[Snyk] Fix for 1 vulnerabilities

[rvu-snyk]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-15309438	828

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[rvu-snyk]

This update includes high-risk breaking changes for both lerna and del.

lerna@8.2.4 → lerna@9.0.4

This is a major version upgrade with significant breaking changes. The risk is high.

Breaking Changes:

• Removal of Legacy Commands: The lerna bootstrap, lerna add, and lerna link commands have been completely removed after a two-year deprecation period. Projects still using these commands will fail.
• Node.js Version Requirement: Support for Node.js v18 has been dropped. Lerna v9 requires Node.js version ^20.19.0, ^22.12.0, or >=24.0.0.

Recommendation:

• Migrate to Native Workspaces: Replace lerna bootstrap with your package manager's install command (e.g., npm install, yarn, pnpm install). Your repository must be configured to use native workspaces.
• Run lerna repair: The maintainers strongly recommend running lerna repair to automatically migrate your lerna.json configuration to the latest format.

Source: Lerna v9.0.0 Release Notes

del@3.0.0 → del@8.0.0

This is a very large major version upgrade, spanning five major versions. The risk is high.

Breaking Changes:

• ESM Module Syntax: The package has transitioned to a pure ES Module (ESM). You must now use import {deleteAsync} from 'del' instead of const del = require('del').
• API Change: The main function is now a named export deleteAsync instead of a default export.
• Node.js Support: Support for older, end-of-life Node.js versions has likely been dropped.

Recommendation:

• Update your code from CommonJS require() to ESM import statements.
• Ensure your runtime environment (Node.js version) is compatible with the new version of del.

Source: Package documentation

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.