[Snyk] Fix for 3 vulnerabilities

[Verdinjoshua26]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/scripts/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	631/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.2	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	Proof of Concept
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Infinite loop SNYK-JS-MARKDOWNIT-6483324	No	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: jest

The new version differs by 250 commits.

• be16e47 v27.0.0
• 63102ec chore: update changelog for release
• 564694a docs(blog): Jest 27 blog post (Blocks inside a InnerBlocks container with "insert" templateLock can be dragged outside of the container WordPress/gutenberg#11131)
• b68d91b feat(pretty-print): add option `printBasicPrototype` (Video embed: Video not aligning correctly. WordPress/gutenberg#11441)
• 2226742 chore: minor simplify format results error (Classic Editor Block WPLINK plugin is not working as expected WordPress/gutenberg#11432)
• 78eb25d chore: remove needless assign (Cannot make changes to image details with the pencil icon in the classic block unless the same edit is applied twice WordPress/gutenberg#11433)
• 696c455 chore: update lockfile after publish
• e2eb9ae v27.0.0-next.11
• 3b253f8 Wait for closed resources to actually close before detecting open handles (Parser: Pass-through PHP errors in tests WordPress/gutenberg#11429)
• 27bee72 fix: run GC before collecting open handles (Add complete post type labels for Resuable Blocks WordPress/gutenberg#11278)
• 50451df feat: use fallback if prettier not found (In Editor Inserter Menu, 'Paragraph' block is kept at the top of 'Most Used'. WordPress/gutenberg#11400)
• 150dbd8 chore: update lockfile after publish
• 6f44529 v27.0.0-next.10
• cbcec7d Upgrade fsevents in jest-haste-map (chore: Improve undo/redo no-op WordPress/gutenberg#11428)
• 9633a26 feat: support reporters written in ESM (Image & Audio: Auto switch to Embed for embeddable URLs WordPress/gutenberg#11427)
• 59f42d8 fix: do not cache modules that throw during evaluation (Fix: Cover image tooltips for alignment are duplicated WordPress/gutenberg#11263)
• 57e32e9 Detect open handles with done callbacks (Cover block: overlay covers the text when the block is aligned to the left/right/center WordPress/gutenberg#11382)
• a397607 Document and test dontThrow for custom inline snapshot matchers (Text overflow in More Blocks with translation. WordPress/gutenberg#10995)
• 4fa3a0b feat: custom haste (Bolding part of a heading has no visual indication WordPress/gutenberg#11107)
• 2047a36 chore: bump deps (Crashed website WordPress/gutenberg#11419)
• a4358d6 chore: run prettier on changelog
• bdd6282 Move all default values into `jest-config` (Testing: Add E2E test to verify demo errors WordPress/gutenberg#9924)
• db643a1 Link to Jest config (How to make custom taxonomy appear on Gutenberg-enabled post types? WordPress/gutenberg#11106)
• b16082c Fix locale issue Docs: Fix grammar.md manifest entry; (chore) update data docs WordPress/gutenberg#10014 (Post edit screen is nothing but white, completely blank WordPress/gutenberg#11412)

See the full diff

Package name: markdownlint

The new version differs by 250 commits.

• 49ef661 Update to version 0.32.0.
• b709a2f Update MD054/link-image-style to add url_inline parameter (fixes Fix issue with margin on blocks with no toolbars WordPress/gutenberg#753).
• 84333a5 Bump eslint-plugin-jsdoc from 46.8.2 to 46.9.0
• 06e3ac4 Bump eslint-plugin-n from 16.3.0 to 16.3.1
• 063310e Update MD054/link-image-style to split reference parameter into full/collapsed/shortcut parameters (fixes Fix whether moment.js is minified or not based on SCRIPT_DEBUG WordPress/gutenberg#918).
• 4390715 Update test repos script to transform "header"-based rule names to "heading"-based now that the former aliases have been removed.
• a9a7794 Remove rule aliases for "header" (deprecated in v0.9.0).
• 20a552b Remove MD002 (deprecated in v0.13.0) and MD006 (deprecated in v0.19.0).
• 80539b7 Bump @ babel/core from 7.23.2 to 7.23.3
• 0cf0146 Bump globby from 13.2.2 to 14.0.0
• 08498d2 Bump @ babel/preset-env from 7.23.2 to 7.23.3
• d4bfb63 Generate TypeScript declaration for Configuration object from JSON schema (refs Inserter popover gets cutoff WordPress/gutenberg#1004, refs Disable drag on images to enable multi-select WordPress/gutenberg#1014).
• b3f0e52 Remove support for end-of-life Node 16.
• d29aa37 Remove deprecated ESLint rule n/no-hide-core-modules.
• 3db8b25 Remove deprecated ESLint rules after version update, sort rules by name.
• ada9f68 Bump eslint-plugin-n from 16.2.0 to 16.3.0
• 3b1dfe4 Remove deprecated ESLint rules after version update.
• 760055e Bump eslint from 8.52.0 to 8.53.0
• 18497ff Add rule information links to JSON schema for configuration files and corresponding examples (link is clickable in VS Code tooltips).
• 1a376f6 Tweak rule parameters to avoid confusing the TypeScript type system.
• 7dc50c1 Bump @ hyperjump/json-schema from 1.6.4 to 1.6.5
• 6649a12 Bump yaml from 2.3.3 to 2.3.4
• 5fd9688 Add "LLMs" to dictionary.txt.
• efcf321 Update CONTRIBUTING.md to explicitly disallow ChatGPT and other LLMs.

See the full diff

Package name: markdownlint-cli

The new version differs by 250 commits.

• 1d2f248 Bump version 0.38.0
• 8f3daa1 Bump ava from 6.0.0 to 6.0.1
• aaa4119 Bump ava from 5.3.1 to 6.0.0
• 770817b Remove support for end-of-life Node.js version 16.
• 3e6f0dc Update tests to account for deprecation of MD002, MD006, and "header" aliases, fix new prettier issues.
• 75b959d Bump markdownlint from 0.31.1 to 0.32.1
• 8ca31c4 Bump ignore from 5.2.4 to 5.3.0
• d38e228 Bump actions/setup-node from 3 to 4
• f919a81 Bump commander from 11.0.0 to 11.1.0
• febea62 Bump glob from 10.3.7 to 10.3.10
• 8354710 Bump glob from 10.3.4 to 10.3.7
• 3f18b94 Bump version 0.37.0
• 6b233de Bump docker/setup-buildx-action from 2 to 3
• 1040117 Bump docker/login-action from 2 to 3
• e7eff9e Bump docker/metadata-action from 4 to 5
• 0a0c9b8 Bump docker/build-push-action from 4 to 5
• 0d6718c Bump docker/setup-qemu-action from 2 to 3
• 26ac539 Bump markdownlint from 0.31.0 to 0.31.1
• f6aa692 Bump markdownlint from 0.30.0 to 0.31.0
• 8b08b15 Bump actions/checkout from 3 to 4
• 1d1e5ea Bump version 0.36.0
• 58ab41c Bump glob from 10.3.3 to 10.3.4
• 24627da Bump execa from 7.2.0 to 8.0.1
• 5b45a20 Bump markdownlint from 0.29.0 to 0.30.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution