[mattruby]

Thanks!