[Snyk] Fix for 46 vulnerabilities

[Ramyromel]

Snyk has created this PR to fix 46 vulnerabilities in the pnpm dependencies of this project.

Snyk changed the following file(s):

• framework-boilerplates/hydrogen/package.json

⚠️ Warning

Failed to update the pnpm-lock.yaml, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELRUNTIME-10044504	****
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELRUNTIMECOREJS3-9397696	****
	Asymmetric Resource Consumption (Amplification) SNYK-JS-BODYPARSER-7926860	****
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	****
	Excessive Platform Resource Consumption within a Loop SNYK-JS-BRACES-6838727	****
	Uncontrolled Recursion SNYK-JS-ESLINT-15102420	****
	Uncontrolled Recursion SNYK-JS-FLATTED-15518041	****
	Prototype Pollution SNYK-JS-JSYAML-13961110	****
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	****
	Exposed Dangerous Method or Function SNYK-JS-PLAYWRIGHT-14888269	****
	Improper Verification of Cryptographic Signature SNYK-JS-PLAYWRIGHTCORE-13553173	****
	Improper Input Validation SNYK-JS-POSTCSS-5926692	****
	Allocation of Resources Without Limits or Throttling SNYK-JS-QS-14724253	****
	Allocation of Resources Without Limits or Throttling SNYK-JS-QS-15268416	****
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	****
	Missing Release of Memory after Effective Lifetime SNYK-JS-UNDICI-10176064	****
	Allocation of Resources Without Limits or Throttling SNYK-JS-UNDICI-14943963	****
	HTTP Request Smuggling SNYK-JS-UNDICI-15518061	****
	Improper Handling of Highly Compressed Data (Data Amplification) SNYK-JS-UNDICI-15518068	****
	Uncaught Exception SNYK-JS-UNDICI-15518070	****
	CRLF Injection SNYK-JS-UNDICI-15518072	****
	Insecure Randomness SNYK-JS-UNDICI-8641354	****
	Path Equivalence SNYK-JS-VITE-5664718	****
	Access Control Bypass SNYK-JS-VITE-6182924	****
	Improper Access Control SNYK-JS-VITE-6531286	****
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	****
	Regular Expression Denial of Service (ReDoS) SNYK-JS-YARN-12143051	****
	Access Control Bypass SNYK-JS-VITE-9576207	705
	Incorrect Authorization SNYK-JS-VITE-9512410	581
	Incorrect Authorization SNYK-JS-VITE-9653016	265
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	264
	Directory Traversal SNYK-JS-ROLLUP-15340920	233
	Origin Validation Error SNYK-JS-VITE-8648411	220
	Directory Traversal SNYK-JS-VITE-13644406	219
	Directory Traversal SNYK-JS-VITE-9919777	216
	Information Exposure SNYK-JS-VITE-9685035	215
	Cross-site Scripting (XSS) SNYK-JS-VITE-8022916	212
	Information Exposure SNYK-JS-VITE-8023174	179
	Directory Traversal SNYK-JS-LIQUIDJS-15443434	169
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-15309438	169
	Inefficient Algorithmic Complexity SNYK-JS-MINIMATCH-15353389	169
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AJV-15274295	155
	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	131
	Cross-site Scripting (XSS) SNYK-JS-ROLLUP-8073097	104
	Directory Traversal SNYK-JS-SIRV-12558119	86
	Relative Path Traversal SNYK-JS-VITE-12558116	85

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution
🦉 Directory Traversal
🦉 More lessons are available in Snyk Learn

[changeset-bot]

⚠️ No Changeset found

Latest commit: 397df5a

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR