[Snyk] Security upgrade archiver from 1.3.0 to 7.0.0

[cc-prodsec]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/pwa-kit-dev/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	631/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.2	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: archiver

The new version differs by 250 commits.

• 6ff0d12 bump version for release
• 3299298 Update CHANGELOG.md
• fad089b Lock file maintenance (Search query recognizes "&" #736)
• c7d3c0f Update dependency yauzl to v3 ([BUG] Support multivalue query parameters #733)
• 9480f25 Update dependency readable-stream to v4 (Wjh/node 16 #695)
• b787d86 Update dependency mocha to v10 (set up react-query and change stubs #692)
• 320f3cb Update dependency rimraf to v5 ([Feature] Integrate react-query with PWA-Kit SDK #693)
• c735d9c Update docusaurus monorepo to v2.4.3 (Example: using useServerContext together with useQuery hook #713)
• cbce84c Update dependency archiver-utils to v5 (Remove Console Logs #730)
• 38187ae Update dependency zip-stream to v6 (Make commerce-sdk-react Work Server-Side 💪🏻 #734)
• e104aac Update dependency buffer-crc32 to v1 (Basic Auth Implementation in Retail React App Take 2️⃣ #732)
• b9d5ea1 Update dependency tar-stream to v3.1.7 (Bump ua-parser-js in Runtime #731)
• f1a10e4 Drop support for node v12 (Handle query errors on SSR #735)
• 4dba2cf bump version for release
• 290e3fc Update CHANGELOG.md
• 66c5c8f Update CHANGELOG.md
• 2632b1b Update dependency zip-stream to v5.0.2 ([BUG] Templated web app manifest is missing name,short_name #727)
• b4291f6 Update release-drafter/release-drafter action to v6 (Fixes missing required fields in manifest.json #729)
• eb573c7 Update actions/setup-node action to v4 (Correlation Id Implementation #728)
• cf516ea Update actions/checkout action to v4.1.1 (Import latest round of translations (final version) for retail-react-app #725)
• fc89393 Update release-drafter/release-drafter action to v5.25.0 ([commerce-sdk-react] Add mutation hooks and refactor query hooks #726)
• add657d Update actions/setup-node action to v3.8.2 (Integrate Server-Side ReactQuery Support (Non-Breaking Change) #724)
• 8dba715 Update dependency tar to v6.2.0 (React Query default config and Query Key factory #707)
• 2d8e561 Update dependency chai to v4.4.1 ([FEATURE] MultiSite Context should include locale object instead of id #712)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[kevinxh]

won't fix.