Update npm dependencies to fix vulnerabilities

[sumansaurabh]

User description

Snyk has created this PR to fix 5 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• client/package.json
• client/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	786
	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	696
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ADOBECSSTOOLS-6096077	589
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	589
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ADOBECSSTOOLS-5871286	464

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

---

Description

• This PR updates several npm dependencies to address security vulnerabilities.
• It specifically upgrades @testing-library/jest-dom and styled-components to their latest versions.
• The changes help mitigate vulnerabilities identified by Snyk.

---

Changes walkthrough 📝

Relevant files

Enhancement

package.json Update dependencies to fix vulnerabilities                              client/package.json Updated @testing-library/jest-dom from ^5.16.5 to ^6.1.6. Updated styled-components from ^5.3.6 to ^6.1.0. +2/-2      package-lock.json Sync package-lock with updated dependencies                            client/package-lock.json Updated dependency versions to reflect changes in package.json. +6874/-1720

[penify-dev]

PR Review 🔍

⏱️ Estimated effort to review [1-5]	2, because the changes are straightforward updates to dependency versions with no complex logic involved.
🧪 Relevant tests	Yes
⚡ Possible issues	No
🔒 Security concerns	No

[penify-dev]

PR Code Suggestions ✨

Category	Suggestion	Score
Best practice	Run tests after updating dependencies to ensure functionality It may be beneficial to run a full test suite after updating dependencies to ensure that everything functions correctly with the new versions. client/package.json [5] -"dependencies": { +"dependencies": { // Run tests after updating dependencies Suggestion importance[1-10]: 8 Why: Running tests after updating dependencies is a strong recommendation that can help catch issues early, making it a valuable suggestion for maintaining code quality.	8
	Use specific versions for critical dependencies to ensure stability Consider using a specific version instead of a caret (^) for critical dependencies to avoid unexpected updates in the future. client/package.json [6] -"@testing-library/jest-dom": "^6.1.6", +"@testing-library/jest-dom": "6.1.6", // Use specific version for stability Suggestion importance[1-10]: 6 Why: Using specific versions can enhance stability, but this suggestion is more about future-proofing rather than addressing an immediate issue in the code, thus it receives a moderate score.	6
Possible issue	Verify compatibility of the updated dependency with existing tests Consider verifying the compatibility of the new version of '@testing-library/jest-dom' with your existing tests to avoid potential breaking changes. client/package.json [6] -"@testing-library/jest-dom": "^6.1.6", +"@testing-library/jest-dom": "^6.1.6", // Ensure compatibility with existing tests Suggestion importance[1-10]: 7 Why: While it's important to verify compatibility with existing tests, the suggestion does not directly address a critical issue in the code itself, making it a good practice rather than a necessity.	7
	Check for breaking changes in the updated 'styled-components' version Ensure that the new version of 'styled-components' does not introduce breaking changes that could affect your styles or components. client/package.json [15] -"styled-components": "^6.1.0", +"styled-components": "^6.1.0", // Check for breaking changes Suggestion importance[1-10]: 7 Why: Similar to the first suggestion, checking for breaking changes is important but does not directly impact the current functionality, thus it is a good practice rather than a critical requirement.	7