IBA Prep - Dependency upgrades post v4 Yarn upgrade

package.json

@@ -38,22 +38,22 @@
   ],
   "dependencies": {
     "@babel/core": "^7.25.2",
-    "@babel/preset-env": "^7.25.3",
-    "@cypress/request": "^3.0.0",
+    "@babel/preset-env": "^7.25.4",
+    "@cypress/request": "^3.0.5",
     "@cypress/request-promise": "^5.0.0",
     "@hmcts/cookie-manager": "^1.0.0",
     "@hmcts/div-idam-express-middleware": "^6.6.2",
-    "@hmcts/nodejs-healthcheck": "^1.8.0",
+    "@hmcts/nodejs-healthcheck": "^1.8.5",
     "@hmcts/one-per-page": "^5.4.0",
-    "@hmcts/properties-volume": "^1.1.0",
+    "@hmcts/properties-volume": "^1.2.0",
     "@hmcts/uk-bank-holidays": "^1.0.2",
     "accessible-autocomplete": "^2.0.4",
-    "applicationinsights": "^2.7.3",
+    "applicationinsights": "^2.9.6",
     "babel-loader": "^9.1.3",
-    "body-parser": "^1.20.2",
+    "body-parser": "^1.20.3",
     "chalk": "^4.1.2",
     "clean-webpack-plugin": "^4.0.0",
-    "config": "^3.3.9",
+    "config": "^3.3.12",
     "cookie-parser": "^1.4.6",
     "cookies": "^0.8.0",
     "copy-webpack-plugin": "^12.0.2",
@@ -64,16 +64,16 @@
     "express-nunjucks": "^3.1.2",
     "file-loader": "^6.2.0",
     "formidable": "^3.5.1",
-    "govuk-frontend": "^4.7.0",
+    "govuk-frontend": "^4.8.0",
     "govuk_template_jinja": "^0.26.0",
     "graceful-fs": "^4.2.11",
-    "helmet": "^7.0.0",
-    "html-entities": "^2.4.0",
-    "http-status-codes": "^2.2.0",
+    "helmet": "^7.1.0",
+    "html-entities": "^2.5.2",
+    "http-status-codes": "^2.3.0",
     "jquery": "^3.7.1",
     "jquery-modal": "^0.9.2",
-    "js-base64": "^3.7.5",
-    "libphonenumber-js": "^1.10.43",
+    "js-base64": "^3.7.7",
+    "libphonenumber-js": "^1.11.8",
     "lodash": "^4.17.21",
     "lodash-es": "^4.17.21",
     "mini-css-extract-plugin": "^2.9.1",
@@ -82,49 +82,49 @@
     "nunjucks-loader": "^3.0.0",
     "optimize-css-assets-webpack-plugin": "^6.0.1",
     "parse-full-name": "^1.2.6",
-    "redis": "^4.6.8",
-    "sass": "^1.77.8",
-    "sass-loader": "^16.0.0",
+    "redis": "^4.7.0",
+    "sass": "^1.78.0",
+    "sass-loader": "^16.0.1",
     "style-loader": "^4.0.0",
     "superagent": "^8.1.2",
     "superagent-csrf": "^1.0.0",
     "terser-webpack-plugin": "^5.3.10",
-    "uuid": "^9.0.0",
+    "uuid": "^9.0.1",
     "webpack": "^5.94.0",
     "webpack-cli": "^5.1.4",
-    "webpack-dev-middleware": "^7.3.0",
+    "webpack-dev-middleware": "^7.4.2",
     "webpack-merge": "^6.0.1"
   },
   "devDependencies": {
     "@babel/register": "^7.24.6",
     "@hmcts/eslint-config": "^1.4.0",
-    "chai": "^4.1.2",
-    "chai-as-promised": "^7.1.1",
+    "chai": "^4.5.0",
+    "chai-as-promised": "^7.1.2",
     "chai-jq": "^0.0.9",
     "codeceptjs": "^3.5.14",
-    "eslint": "^8.48.0",
-    "eslint-plugin-mocha": "^5.0.0",
+    "eslint": "^8.57.0",
+    "eslint-plugin-mocha": "^5.3.0",
     "fs": "^0.0.1-security",
     "gulp": "^5.0.0",
     "gulp-cli": "^3.0.0",
-    "jsdom": "^16.5.0",
-    "mocha": "^6.1.4",
-    "mocha-multi": "^1.1.0",
-    "mocha-param": "^2.0.0",
+    "jsdom": "^16.7.0",
+    "mocha": "^6.2.3",
+    "mocha-multi": "^1.1.7",
+    "mocha-param": "^2.0.1",
     "mochapack": "^2.1.4",
-    "mochawesome": "^4.0.1",
-    "nock": "^13.3.3",
+    "mochawesome": "^4.1.0",
+    "nock": "^13.5.5",
     "nyc": "^15.1.0",
     "pa11y": "^8.0.0",
-    "playwright": "^1.46.1",
+    "playwright": "^1.47.1",
     "pre-commit": "^1.2.2",
     "proxyquire": "^2.1.3",
-    "puppeteer": "^23.2.0",
+    "puppeteer": "^23.3.0",
     "rewire": "^7.0.0",
     "sinon": "^15.2.0",
     "sinon-chai": "^3.7.0",
-    "supertest": "^6.3.3",
-    "webdriverio": "8.10.5",
+    "supertest": "^6.3.4",
+    "webdriverio": "8.40.5",
     "webpack-node-externals": "3.0.0"
   },
   "resolutions": {

yarn-audit-known-issues

@@ -1,25 +1,8 @@
-{"value":"@npmcli/move-file","children":{"ID":"@npmcli/move-file (deprecation)","Issue":"This functionality has been moved to @npmcli/fs","Severity":"moderate","Vulnerable Versions":"2.0.1","Tree Versions":["2.0.1"],"Dependents":["cacache@npm:16.1.3"]}}
-{"value":"are-we-there-yet","children":{"ID":"are-we-there-yet (deprecation)","Issue":"This package is no longer supported.","Severity":"moderate","Vulnerable Versions":"3.0.1","Tree Versions":["3.0.1"],"Dependents":["npmlog@npm:6.0.2"]}}
-{"value":"body-parser","children":{"ID":1099520,"Issue":"body-parser vulnerable to denial of service when url encoding is enabled","URL":"https://github.com/advisories/GHSA-qwcr-r2fm-qrc7","Severity":"high","Vulnerable Versions":"<1.20.3","Tree Versions":["1.19.0","1.20.2"],"Dependents":["@hmcts/one-per-page@npm:5.4.0","sya@workspace:."]}}
-{"value":"csurf","children":{"ID":"csurf (deprecation)","Issue":"Please use another csrf package","Severity":"moderate","Vulnerable Versions":"1.11.0","Tree Versions":["1.11.0"],"Dependents":["sya@workspace:."]}}
-{"value":"formidable","children":{"ID":"formidable (deprecation)","Issue":"Please upgrade to latest, formidable@v2 or formidable@v3! Check these notes: https://bit.ly/2ZEqIau","Severity":"moderate","Vulnerable Versions":"1.2.6","Tree Versions":["1.2.6"],"Dependents":["superagent@npm:3.8.3"]}}
-{"value":"gauge","children":{"ID":"gauge (deprecation)","Issue":"This package is no longer supported.","Severity":"moderate","Vulnerable Versions":"4.0.4","Tree Versions":["4.0.4"],"Dependents":["npmlog@npm:6.0.2"]}}
-{"value":"glob","children":{"ID":"glob (deprecation)","Issue":"Glob versions prior to v9 are no longer supported","Severity":"moderate","Vulnerable Versions":"8.1.0","Tree Versions":["8.1.0"],"Dependents":["cacache@npm:16.1.3"]}}
-{"value":"har-validator","children":{"ID":"har-validator (deprecation)","Issue":"this library is no longer supported","Severity":"moderate","Vulnerable Versions":"5.1.5","Tree Versions":["5.1.5"],"Dependents":["request@npm:2.88.2"]}}
-{"value":"hoek","children":{"ID":1096410,"Issue":"hoek subject to prototype pollution via the clone function.","URL":"https://github.com/advisories/GHSA-c429-5p7v-vgjp","Severity":"high","Vulnerable Versions":"<=6.1.3","Tree Versions":["5.0.4","6.1.3"],"Dependents":["joi@npm:13.7.0","topo@npm:3.0.3"]}}
-{"value":"inflight","children":{"ID":"inflight (deprecation)","Issue":"This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.","Severity":"moderate","Vulnerable Versions":"1.0.6","Tree Versions":["1.0.6"],"Dependents":["glob@npm:7.1.7"]}}
-{"value":"ip","children":{"ID":1097721,"Issue":"NPM IP package incorrectly identifies some private IP addresses as public","URL":"https://github.com/advisories/GHSA-78xj-cgh5-2h22","Severity":"low","Vulnerable Versions":"=2.0.0","Tree Versions":["2.0.0"],"Dependents":["socks@npm:2.7.1"]}}
-{"value":"ip","children":{"ID":1099357,"Issue":"ip SSRF improper categorization in isPublic","URL":"https://github.com/advisories/GHSA-2p57-rm9w-gvfp","Severity":"high","Vulnerable Versions":"<=2.0.1","Tree Versions":["2.0.0"],"Dependents":["socks@npm:2.7.1"]}}
-{"value":"joi","children":{"ID":"joi (deprecation)","Issue":"This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).","Severity":"moderate","Vulnerable Versions":"13.7.0","Tree Versions":["13.7.0"],"Dependents":["@hmcts/one-per-page@npm:5.4.0"]}}
-{"value":"json5","children":{"ID":1096543,"Issue":"Prototype Pollution in JSON5 via Parse Method","URL":"https://github.com/advisories/GHSA-9c47-m6qq-7p4h","Severity":"high","Vulnerable Versions":"<1.0.2","Tree Versions":["0.5.1"],"Dependents":["loader-utils@npm:0.2.17"]}}
-{"value":"loader-utils","children":{"ID":1094088,"Issue":"Prototype pollution in webpack loader-utils","URL":"https://github.com/advisories/GHSA-76p3-8jx3-jpfq","Severity":"critical","Vulnerable Versions":"<1.4.1","Tree Versions":["0.2.17"],"Dependents":["nunjucks-loader@virtual:35cd81f2bd4c35fd0e178354e582cf45c94dc8d6e202818876c32ea21371d42559f43079205ad2d05287beabca4c6b493fb1da4677c941d2beb182e447ab2012#npm:3.0.0"]}}
-{"value":"npmlog","children":{"ID":"npmlog (deprecation)","Issue":"This package is no longer supported.","Severity":"moderate","Vulnerable Versions":"6.0.2","Tree Versions":["6.0.2"],"Dependents":["node-gyp@npm:9.3.1"]}}
-{"value":"nunjucks","children":{"ID":1091775,"Issue":"Nunjucks autoescape bypass leads to cross site scripting","URL":"https://github.com/advisories/GHSA-x77j-w7wf-fjmw","Severity":"moderate","Vulnerable Versions":"<3.2.4","Tree Versions":["3.2.3"],"Dependents":["@hmcts/one-per-page@npm:5.4.0"]}}
-{"value":"request","children":{"ID":1096727,"Issue":"Server-Side Request Forgery in Request","URL":"https://github.com/advisories/GHSA-p8p7-x288-28g6","Severity":"moderate","Vulnerable Versions":"<=2.88.2","Tree Versions":["2.88.2"],"Dependents":["@hmcts/div-idam-express-middleware@npm:6.6.2"]}}
-{"value":"request-promise-native","children":{"ID":"request-promise-native (deprecation)","Issue":"request-promise-native has been deprecated because it extends the now deprecated request package, see https://github.com/request/request/issues/3142","Severity":"moderate","Vulnerable Versions":"1.0.9","Tree Versions":["1.0.9"],"Dependents":["@hmcts/div-idam-express-middleware@npm:6.6.2"]}}
-{"value":"rimraf","children":{"ID":"rimraf (deprecation)","Issue":"Rimraf versions prior to v4 are no longer supported","Severity":"moderate","Vulnerable Versions":"3.0.2","Tree Versions":["3.0.2"],"Dependents":["node-gyp@npm:9.3.1"]}}
-{"value":"stable","children":{"ID":"stable (deprecation)","Issue":"Modern JS already guarantees Array#sort() is a stable sort, so this library is deprecated. See the compatibility table on MDN: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/sort#browser_compatibility","Severity":"moderate","Vulnerable Versions":"0.1.8","Tree Versions":["0.1.8"],"Dependents":["svgo@npm:2.7.0"]}}
-{"value":"superagent","children":{"ID":"superagent (deprecation)","Issue":"Please upgrade to v9.0.0+ as we have fixed a public vulnerability with formidable dependency. Note that v9.0.0+ requires Node.js v14.18.0+. See https://github.com/ladjs/superagent/pull/1800 for insight. This project is supported and maintained by the team at Forward Email @ https://forwardemail.net","Severity":"moderate","Vulnerable Versions":"3.8.3","Tree Versions":["3.8.3"],"Dependents":["@hmcts/uk-bank-holidays@npm:1.0.2"]}}
-{"value":"topo","children":{"ID":"topo (deprecation)","Issue":"This module has moved and is now available at @hapi/topo. Please update your dependencies as this version is no longer maintained an may contain bugs and security issues.","Severity":"moderate","Vulnerable Versions":"3.0.3","Tree Versions":["3.0.3"],"Dependents":["joi@npm:13.7.0"]}}
-{"value":"tough-cookie","children":{"ID":1097682,"Issue":"tough-cookie Prototype Pollution vulnerability","URL":"https://github.com/advisories/GHSA-72xf-g2v4-qvf3","Severity":"moderate","Vulnerable Versions":"<4.1.3","Tree Versions":["2.5.0"],"Dependents":["request@npm:2.88.2"]}}
-{"value":"uuid","children":{"ID":"uuid (deprecation)","Issue":"Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.","Severity":"moderate","Vulnerable Versions":"3.4.0","Tree Versions":["3.4.0"],"Dependents":["@hmcts/div-idam-express-middleware@npm:6.6.2"]}}
+Internal Error: fsevents@patch:fsevents@npm%3A2.3.2#~builtin<compat/fsevents>: This package doesn't seem to be present in your lockfile; run "yarn install" to update the lockfile
+    at z0.getCandidates (/Users/daniel.furnivall/Developer/.yarn/releases/yarn-3.8.3.cjs:436:5149)
+    at Df.getCandidates (/Users/daniel.furnivall/Developer/.yarn/releases/yarn-3.8.3.cjs:392:1264)
+    at /Users/daniel.furnivall/Developer/.yarn/releases/yarn-3.8.3.cjs:440:8033
+    at df (/Users/daniel.furnivall/Developer/.yarn/releases/yarn-3.8.3.cjs:391:11214)
+    at ue (/Users/daniel.furnivall/Developer/.yarn/releases/yarn-3.8.3.cjs:440:8013)
+    at async Promise.allSettled (index 0)
+    at async ro (/Users/daniel.furnivall/Developer/.yarn/releases/yarn-3.8.3.cjs:391:10542)