fix: upgrade @rollup/plugin-terser to v1 to address serialize-javascript CVE

Upgrade @rollup/plugin-terser from ^0.4.0 to ^1.0.0 in msal-browser.
v1.0.0 uses serialize-javascript@^7.0.3 (fixed version for RCE via
RegExp.flags/Date.toISOString injection, GHSA-5c6j-r48x-rmvq).

Note: serialize-javascript@6.0.2 remains for copy-webpack-plugin@12.0.2,
which is pinned by @angular-devkit/build-angular. Exploitation is
infeasible there as no user input flows through serialize() in that path.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: hectormmg

lib/msal-browser/package.json

@@ -1,133 +1,133 @@
 {
-  "name": "@azure/msal-browser",
-  "author": {
-    "name": "Microsoft",
-    "email": "nugetaad@microsoft.com",
-    "url": "https://www.microsoft.com"
-  },
-  "license": "MIT",
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/AzureAD/microsoft-authentication-library-for-js.git"
-  },
-  "version": "5.7.0",
-  "description": "Microsoft Authentication Library for js",
-  "keywords": [
-    "implicit",
-    "authorization code",
-    "PKCE",
-    "js",
-    "AAD",
-    "msal",
-    "oauth"
-  ],
-  "type": "module",
-  "sideEffects": false,
-  "main": "./lib/msal-browser.cjs",
-  "module": "./dist/index.mjs",
-  "types": "./dist/index.d.ts",
-  "exports": {
-    "./custom-auth": {
-      "import": {
-        "types": "./dist/custom-auth-path/custom_auth/index.d.ts",
-        "default": "./dist/custom-auth-path/custom_auth/index.mjs"
-      },
-      "require": {
-        "types": "./lib/custom-auth-path/types/custom_auth/index.d.ts",
-        "default": "./lib/custom-auth-path/msal-custom-auth.cjs"
-      }
+    "name": "@azure/msal-browser",
+    "author": {
+        "name": "Microsoft",
+        "email": "nugetaad@microsoft.com",
+        "url": "https://www.microsoft.com"
     },
-    "./redirect-bridge": {
-      "import": {
-        "types": "./dist/redirect-bridge/redirect_bridge/index.d.ts",
-        "default": "./dist/redirect-bridge/redirect_bridge/index.mjs"
-      },
-      "require": {
-        "types": "./lib/redirect-bridge/types/redirect_bridge/index.d.ts",
-        "default": "./lib/redirect-bridge/msal-redirect-bridge.cjs"
-      }
+    "license": "MIT",
+    "repository": {
+        "type": "git",
+        "url": "https://github.com/AzureAD/microsoft-authentication-library-for-js.git"
     },
-    ".": {
-      "import": {
-        "types": "./dist/index.d.ts",
-        "default": "./dist/index.mjs"
-      },
-      "require": {
-        "types": "./lib/types/index.d.ts",
-        "default": "./lib/msal-browser.cjs"
-      }
+    "version": "5.6.3",
+    "description": "Microsoft Authentication Library for js",
+    "keywords": [
+        "implicit",
+        "authorization code",
+        "PKCE",
+        "js",
+        "AAD",
+        "msal",
+        "oauth"
+    ],
+    "type": "module",
+    "sideEffects": false,
+    "main": "./lib/msal-browser.cjs",
+    "module": "./dist/index.mjs",
+    "types": "./dist/index.d.ts",
+    "exports": {
+        "./custom-auth": {
+            "import": {
+                "types": "./dist/custom-auth-path/custom_auth/index.d.ts",
+                "default": "./dist/custom-auth-path/custom_auth/index.mjs"
+            },
+            "require": {
+                "types": "./lib/custom-auth-path/types/custom_auth/index.d.ts",
+                "default": "./lib/custom-auth-path/msal-custom-auth.cjs"
+            }
+        },
+        "./redirect-bridge": {
+            "import": {
+                "types": "./dist/redirect-bridge/redirect_bridge/index.d.ts",
+                "default": "./dist/redirect-bridge/redirect_bridge/index.mjs"
+            },
+            "require": {
+                "types": "./lib/redirect-bridge/types/redirect_bridge/index.d.ts",
+                "default": "./lib/redirect-bridge/msal-redirect-bridge.js"
+            }
+        },
+        ".": {
+            "import": {
+                "types": "./dist/index.d.ts",
+                "default": "./dist/index.mjs"
+            },
+            "require": {
+                "types": "./lib/types/index.d.ts",
+                "default": "./lib/msal-browser.cjs"
+            }
+        },
+        "./package.json": "./package.json"
     },
-    "./package.json": "./package.json"
-  },
-  "engines": {
-    "node": ">=0.8.0"
-  },
-  "beachball": {
-    "disallowedChangeTypes": [
-      "major"
-    ]
-  },
-  "directories": {
-    "test": "test"
-  },
-  "files": [
-    "dist",
-    "lib",
-    "src"
-  ],
-  "scripts": {
-    "clean": "shx rm -rf dist lib",
-    "clean:coverage": "rimraf ../../.nyc_output/*",
-    "lint": "eslint src --ext .ts",
-    "lint:fix": "npm run lint -- --fix",
-    "test": "jest",
-    "test:coverage": "jest --coverage",
-    "test:coverage:only": "npm run clean:coverage && npm run test:coverage",
-    "build:all": "cd ../.. && npm run build --workspace=@azure/msal-common --workspace=@azure/msal-browser",
-    "build:all:debug": "cd ../.. && cross-env MSAL_MINIFY_LOGS=false npm run build --workspace=@azure/msal-common --workspace=@azure/msal-browser",
-    "build:modules": "rollup -c --strictDeprecations --bundleConfigAsCjs",
-    "build:modules:watch": "rollup -cw --bundleConfigAsCjs",
-    "build": "npm run clean && npm run build:modules",
-    "build:debug": "npm run clean && cross-env MSAL_MINIFY_LOGS=false npm run build:modules",
-    "decode-logs": "node scripts/decode-logs.cjs",
-    "prepack": "npm run build:all",
-    "format:check": "prettier --ignore-path .gitignore --check src test",
-    "format:fix": "prettier --ignore-path .gitignore --write src test",
-    "apiExtractor": "api-extractor run"
-  },
-  "devDependencies": {
-    "@azure/storage-blob": "^12.2.1",
-    "@babel/core": "^7.7.2",
-    "@babel/plugin-proposal-class-properties": "^7.7.0",
-    "@babel/plugin-proposal-object-rest-spread": "^7.6.2",
-    "@babel/preset-env": "^7.7.1",
-    "@babel/preset-typescript": "^7.7.2",
-    "@microsoft/api-extractor": "^7.43.4",
-    "@rollup/plugin-node-resolve": "^15.0.1",
-    "@rollup/plugin-terser": "^0.4.0",
-    "@rollup/plugin-typescript": "^11.0.0",
-    "@types/jest": "^29.5.0",
-    "@types/node": "^20.3.1",
-    "cross-env": "^10.1.0",
-    "dotenv": "^8.2.0",
-    "eslint-config-msal": "file:../../shared-configs/eslint-config-msal",
-    "fake-indexeddb": "^3.1.3",
-    "jest": "^29.5.0",
-    "jest-environment-jsdom": "^29.5.0",
-    "jest-junit": "^16.0.0",
-    "msal-test-utils": "file:../../shared-test-utils",
-    "prettier": "^2.8.7",
-    "rimraf": "^3.0.0",
-    "rollup": "^4.22.4",
-    "rollup-msal": "file:../../shared-configs/rollup-msal",
-    "shx": "^0.3.2",
-    "ssri": "^8.0.1",
-    "ts-jest": "^29.2.5",
-    "ts-jest-resolver": "^2.0.1",
-    "tslib": "^1.10.0",
-    "typescript": "^4.9.5"
-  },
-  "dependencies": {
-    "@azure/msal-common": "16.5.0"
-  }
+    "engines": {
+        "node": ">=0.8.0"
+    },
+    "beachball": {
+        "disallowedChangeTypes": [
+            "major"
+        ]
+    },
+    "directories": {
+        "test": "test"
+    },
+    "files": [
+        "dist",
+        "lib",
+        "src"
+    ],
+    "scripts": {
+        "clean": "shx rm -rf dist lib",
+        "clean:coverage": "rimraf ../../.nyc_output/*",
+        "lint": "eslint src --ext .ts",
+        "lint:fix": "npm run lint -- --fix",
+        "test": "jest",
+        "test:coverage": "jest --coverage",
+        "test:coverage:only": "npm run clean:coverage && npm run test:coverage",
+        "build:all": "cd ../.. && npm run build --workspace=@azure/msal-common --workspace=@azure/msal-browser",
+        "build:all:debug": "cd ../.. && cross-env MSAL_MINIFY_LOGS=false npm run build --workspace=@azure/msal-common --workspace=@azure/msal-browser",
+        "build:modules": "rollup -c --strictDeprecations --bundleConfigAsCjs",
+        "build:modules:watch": "rollup -cw --bundleConfigAsCjs",
+        "build": "npm run clean && npm run build:modules",
+        "build:debug": "npm run clean && cross-env MSAL_MINIFY_LOGS=false npm run build:modules",
+        "decode-logs": "node scripts/decode-logs.cjs",
+        "prepack": "npm run build:all",
+        "format:check": "prettier --ignore-path .gitignore --check src test",
+        "format:fix": "prettier --ignore-path .gitignore --write src test",
+        "apiExtractor": "api-extractor run"
+    },
+    "devDependencies": {
+        "@azure/storage-blob": "^12.2.1",
+        "@babel/core": "^7.7.2",
+        "@babel/plugin-proposal-class-properties": "^7.7.0",
+        "@babel/plugin-proposal-object-rest-spread": "^7.6.2",
+        "@babel/preset-env": "^7.7.1",
+        "@babel/preset-typescript": "^7.7.2",
+        "@microsoft/api-extractor": "^7.43.4",
+        "@rollup/plugin-node-resolve": "^15.0.1",
+        "@rollup/plugin-terser": "^1.0.0",
+        "@rollup/plugin-typescript": "^11.0.0",
+        "@types/jest": "^29.5.0",
+        "@types/node": "^20.3.1",
+        "cross-env": "^10.1.0",
+        "dotenv": "^8.2.0",
+        "eslint-config-msal": "file:../../shared-configs/eslint-config-msal",
+        "fake-indexeddb": "^3.1.3",
+        "jest": "^29.5.0",
+        "jest-environment-jsdom": "^29.5.0",
+        "jest-junit": "^16.0.0",
+        "msal-test-utils": "file:../../shared-test-utils",
+        "prettier": "^2.8.7",
+        "rimraf": "^3.0.0",
+        "rollup": "^4.22.4",
+        "rollup-msal": "file:../../shared-configs/rollup-msal",
+        "shx": "^0.3.2",
+        "ssri": "^8.0.1",
+        "ts-jest": "^29.2.5",
+        "ts-jest-resolver": "^2.0.1",
+        "tslib": "^1.10.0",
+        "typescript": "^4.9.5"
+    },
+    "dependencies": {
+        "@azure/msal-common": "16.4.1"
+    }
 }