[Snyk] Security upgrade lerna from 8.2.4 to 9.0.5

[rvu-snyk]

Snyk has created this PR to fix 3 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-15309438	828
	Inefficient Algorithmic Complexity SNYK-JS-MINIMATCH-15353389	828
	Directory Traversal SNYK-JS-TAR-15307072	813

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Directory Traversal

[rvu-snyk]

This major upgrade from lerna v8 to v9 introduces significant breaking changes that require developer action. The primary impacts are the removal of legacy commands and a change in Node.js version support.

Key Breaking Changes:

• Removal of Legacy Commands: The lerna bootstrap, lerna add, and lerna link commands have been completely removed after a two-year deprecation period. Projects relying on these commands for dependency installation and linking will fail. You must now use your package manager's (npm, yarn, pnpm) native workspaces functionality.
• Node.js v18 Support Dropped: Support for Node.js v18 has been removed as it is end-of-life. The required Node.js versions are now ^20.19.0 || ^22.12.0 || >=24.0.0. Your development and CI/CD environments must be updated.

Recommendation:

1. Migrate from lerna bootstrap: Replace lerna bootstrap calls in your scripts with your package manager's install command (e.g., npm install, yarn install, pnpm install).
2. Update Environment: Ensure your runtime environment meets the new Node.js version requirement.
3. Update Configuration: After upgrading, run lerna repair to automatically migrate your lerna.json configuration to the latest format and remove any outdated options.

Source: Lerna v9.0.0 Release Notes

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.