[server] Fix vulnerability

[iQQBot]

Description

[server] Fix vulnerability

Related Issue(s)

Fixes CLC-1761

How to test

Documentation

Preview status

Gitpod was successfully deployed to your preview environment.

• 🏷️ Name - pd-clc-1761
• 🔗 URL - pd-clc-1761.preview.gitpod-dev.com/workspaces.
• 📚 Documentation - See our internal documentation for information on how to interact with your preview environment.
• 📦 Version - pd-CLC-1761-gha.33731
• 🗒️ Logs - GCP Logs Explorer

Build Options

Build

• /werft with-werft
  Run the build with werft instead of GHA
• leeway-no-cache
• /werft no-test
  Run Leeway with --dont-test

Publish

• /werft publish-to-npm
• /werft publish-to-jb-marketplace

Installer

• analytics=segment
• with-dedicated-emulation
• workspace-feature-flags
  Add desired feature flags to the end of the line above, space separated

Preview Environment / Integration Tests

• /werft with-local-preview
  If enabled this will build install/preview
• /werft with-preview
• /werft with-large-vm
• /werft with-gce-vm
  If enabled this will create the environment on GCE infra
• /werft preemptible
  Saves cost. Untick this only if you're really sure you need a non-preemtible machine.
• with-integration-tests=webapp
  Valid options are all, workspace, webapp, ide, jetbrains, vscode, ssh. If enabled, with-preview and with-large-vm will be enabled.
• with-monitoring

[Copilot]

Pull Request Overview

This PR addresses a security vulnerability by upgrading the sha.js dependency to version 2.4.12 through a package resolution override.

• Adds a resolutions field to package.json to force the use of sha.js version 2.4.12

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[kylos101]

Building a quick preview to test

[kylos101]

Started a workspace:

[iQQBot]

we upgrade from 2.4.11 cc @kylos101

[kylos101]

Thank you, @iQQBot !