[Snyk] Fix for 1 vulnerabilities

[qt-pixels]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: aws-xray-sdk

The new version differs by 125 commits.

• 0579d9c Prepares 3.5.0 release (#580)
• ef2ceb2 Updated semver to latest version (#577)
• 7e92f33 Updated type declaration of captureAWSv3Client to fix TS errors (#575)
• 3abe727 Add support for including sql query in sql subsegment for MySQL (#564)
• 0fe39de Updated actions/checkout, actions/setup-node, and codecov package versions to fix CI (#574)
• a476e2b Bump cacheable-request and tsd (#571)
• 87d9c63 remove html5shiv to support legacy IE versions (#572)
• 17f2195 Bump http-cache-semantics from 4.1.0 to 4.1.1 (#568)
• b490fed Bump trim-newlines from 3.0.0 to 3.0.1 (#566)
• 66d697b Update OTel SDK wording
• 866f824 Prepares 3.4.1 release (#560)
• 7d93ca7 Bump minimatch from 3.0.4 to 3.0.5 (#559)
• b265c9b Update mocha version (#558)
• 652c4af Bump json5 and tsconfig-paths (#557)
• ebaab2d Update nock. Add node 18 testing. (#556)
• b0aa443 Propagate additional trace data into AWS requests on Lambda (#549)
• 8a4f584 Merge pull request #553 from aws/dependabot/npm_and_yarn/qs-6.9.7
• a04ec0b Bump qs from 6.7.0 to 6.9.7
• 5ae406d Merge pull request #552 from aws/dependabot/npm_and_yarn/express-4.17.3
• a492724 Bump express from 4.17.1 to 4.17.3
• 131c6f1 Merge pull request #548 from aws/dependabot/npm_and_yarn/fastify-3.29.4
• 801b54b Modified context missing strategy default to log error (#550)
• d9dd499 Bump fastify from 3.29.1 to 3.29.4
• dd02e9e Adding oversampling mitigation example to core package ReadMe (#545)

See the full diff

Package name: jest

The new version differs by 250 commits.

• be16e47 v27.0.0
• 63102ec chore: update changelog for release
• 564694a docs(blog): Jest 27 blog post (#11131)
• b68d91b feat(pretty-print): add option `printBasicPrototype` (#11441)
• 2226742 chore: minor simplify format results error (#11432)
• 78eb25d chore: remove needless assign (#11433)
• 696c455 chore: update lockfile after publish
• e2eb9ae v27.0.0-next.11
• 3b253f8 Wait for closed resources to actually close before detecting open handles (#11429)
• 27bee72 fix: run GC before collecting open handles (#11278)
• 50451df feat: use fallback if prettier not found (#11400)
• 150dbd8 chore: update lockfile after publish
• 6f44529 v27.0.0-next.10
• cbcec7d Upgrade fsevents in jest-haste-map (#11428)
• 9633a26 feat: support reporters written in ESM (#11427)
• 59f42d8 fix: do not cache modules that throw during evaluation (#11263)
• 57e32e9 Detect open handles with done callbacks (#11382)
• a397607 Document and test dontThrow for custom inline snapshot matchers (#10995)
• 4fa3a0b feat: custom haste (#11107)
• 2047a36 chore: bump deps (#11419)
• a4358d6 chore: run prettier on changelog
• bdd6282 Move all default values into `jest-config` (#9924)
• db643a1 Link to Jest config (#11106)
• b16082c Fix locale issue #10014 (#11412)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)